With netd allowing overlapping rules for uid range rules the interface
name is needed to make sure only the correct rule is removed.
Bug: 12134439
Change-Id: I94f77f154f49ca8d5f6cf49683a4473cc92c3eb7
Only one entry is allowed to be added to route table 60 for all
interface ipv6 link local addresses, so skip ipv6 link local
addresses on all interfaces when enabling NAT
Change-Id: Ibbe6c2bdae83586cdd38287089715f3433bbb91f
Signed-off-by: jiaguo <jiaguo@marvell.com>
This is necessary so that the framework can know whether an IPv6
address is likely to be usable (i.e., if it's global scope and
preferred). Also, it will simplify the address notification
methods in INetworkManagementEventObserver, which currently take
the address, the flags, and the scope as separate arguments.
1. Add flags and scope to the class and update the unit test.
Use the IFA_F_* and RT_SCOPE_* constants defined by libcore.
Since most callers don't know about flags and scope, provide
constructors that default the flags to zero and determine the
scope from the address. Addresses notified by the kernel will
have these properly set. Make multicast addresses invalid.
Update the class documentation.
2. Provide an isSameAddressAs() method that compares only the
address and prefix information between two LinkAddress
objects. This is necessary because an interface can't have
two addresses with the same address/prefix but different
flags.
3. Update LinkProperties's addLinkAddress and removeLinkAddress
to identify existing addresses to add/remove using
isSameAddressAs instead of implicit equals(). Specifically:
- If addLinkAddress is called with an address that is already
present, the existing address's flags and scope are updated.
This allows, for example, an address on an interface to go
from preferred to deprecated when it expires, without it
having to be removed and re-added.
- If removeLinkAddress is called with an address that is
present but with different flags, it deletes that address
instead of failing to find a match.
4. Update the INetworkManagementEventObserver address
notification methods to take just a LinkAddress instead of
LinkAddress, flags, and scope. While I'm at it, change the
order of the arguments for consistency with the other
functions in the interface.
Change-Id: Id8fe0f09a7e8f6bee1ea3b52102178b689a9336e
Currently address{Updated,Removed} pass in the address as a
string such as "fe80::1/64". Use LinkAddresses instead, since
that's what it is.
This makes the code more robust in the unlikely case that netd
passes in an invalid string. In the future we can move flags and
scope into the LinkAddress itself and simplify the code further.
Bug: 9180552
Change-Id: I66599f9529cf421caa7676fdd0141bb110b8589e
These are sent if the device receives IPv6 Router Advertisements
with DNS server configuration options. Currently, nothing listens
to them; in a future change we will use them as IPv6 DNS servers.
[Cherry-pick of 416740ad4d]
Bug: 9180552
Change-Id: I05000c0cd3867a68ab390102e8470b6912a9d3aa
netd now tracks statistics for tethered interfaces across tethering
sessions, so switch to asking for all tethering stats. (Currently
we're double-counting all tethering data, ever since it started
tracking across sessions.)
Also catch OOME to handle corrupt stats files, which we then dump to
DropBox and then start over.
Bug: 5868832, 9796109
Change-Id: I2eb2a1bf01b993dd198597d770fe0e022466c6b9
Able to config network specific MTU size. Normally, the default size of MTU is 1500.
US - ATT 1410, TMUS 1440, SPRINT 1422
KR - SKT 1440, KT 1450, LGU+ 1428
JP - KDDI 1420, SoftBank 1340
CA - RGS 1430, FIDO 1430, MTS 1430, BELL 1358, SaskTel 1358
AU - TEL 1400
Bug: 10195070
Change-Id: Ie18650b37a3d44af944f2dae4aa97c04fb12cd5e
For now, this only tests network observers. It works by starting
NetworkManagementService with a fake netd socket, feeding it
inputs, and seeing if the appropriate observer methods are
called.
Bug: 10232006
Change-Id: I827681575642a4ee13ae48b81272521544b676bd
1. Add addressUpdated and addressRemoved methods to
INetworkManagementEventObserver. (The -Updated method is not
called -Added because it gets called for both adds and
changes.) Update all its callers in the tree.
2. Make NetworkManagementService parse IP address notifications
from NetlinkHandler and call the address{Removed,Updated} on
its observers.
