| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Test: m
Bug: 235778483
Change-Id: I8aa4a23bbf7ee81c0d2d11eb1854c91b2c39e9fb
(cherry picked from commit 67a19cf8590077d5dcd3713b3dc656abfa11d80f)
Merged-In: I8aa4a23bbf7ee81c0d2d11eb1854c91b2c39e9fb
|
| |
|
|
|
|
|
|
| |
Test: TreeHugger, builds
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7ce0b2ec6c67f0f9b231736c37be151dad61a2a5
(cherry picked from commit f217576ca74ec05c93dd91d479843320ebc3eaef)
Merged-In: I7ce0b2ec6c67f0f9b231736c37be151dad61a2a5
|
| |
|
|
|
|
|
|
|
|
| |
these are now obsoleted by the CLATMARK based ebpf + ip6tables logic
(generated via removing clat_raw_PREROUTING and everything that referenced it)
Test: builds, TreeHugger, flashed an oriole, observed ping 8.8.8.8 behaviour on GoogleGuest v6-only network
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I1bccfed0dfa6bd7f211979294da29884142481dc
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As Maze@'s advice, we add a clat mark to clat packet in ingress bpf
and drop the duplicate packets in iptables via mark match.
Bug: 218407445
Test: atest BandwidthControllerTest
Test: manual test with unmerged aosp/1951099
0. Connect to IPv6-only wifi
1. Clatd test: ping 5 times and check that iptables drop 5 packets by
mark 0xdeadc1a7.
$ adb shell ping 8.8.8.8
..
64 bytes from 8.8.8.8: icmp_seq=4 ttl=120 time=14.3 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=120 time=67.4 ms
$ adb shell ip6tables -t raw -L bw_raw_PREROUTING -v
Chain bw_raw_PREROUTING (1 references)
pkts bytes target prot opt in out source destination
5 520 DROP all any any anywhere anywhere mark match 0xdeadc1a7
0 0 RETURN all ipsec+ any anywhere anywhere
0 0 RETURN all any any anywhere anywhere policy match dir in pol ipsec
1661 1239K all any any anywhere anywhere match bpf pinned /sys/fs/bpf/prog_netd_skfilter_ingress_xtbpf
2. Bpf test: run iperf to an IPv4 server and iptables doesn't see
offloaded packet with mark 0xdeadc1a7. Drop packet count (5) is
unchanged.
$ adb shell iperf3 -4 -c 117.102.109.186 -t1
Connecting to host 117.102.109.186, port 5201
[ 5] local 192.0.0.4 port 56242 connected to 117.102.109.186 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 622 KBytes 5.09 Mbits/sec 0 44.0 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-1.00 sec 622 KBytes 5.09 Mbits/sec 0 sender
[ 5] 0.00-1.00 sec 201 KBytes 1.64 Mbits/sec receiver
$ adb shell ip6tables -t raw -L bw_raw_PREROUTING -v
Chain bw_raw_PREROUTING (1 references)
pkts bytes target prot opt in out source destination
5 520 DROP all any any anywhere anywhere mark match 0xdeadc1a7
0 0 RETURN all ipsec+ any anywhere anywhere
0 0 RETURN all any any anywhere anywhere policy match dir in pol ipsec
1804 1280K all any any anywhere anywhere match bpf pinned /sys/fs/bpf/prog_netd_skfilter_ingress_xtbpf
3. Enable USB tethering. Do ping and iperf on tethered client.
4. Clatd test: ping 5 times and check that iptables drop 5 packets
(count from 5 to 10) by mark 0xdeadc1a7.
$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
..
64 bytes from 8.8.8.8: icmp_seq=4 ttl=119 time=13.7 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=119 time=15.9 ms
$ adb shell ip6tables -t raw -L bw_raw_PREROUTING -v
Chain bw_raw_PREROUTING (1 references)
pkts bytes target prot opt in out source destination
10 1040 DROP all any any anywhere anywhere mark match 0xdeadc1a7
0 0 RETURN all ipsec+ any anywhere anywhere
0 0 RETURN all any any anywhere anywhere policy match dir in pol ipsec
1900 1298K all any any anywhere anywhere match bpf pinned /sys/fs/bpf/prog_netd_skfilter_ingress_xtbpf
5. Bpf test: run iperf to an IPv4 server and iptables doesn't see
offloaded packet with mark 0xdeadc1a7. Drop packet count (10) is
unchanged.
