In bridge messages (family = AF_BRIDGE), the commands are the same, but the
contents are different, and this can confuse netifd into thinking that devices
are down, while they are actually up.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add RTM_DELLINK handling to properly track device lifecycle. When a
device is deleted, update its state with flags=0 to mark it as not
present. This improves synchronization compared to only relying on
the hotplug handler.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When a veth device already exists in the kernel (from a previous failed
cleanup or external creation), attempting to create it again with
NLM_F_EXCL fails with -EEXIST. This leaves the device in a broken state
where netifd marks it as present but cannot bring it up.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Allow procd data with the same object name as an existing config section to
override the data from the config section.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Wireless configuration is a lot easier to deal with in a high level language
like ucode. Replace lots of C code with vastly simpler scripts.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Maintainer: @nbd, @robimarko
I was missing the ip rules for `sport` and `dport` in netifd and although I have a working C knowledge, I have little netlink knowledge and it is the first time I looked into netifd but after some research I could come up with a working patch to implement `option sport` and `option dport`.
I hope you can have a look and implement these useful options.
Run tested: Dynalink DL-WRX36 (ipq8074) running Main Snapshot r29276-963d320086 20-apr-2025
Example 1 sport:
```
config rule
option src '192.168.9.23/32'
option sport '1194'
option lookup 'main'
```
Result:
```
root@DL-WRX36:~# ip ru
0: from all lookup local
1: from 192.168.9.23 sport 1194 lookup main
```
Example 2 sport range:
```
config rule
option src '192.168.9.23/32'
option sport '1194-1195'
option lookup 'main'
```
Result:
```
root@DL-WRX36:~# ip ru
0: from all lookup local
1: from 192.168.9.23 sport 1194-1195 lookup main
```
Example 3 dport:
```
config rule
option src '192.168.9.23/32'
option dport '1294'
option lookup 'main'
```
Result:
```
root@DL-WRX36:~# ip ru
0: from all lookup local
1: from 192.168.9.23 dport 1294 lookup main
```
Example 4 dport range:
```
config rule
option src '192.168.9.23/32'
option dport '1294-1295'
option lookup 'main'
```
Result:
```
root@DL-WRX36:~# ip ru
0: from all lookup local
1: from 192.168.9.23 dport 1294-1295 lookup main
```
Example 5 sport dport:
```
config rule
option src '192.168.9.23/32'
option sport '1194-1195'
option dport '1294-1295'
option lookup 'main'
```
Result:
```
root@DL-WRX36:~# ip ru
0: from all lookup local
1: from 192.168.9.23 sport 1194-1195 dport 1294-1295 lookup main
```
Signed-off-by: Erik Conijn <egc112@msn.com>
Link: https://github.com/openwrt/netifd/pull/47
Signed-off-by: Robert Marko <robimarko@gmail.com>
If a device is added to a bond or bridge, the disable_ipv6 sysctl is
set, so that no link local addresses are present on the slave devices.
However, the disable_ipv6 sysctl is not restored after removing the
device from the bridge or bond. Therefore, no IPv6 link local addresses
are added and autoconfiguration does not work.
Set the disable_ipv6 to '0' on device removal from bridge or bond.
Signed-off-by: Fabian Bläse <fabian@blaese.de>
Link: https://github.com/openwrt/netifd/pull/40
Signed-off-by: Robert Marko <robimarko@gmail.com>
Right now system-linux writes to the wrong file (not existing)
to configure the "all_ports_active" flag for bonding devices.
Write to the correct "bonding/all_slaves_active" path.
Signed-off-by: Nicolò Veronese <nicveronese@gmail.com>
Link: https://github.com/openwrt/netifd/pull/49
Signed-off-by: Robert Marko <robimarko@gmail.com>
The confuguration of the primary port was read
but never used to properly configure the right port.
This patch fix this, and another small fix suggested
by nbd to properly handle the "reload" of the
primary interface when is changed.
Co-developed-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Nicolò Veronese <nicveronese@gmail.com>
Link: https://github.com/openwrt/netifd/pull/49
Signed-off-by: Robert Marko <robimarko@gmail.com>
Config example:
...
config device
option type 'vrf'
option name 'dcn'
option table '20'
option mtu '1500'
option ipv6 '0'
list ports 'l2tp-wanvpn'
list ports 'lan3'
config interface 'dcn'
option proto 'none'
option device 'dcn'
...
Note: using "ports" in config simplifies luci integration
Tested-by: Paul Donald <newtwen+github@gmail.com>
Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
Link: https://github.com/openwrt/netifd/pull/38
Signed-off-by: Robert Marko <robimarko@gmail.com>
FRA_IP_PROTO expects an 8 bit value.
Follow-up fix for d29cf70747.
uint8 prevents the kernel log message:
netlink: 'netifd': attribute type 22 has an invalid length.
The message is otherwise harmless; ip rules using ipproto are created
successfully.
Tested on 24.10-snapshot
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/netifd/pull/42
Signed-off-by: Robert Marko <robimarko@gmail.com>
The SIOCGIFFLAGS ioctl truncates returned flags to u16, and the IFF_LOWER_UP
flag exceeds that size. Because of that, the carrier status needs to be pulled
from the netlink message.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
```
config rule
option ...
option ipproto '17'
```
This allows handling rules which anchor to protocol number like:
`ip ru add from all ipproto udp table udp_table prior 10`
Handle ipproto as an unsigned integer.
https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
Example:
config rule
option in 'lan'
option src '10.48.0.0/16'
option out 'lan'
option dest '192.168.1.144/32'
option lookup 'main'
option ipproto '17'
Results in
~# ip rule
0: from all lookup local
1: from 10.48.0.0/16 to 192.168.1.144 iif br-lan oif br-lan ipproto udp lookup main
Tested on 23.05.5 x86_64
Signed-off-by: Paul Donald <newtwen+github@gmail.com>
rtnl event processing might be delayed due to other calls / state changes.
That can lead to devices toggled up/down unnecessarily.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This allows annotating interfaces/devices in the config in a way that can be
queried through status. One example use case is to mark wifi interfaces for
use with specific services without having to explicitly reference sections
from elsewhere.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This fixes an issue where wireless vifs were not added back after the bridge
was recreated due to config changes (e.g. after switching to vlan filtering).
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Adding the same device to an interface again led to a call chain that ended
up removing the device again through device callbacks.
Fix this by only toggling the interface available status when the device is
still the same.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This reverts commit 68c8a4f94c.
Matching on flags IFF_UP AND NOT IFF_LOWER_UP and then reapply ethtool
settings freaks out some PHY drivers. While a better method is being
worked on, revert the problematic solution.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Use the normal set_state function, but leave out the system_if_up/down part.
Fixes a race condition that prevented properly applying device settings
Signed-off-by: Felix Fietkau <nbd@nbd.name>
