Vincent Bernat [Thu, 10 Jul 2014 20:55:58 +0000 (22:55 +0200)]
lldpcli: change how privileged commands are declared
Even when not privileged, we declare privileged commands but tag them
accordingly. We need to be careful when executing the commands to check
the new bit.
This is a preliminary change to allow a completion command to complete
privileged commands even when not privileged.
Sam Tannous [Tue, 8 Jul 2014 19:15:50 +0000 (15:15 -0400)]
lldpcli: add display filter to show nbrs running specific protocols
LLDPD allows a peer to run multiple protocols (LLDP, CDPv1, CDPv2).
lldpcli can be used to show the primary protocol for a nbr or all
the protocols using the "hidden" cmdline arg
This allows lldpcli to filter the nbr display based on the
protocol that is running on it.
Signed-off-by: Kanna Rajagopal <kanna@cumulusnetworks.com> Signed-off-by: Sam Tannous <stannous@cumulusnetworks.com>
Sam Tannous [Tue, 8 Jul 2014 19:15:49 +0000 (15:15 -0400)]
Add call to process more messages from data already read.
Currently, the calls within lldpctl are assumed to be all associated with
synchronous sockets. With async sockets, the data read can be varied and so
its useful to process as much of the data as possible. However, lldpctl_recv
only processes one message and there isn't a call to be made to process
data that's sitting in a control connection's buffer. This patch adds such a
call for external users to call. It simply calls check_for_notification and
returns whatever check_for_notification returns with 0 signalling more
processing is possible and non-zero indicating buffer is fully processed
(though there may still be data).
Signed-off-by: Dinesh G Dutt <ddutt@cumulusnetworks.com> Signed-off-by: Sam Tannous <stannous@cumulusnetworks.com>
Sam Tannous [Tue, 8 Jul 2014 19:15:46 +0000 (15:15 -0400)]
Add ignore handler for SIGHUP in lldpcli
lldpcli which is execed by lldpd is expected to resume lldpd operations.
But in some cases, lldpcli can exiting because of SIGHUP. This fixes
these cases.
Vincent Bernat [Tue, 8 Jul 2014 20:15:12 +0000 (22:15 +0200)]
snmp: use poll() to wait for AgentX socket to be ready
Instead of sleeping for an arbitrary amount of time, query if the socket
is ready using poll() which should be portable enough (POSIX.1-2001) to
work everywhere.
Vincent Bernat [Tue, 8 Jul 2014 19:41:48 +0000 (21:41 +0200)]
log: info messages should be logged on syslog but not on first debug level
Without `-d`, syslog should log info messages. With `-d`, they should
not be displayed. With `-dd`, they should be displayed. This is an
amendment of the previous patch.
Sam Tannous [Tue, 8 Jul 2014 19:15:39 +0000 (15:15 -0400)]
lldpd: fix log_info
Currently none of the log_info msgs are getting
printed into syslog. vlog already does the right checks.
Remove the checks in log_info which is making all default log_info
prints no-ops
Also change severity of "interface reset timer" msg
Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com> Signed-off-by: Sam Tannous <stannous@cumulusnetworks.com>
Patrick McLean [Tue, 8 Jul 2014 18:40:15 +0000 (11:40 -0700)]
lldpd: whitelist sendto, poll, recvmsg and readv in seccomp sandbox
With privilege separation and seccomp enabled, the monitor thread was
dying due to seccomp errors, while leaving the child alive. This whitelists
some extra syscalls to allow the monitor process to stay alive.
udbxtd2008 [Sun, 15 Jun 2014 07:05:06 +0000 (15:05 +0800)]
frame: fix CDP checksum
The checksum of CDP frame is calculated off-by-one error when the length
of frame is odd, and the highest bit of the last octet is 1, which is as
a known question mentioned in wireshark.
Sam Tannous [Wed, 21 May 2014 14:11:24 +0000 (10:11 -0400)]
Support for modifying PortID TLV
This patch adds the ability to change the behavior of what
lldpd sends in the PortID TLV.
By default, lldpd sets the MAC address in the PortID and the ifname
in the PortDescr field. This patch allows the user to
configure lldpd via the CLI (lldpcli or /etc/lldpd.conf)
to send either the interface name
(ifname) or the MAC address in the PortID TLV.
Signed-off-by: Sam Tannous <stannous@cumulusnetworks.com>
Vincent Bernat [Thu, 15 May 2014 23:08:27 +0000 (01:08 +0200)]
bsd: fix clang warning about alignment problem with sockaddr
While this does not seem to be extensively documented, when casting a
`sockaddr *` to something else, like `sockaddr_dl *`, it is believed
that initially, it was a `sockaddr_dl *`, so there is no alignment
problem in this case. We use a macro to cast to `void *` to avoid the
warning.
Vincent Bernat [Sat, 10 May 2014 15:32:10 +0000 (17:32 +0200)]
interfaces: default to use of a local administered MAC address for bonds
Since in the default configuration, some swicthes (Cisco on IOS 15.x)
will complain about MAC addresses flapping when using `configure system
bond-slave-src-mac-type fixed`, and some other switches (still Cisco)
will complain when using `configure system bond-slave-src-mac-type
fixed`, we change the default to `local`. This is not the safest option
but the probability of having a collision is quite low.
Usually, locally administered addresses are used for VM but they are
taken from a known prefix and we are unlikely to have a collision with
this prefix. On VM, we will fallback to a fixed address but hopefully,
the switch will be a virtual one which won't have a problem with the
fixed address.
Vincent Bernat [Sat, 10 May 2014 07:13:02 +0000 (09:13 +0200)]
man: more documentation for bond-slave-src-mac-type
We document the MAC address used (to be able to find it through Google
or `git grep`). We also explain why the default is `fixed` and when it
should be changed to `local`.
Vincent Bernat [Wed, 7 May 2014 09:54:16 +0000 (11:54 +0200)]
lldpcli: return success when reading commands from files
When reading commands from files, we chose to not stop on errors (the
main reason is to allow to specify nonexistent configuration files and
allow lldpd to still work after incompatible updates). However, we also
always return a failure status. Fix that.
Thanks to Brian Bidulock for spotting that. Closes #62.