$ iperf3 -4 -c 117.102.109.186 -t1
Connecting to host 117.102.109.186, port 5201
[ 5] local 192.168.235.233 port 41602 connected to 117.102.109.186 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 3.19 MBytes 26.8 Mbits/sec 0 369 KBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-1.00 sec 3.19 MBytes 26.8 Mbits/sec 0 sender
[ 5] 0.00-1.00 sec 2.58 MBytes 21.7 Mbits/sec receiver
$ adb shell ip6tables -t raw -L bw_raw_PREROUTING -v
Chain bw_raw_PREROUTING (1 references)
pkts bytes target prot opt in out source destination
10 1040 DROP all any any anywhere anywhere mark match 0xdeadc1a7
0 0 RETURN all ipsec+ any anywhere anywhere
0 0 RETURN all any any anywhere anywhere policy match dir in pol ipsec
1978 1320K all any any anywhere anywhere match bpf pinned /sys/fs/bpf/prog_netd_skfilter_ingress_xtbpf
Change-Id: I3bc6f542f6af692f79d464d085d971d2f2e60877
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Needed because the raw socket has not been created by clat daemon
anymore since the following commit:
external/android-clat
https://cs.android.com/android/_/android/platform/external/android-clat/+/6006d17eab888bcd2c91d975e005c862477b4787
Currently, the raw socket fd is passed to the clat daemon via cli.
The socket owner uid is not AID_CLAT anymore. Depends on who is the
clat daemon launcher, the socket owner uid is AID_ROOT (netd) for now
and going to be AID_SYSTEM (mainline module).
This ip6tables rule doesn't work after previous commit and the duplicate
clat daemon egress data usage accounting needs to be fixed in follow-up
commits.
Bug: 218407445
Test: atest netd_unit_test
Change-Id: Icded401b35ecb4c184f15251ed924127bc9920ab
|
| |
|
|
|
| |
Test: builds
Change-Id: I21413d9b40a8f0545e93d499a39def2caecb512e
|
| |
|
|
| |
Change-Id: Ia7ce4ca3783996eff885c09d0d2a8e155bb140f0
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
//system/netd/server:libnetd_server clang-tidy BandwidthController.cpp
system/netd/server/BandwidthController.cpp:774:13: warning: use !absl::StartsWith instead of find() != 0 [abseil-string-find-startswith]
if (rule.find(NEW_CHAIN_COMMAND) != 0) continue;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
!absl::StartsWith(rule, NEW_CHAIN_COMMAND)
system/netd/server/BandwidthController.cpp:778:13: warning: use !absl::StartsWith instead of find() != 0 [abseil-string-find-startswith]
if (chainName.find("bw_costly_") != 0 || chainName == std::string("bw_costly_shared")) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
!absl::StartsWith(chainName, "bw_costly_")
Test: builds
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I15bcce1ec27a644b8a08c99ac3eefe6a3c8fe8e2
|
| |
|
|
|
|
| |
Test: m netd
Bug: 167500195
Change-Id: I2f1709ef3e8f13873471d7d7c821c5e66379586b
|
| |
|
|
|
|
| |
Test: atest netd_unit_test
Bug: 167500195
Change-Id: Id39396933396c2a9feb79c245e0cf7f87a4c8b7b
|
| |
|
|
|
|
|
|
|
| |
There is no need to convert uids to strings anymore now that iptables
are being removed.
Test: atest netd_unit_test
Bug: 167500195
Change-Id: Ida0d8aea937c50fe40970eacb01f24485c0a59ad
|
| |
|
|
|
|
| |
Test: atest netd_unit_test
Bug: 167500195
Change-Id: Ia5c9411a68e2ae9fe229d6e3bd07d72809bbc733
|
| |
|
|
|
|
| |
Test: atest netd_unit_test
Bug: 167500195
Change-Id: Ie359051cdb4de5aacd1d8b90fe1291a174e95a3c
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename these to allowlist and denylist.
This change is mostly automatically generated with:
sed -i 's/WHITE/ALLOW/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/white/allow/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/BLACK/DENY/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/black/deny/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/White/Allow/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
sed -i 's/Black/Deny/g' server/*.{cpp,h} libnetdbpf/{*.cpp,/include/netdbpf/*.h} bpf_progs/*.[ch]
plus manual changes to FirewallController.h and NdcDispatcher.cpp
to make them continue to use INetd::FIREWALL_WHITELIST and
INetd::FIREWALL_BLACKLIST.