Bug: 10232006
Change-Id: Ieb185dbba052bdbff03caafc0cf5397a7f04dc6d
Re-arranged code to be more flexible, now track
state of services, dump ordered list of running
processes while memory was critical and low.
Also rename battery stats service from "batteryinfo" to "batterystats".
Change-Id: I0f4f0c8d443c49d255cb84d0fc917e8ec18b152e
Add methods to NetworkManagementService for per uid routing and DNS and
for setting up fwmark tables for interfaces.
Change-Id: Icf2c4a46f7f422660031ef73b537745922286246
When building commands to send across NativeDaemonConnector, scrub
sensitive arguments to prevent them from being logged.
Bug: 8609800
Change-Id: I84b16791749264a010f7e59f9918f68d71bac6b9
Network stats are now read out of the kernel in one sweep, instead of
reading per-UID. We now accumulate the delta traffic between each
stats snapshot using the well-tested SamplingCounter pattern.
Since Wi-Fi and mobile traffic have different costs, track each
separately. Avoids counting misc interfaces like loopback and
ethernet under total.
Bug: 5543387
Change-Id: I642004dc530113c27ef79f2abbae51d8af30117f
Allows the external BT stack the means to communicate with
ConnectivityService during reverse tethering.
bug:8445208
Change-Id: Ice7dfb0b50c9481d359aed14a51372878185171c
Currently, NetworkManagementService only catches RemoteExceptions
when calling the BaseNetworkObserver notification methods (e.g.,
interfaceStatusChanged). However, if the observer is in the same
process, unchecked exceptions can occur as well.
When this happens, finishBroadcast does not get called, and no
further notifications can be sent, because any attempt to do so
fails with a "beginBroadcast() called while already in a
broadcast" exception.
Fix this by catching RuntimeException as well.
Bug: 8397534
Bug: 8276725
Change-Id: Icd6f32128707244978943c48a9ea3a2b952a2957
For now, we only support running one clat at a time. This is
enforced by the netd ClatdController code.
Bug: 8276725
Change-Id: I8a50305f9182f4da0f80716081211625a0202583
When invoking NativeDaemonCommands, require that base command and
arguments are separate. Clean up reverse tethering commands, and
remove deprecated throttle events.
Change-Id: I302a74130b4f7c3f3045815a56d566e89c8969f6
Switch to parsing detailed network stats with native code, which
is 71% faster than ProcFileReader.
Change-Id: I2525aaee74d227ce187ba3a74dd08a2b06514deb
Set dns servers for secondary nets and attach the
processes (pids) that are using the secondary nets
to the secondary nets associated dns cache.
bug:5465296
Change-Id: I1eaf92d5c6b81d287e9fb2763b3d972d9de34395
Set dns servers for secondary nets and attach the
processes (pids) that are using the secondary nets
to the secondary nets associated dns cache.
Change-Id: Id865c2c3fdc0ec1c3e30c134e9ea4109f4f2fbeb
bug:5465296
Adds support for always-on VPN profiles, also called "lockdown." When
enabled, LockdownVpnTracker manages the netd firewall to prevent
unencrypted traffic from leaving the device. It creates narrow rules
to only allow traffic to the selected VPN server. When an egress
network becomes available, LockdownVpnTracker will try bringing up
the VPN connection, and will reconnect if disconnected.
ConnectivityService augments any NetworkInfo based on the lockdown
VPN status to help apps wait until the VPN is connected.
This feature requires that VPN profiles use an IP address for both
VPN server and DNS. It also blocks non-default APN access when
enabled. Waits for USER_PRESENT after boot to check KeyStore status.
Bug: 5756357
Change-Id: If615f206b1634000d78a8350a17e88bfcac8e0d0
The activity notification is received from netd, an intent
DATA_ACTIVITY_CHANGE is then raised for other part of the system to
consume.
Change-Id: Idfcc4763c51c5b314c57f546c12557082f06bebf
Logging exec time on startUsingNetworkFeature as we've had some reports suggesting it's
causing ANRs.
Remove some logging from NDC so it's local log is more useful.
bug:6492166
Change-Id: I258ff6c59bff2c65935242d50496d84720c5d493
When netd drops its socket connection to framework, assume that it
has restarted, and push any existing rules to keep netd and iptables
consistent.
Bug: 6376246
Change-Id: Id93138938321bcf885eb0e4fecaff8b150cfdfcf
