lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1415210788-8058-1-git-send-email-therbert@google.com>
Date:	Wed,  5 Nov 2014 10:06:23 -0800
From:	Tom Herbert <therbert@...gle.com>
To:	stephen@...workplumber.org, davem@...emloft.net,
	netdev@...r.kernel.org
Subject: [PATCH v2 iproute2 0/5] iproute2: Add FOU and GUE configuration in ip

This patch set adds support in iproute2 to configure FOU and GUE ports
for receive, and using FOU or GUE with ip tunnels (IPIP, GRE, sit) on
transmit.

A new ip subcommand "fou" has been added to configure FOU/GUE ports.
For example:

  ip fou add port 5555 gue 
  ip fou add port 9999 ipproto 4

The first command creates a GUE port, the second creates a direct FOU
port for IPIP (receive payload is a assumed to be an IP packet).

fou.8 and gue.8 man pages were added to describe this command.

To configure an IP tunnel to use FOU or GUE encap parameters have
been added. For example:

  ip link add name tun1 type ipip remote 192.168.1.1 local 192.168.1.2 \
     ttl 225 encap gue encap-sport auto encap-dport 7777 encap-csum
  ip link add name tun2 type gre remote 192.168.1.1 local 192.168.1.2 \
     ttl 225 encap fou encap-sport auto encap-dport 8888 encap-csum

The first command configures an IPIP tunnel to use GUE on transmit. The
peer might be configured to receive GUE packets with the
"ip fou add port 7777 gue" command.

The second configures a GRE tunnel to use FOU encapsulation. The
peer might be configured to receive these packets with the
"ip fou add port 8888 ipproto 47" command.

v2:
  - Add man pages fou.8 and gue.8
  - Add ntohs for print ports in configuration
  - Add support for remote checksum offload

Tom Herbert (5):
  ip fou: Support to configure foo-over-udp RX
  ip link ipip: Add support to configure FOU and GUE
  ip link gre: Add support to configure FOU and GUE
  ip link: Add support for remote checksum offload
  iproute2: Man pages for fou and gue

 include/linux/fou.h       |  41 ++++++++++++
 include/linux/if_tunnel.h |   1 +
 ip/Makefile               |   2 +-
 ip/ip.c                   |   3 +-
 ip/ip_common.h            |   1 +
 ip/ipfou.c                | 159 ++++++++++++++++++++++++++++++++++++++++++++++
 ip/link_gre.c             |  98 ++++++++++++++++++++++++++++
 ip/link_iptnl.c           |  98 ++++++++++++++++++++++++++++
 man/man8/ip-fou.8         |  76 ++++++++++++++++++++++
 man/man8/ip-gue.8         |   1 +
 10 files changed, 478 insertions(+), 2 deletions(-)
 create mode 100644 include/linux/fou.h
 create mode 100644 ip/ipfou.c
 create mode 100644 man/man8/ip-fou.8
 create mode 100644 man/man8/ip-gue.8

-- 
2.1.0.rc2.206.gedb03e5

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