INetd (and FIREWALL_WHITELIST and FIREWALL_BLACKLIST) are not
being fixed in this change because doing so would require
changing frozen AIDL files, which is a more complex undertaking.
Also manually change occurrences in the test.
Finally, fix some formatting errors found by clang-format, and
some errors such as "a allowlist" (should be "an allowlist") or`
"allowspace" (should be "whitespace").
Bug: 161896447
Test: atest netd_unit_test netd_integration_test
Test: crosshatch builds, boots, no IptablesRestoreController errors in logs
Change-Id: I3f5b864686651134a50e90b28fc9914bfa3f9a8e
|
| |
|
|
|
|
|
| |
Test: atest
Bug: 150738490
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ibe2de1b04e5ff342d87aa47236c635b47f7ea11b
|
| |
|
|
|
|
|
| |
Test: rules actually load
Bug: 150738490
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I67ea962bb0ebd9b3b3ced23010e4fd8dfc8d6931
|
| |
|
|
|
|
|
|
|
| |
While we're at it we also add some hopefully useful comments.
Test: atest
Bug: 150738490
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: If20ff6949fd86591d882b63d012978db53737c7c
|
| |
|
|
|
|
|
| |
Tested: atest
Bug: 150738490
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Icbfc7066ce597ecfe6b991d1e9af7a9e9739201c
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In the next compiler update, it reports the below warning as error:
system/netd/server/BandwidthController.cpp:263:12: error:
constness of 'ipt_basic_accounting_commands' prevents automatic move
[performance-no-automatic-move,-warnings-as-errors]
return ipt_basic_accounting_commands;
Bug: 149839606
Test: build.
Change-Id: I32ee491b0de6a986dc66de06a4f56d980f794136
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
system/netd/server/BandwidthController.cpp:230:13: warning: suspicious string literal, probably missing a comma [bugprone-suspicious-missing-comma]
(and fixing that reveals more that I'm also fixing)
Note: Using parenthesis seems better than marking with
// NOLINTNEXTLINE(bugprone-suspicious-missing-comma)
Test: builds
Bug: 153035880
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I95d3b1cda93e5a55504e6cd94a795e259863d47f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's already uses of -j in places, and that's the output from
iptables-save and it's shorter.
Generated via:
sed -i -r 's@--jump@-j@g' server/BandwidthControllerTest.cpp
sed -i -r 's@--jump@-j@g' server/BandwidthController.cpp
Test:
git grep '[-]-jump' -- now comes up empty
atest bpf_module_test clatd_test libbpf_android_test libnetdbpf_test
netd_integration_test netd_unit_test netdutils_test
resolv_integration_test resolv_unit_test
Bug: 136696213
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I06b8ea544f681911472c9b60336b31532c408a6f
|
| |
|
|
|
|
|
| |
Nothing seems to be calling into it, so it can probably go.
Test: rebuild everything, then run atest
Change-Id: I6e446f98decd708f59e5994fa10f77be4476d02f
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need this to ensure that the tethering IPCs don't need to grab the
lock in two different controllers
The idea is that always having a global_alert rule in bw_global_alert
chain.
TetherController will enable/disable the reference of bw_global_alert
chain.
[childchain order of filter FORWARD chain]
Chain FORWARD
nm_mdmprxy_iface_pkt_fwder
oem_fwd
fw_FORWARD
bw_FORWARD
tetherctrl_FORWARD
--Simple rule comparison--
[Before]
Chain bw_FORWARD
Alert rule
... other rules
Chain tetherctrl_FORWARD
... other rules
[After]
Chain bw_FORWARD
No Alert rule
... other rules
Chain tetherctrl_FORWARD
Jump to bw_global_alert
... other rules
Chain bw_global_alert
Alert rule
The exact rule comparison is shown in the bug.
Bug:119735985
Test: built, flashed, booted
system/netd/tests/runtests.sh passes
Change-Id: Ibf752d0c8de9170689fc74c89c0424d2642853ec
|
| |
|
|
|
|
|
| |
Test: built, flashed, booted
system/netd/tests/runtests.sh passes
Change-Id: I14e80377bc1b7c08993c3cf8fbf2b6fd0f99f4ba
|
| |
|
|
|
|
|
| |
Test: built, flashed, booted
system/netd/tests/runtests.sh passes
Change-Id: I0fcf6ac4e5d96cbf63d6752bee7202cdef940e82
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The constant definitions of the pinned location of bpf programs and maps
are used by netd, bpfloader now and will be used by the bpf kernel c
program in the future. Move them into bpf_shared.h so they can be
properly included by kernel programs as well.
Bug: 112328133
Test: Build and flash devices, the programs and maps get pinned
properly.
Change-Id: I5fed66cd7e9c9a140fdf57835dc01b82b28e0ea7
|
| |
|
|
|
| |
Test: m
Change-Id: I2b4c31b53b81417ddb7dc8d9b56da3f77ca033c8
|
| |
|
|
|
|
|
| |
Test: built, flashed, booted
system/netd/tests/runtests.sh passes
Change-Id: I7db81136dfaa581d4257a05aad64059dc0cd7976
|
| |
|
|
|
|
|
|
| |
Remove corresponding netd command, and default enable bandwidth
controller.
Test: The bindwith control start correctly on new devices.
Change-Id: I05e1bd365af1edfade28d445cec897cc6b6b2f08
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "--socket-exists" rules in BandwidthController are actually the
rules that enable xt_qtaguid accounting feature. For devices that use
ebpf for packet accounting, these rules need to be removed so that
devices that don't have that kernel module can still run properly.
This change also completely disable xt_qtaguid accounting on devices
that have both xt_qtaguid and eBPF.
Bug: 70945407
Test: device boots and iptables rules are loaded successfully.
Netd_unit_test passes.
Change-Id: I9c11259e38889b5bf4876cff91c97741d624a18d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The bpf maps used for storing the uid owner match information are using
the same key value pairs and the duplication can be reduced by using one
single value to store all the match information for a given uid and use
a configuration map to store the chain that is currently enabled. This
migration can save some kernel memory space and simplify the owner match
process.
Bug: 79781072
Test: netd_unit_test,
com.android.cts.net.HostsideRestrictBackgroundNetworkTests
Change-Id: I9658321e9d4a87eaa724231d33a474113dd75019
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To completely move away from xt_qtaguid module, the bandwidth controller
should not using it for uid owner match any more. Instead, it can use a
eBPF map to store the uid need to be matched and use two eBPF program
running on the xt_bpf hooks to filter out the packet.
Bug: 80649292
Test: ./netd_unit_test
Change-Id: I8e9c7cb3371aae0c24ccc6f64e05e6cbd4f78aae
|
| |/
|
|
|
|
| |
Bug: 65246407
Test: m netd && system/netd/tests/runtests.sh
Change-Id: I1d22b2bc317fe7218ccde78859ed0623d6a1f8df
|
| |
|
|
|
|
| |
Bug: 78370064
Test: lunch aosp_walleye-userdebug && cd system/netd && mma
Change-Id: I495f7cdc3f2aab26947f10041fc559700367f2ea
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the support of xt_bpf module, the more accurate per interface
network traffic stats can be obtained from ifaceStatsMap under
sys/fs/bpf/. Change the framework NetworkStatsService native
implementation to read from map instead of /proc/net/dev. The
corresponding test is added and refactor the old test to be compatible.
Test: ./libbpf_test
atest android.net.cts.TrafficStatsTest
Bug: 72111305
Change-Id: I2a6c6f82317bd9667c1b15e6b082fc9f153f6bf3
|
| |
|
|
|
|
|
|
|
|
|
| |
The BandwidthController unit test cannot directly use gCtrl->trafficCtrl
to check if the bpf stats feature is avaliable. Rewrite the
getBpfStatsStatus() function of BandwidthController so it is also
functioning when in BandwidthController unit tests.
Bug: 72111305
Test: ./netd_unit_test
Change-Id: Ie60ed384b7f8d42b8e1f3417949d46895bea6572
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
To make interface packet accounting more accurately and persistent, the
xt_bpf module is implemented to record the total packets and bytes
tx/rx through each interface. The netd will load the bpf program and
set up iptable rules for the xt_bpf module at boot time and the
framework service will use them to get per interface networks stats on
supported devices. Add logcat support to bpfloader program.
Test: iface stats show up in maps. Iptable rules show up after boot.
Bug: 72111305
Change-Id: Ib33d2b165b64e130999931302dd67891c35a12e9
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This change reserves a mark denoting that a packet has already been
accounted for, along with adding rules in BandwidthController to support
IPSec packets being billed correctly.
Bug: 62994731
Test: BandwidthControllerTest updated, passing. CTS tests also modified
and passing
Change-Id: I8b42975d1502a0d3b9e533bddc0892cfe1556bed
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes IPv6 work on metered wifi networks. Without this:
1. We reject incoming RAs, so we lose connectivity when the RA
parameters expire.
2. We reject incoming NAs, so we get NUD failures.
Bug: 66015813
Test: angler builds, boots
Test: netd_{unit,integration}_test pass
Test: CtsHostsideNetworkTests tests pass
Change-Id: I033040ef0b91c22035e29c636123cd41ab1967ec
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Test: as follows
- built
- flashed
- booted
- runtest -x system/netd/tests/netd_integration_test.cpp passes
- runtest -x system/netd/server/netd_unit_test.cpp passes
Bug: 65654957
Change-Id: I62dbe387aaeecb362b2bc69de8f9ce66f163d929
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes the entirety of NatController and relevant
parts of BandwidthController (specifically, getTetherStats
and its dependencies).
This will make the code easier to understand and allow netd to
privide a simpler API to the framework (e.g., by providing
higher-level methods that perform what today are multiple
operations from the framework's point of view).
It will also reduce duplication of state (e.g., interface pairs
kept by NatController partially overlap with downstream
interfaces kept by TetherController) and avoid dependencies
between controllers.
This CL makes no functional changes. The only code changes are
the ones necessary for compilation. Specifically:
- Move some methods into IptablesBaseTest.cpp so they can be
used from two test classes.
- Change TetherController::iptablesRestoreFunction to the
three-argument used by the erstwhile BandwidthController
tests.
Where appropriate, variable names have been changed, but strings
that actually appear on device, such as iptables rule names, are
left as is and will be changed in a future CL.
Bug: 32163131
Bug: 64995262
Test: bullhead builds, boots
Test: netd_{unit,integration}_test pass
Change-Id: Idc80bfd424ce011826305f84b1cc98e741698601
|
| |
|
|
|
|
|
|
|
|
| |
Also move to binder_test.cpp some string constants that are used
only there.
Bug: 28362720
Test: bullhead builds,boots
Test: netd_{unit,integration}_test pass
Change-Id: I9eee599aafa696cbf3a1f65c3814a33ed99d65fc
|
| |
|
|
|
| |
Test: bullhead-eng builds
Change-Id: Idacfeb71c1f108d9f51ce6f509ae16dbba8a2c2b
|
| |
|
|
|
|
| |
Bug: 28362720
Test: netd_{unit,integration}_test pass
Change-Id: I7e64747e3b933cdf1b76cd20356b9ff86015ec61
|
| |
|
|
|
|
|
|
|
|
|
| |
Costly alerts appear to be currently unused, but they are the
last user of iptables commands in BandwidthController, so
migrating them to iptables-restore will allow us to delete
the iptables-specific code in BandwidthController.
Bug: 28362720
Test: netd_{unit,integration}_test pass
Change-Id: I07c6df6df347fd6485e6d0740b7d6165a423e34b
|
| |
|
|
|
|
|
| |
Bug: 28362720
Test: bullhead builds,boots
Test: netd_{unit,integration}_test pass
Change-Id: Ib3de9f4f3317373619ba185a6e7860f0fc82ca7b
|
| |
|
|
|
|
|
|
| |
Bug: 28362720
Test: bullhead builds,boots
Test: netd_{unit,integration}_test pass
Test: quota rules are added and removed when quotas are enabled/disabled
Change-Id: Ib4df4f10a26c8bc206cc67671da09618fa4224ac
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change substantially refactors the interface and shared
quota code in BandwidthController in preparation for making it
use IptablesRestoreController.
There should be no functional change.
Bug: 28362720
Test: bullhead builds,boots
Test: netd_{unit,integration}_test pass
Test: quota rules are added and removed when quotas are enabled/disabled
Change-Id: I7379fac58da4d98958bb050055a3c6bd7c617aa3
|
