mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-01-11 05:17:44 +03:00
commit
b51629ad84
@ -151,6 +151,9 @@
|
|||||||
<row><entry><varname>l2tp</varname></entry>
|
<row><entry><varname>l2tp</varname></entry>
|
||||||
<entry>A Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself</entry></row>
|
<entry>A Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself</entry></row>
|
||||||
|
|
||||||
|
<row><entry><varname>macsec</varname></entry>
|
||||||
|
<entry>Media Access Control Security (MACsec) is an 802.1AE IEEE industry-standard security technology that provides secure communication for all traffic on Ethernet links. MACsec provides point-to-point security on Ethernet links between directly connected nodes and is capable of identifying and preventing most security threats.</entry></row>
|
||||||
|
|
||||||
<row><entry><varname>vrf</varname></entry>
|
<row><entry><varname>vrf</varname></entry>
|
||||||
<entry>A Virtual Routing and Forwarding (<ulink url="https://www.kernel.org/doc/Documentation/networking/vrf.txt">VRF</ulink>) interface to create separate routing and forwarding domains.</entry></row>
|
<entry>A Virtual Routing and Forwarding (<ulink url="https://www.kernel.org/doc/Documentation/networking/vrf.txt">VRF</ulink>) interface to create separate routing and forwarding domains.</entry></row>
|
||||||
|
|
||||||
@ -851,6 +854,161 @@
|
|||||||
</varlistentry>
|
</varlistentry>
|
||||||
</variablelist>
|
</variablelist>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
<refsect1>
|
||||||
|
<title>[MACsec] Section Options</title>
|
||||||
|
<para>The <literal>[MACsec]</literal> section only applies for network devices of kind
|
||||||
|
<literal>macsec</literal>, and accepts the following keys:</para>
|
||||||
|
|
||||||
|
<variablelist class='network-directives'>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Port=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Specifies the port to be used for the MACsec transmit channel. The port is used to make
|
||||||
|
secure channel identifier (SCI). Takes a value between 1 and 65535. Defaults to unset.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Encrypt=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Takes a boolean. When true, enable encryption. Defaults to unset.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
<refsect1>
|
||||||
|
<title>[MACsecReceiveChannel] Section Options</title>
|
||||||
|
<para>The <literal>[MACsecReceiveChannel]</literal> section only applies for network devices of
|
||||||
|
kind <literal>macsec</literal>, and accepts the following keys:</para>
|
||||||
|
|
||||||
|
<variablelist class='network-directives'>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Port=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Specifies the port to be used for the MACsec receive channel. The port is used to make
|
||||||
|
secure channel identifier (SCI). Takes a value between 1 and 65535. This option is
|
||||||
|
compulsory, and is not set by default.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>MACAddress=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Specifies the MAC address to be used for the MACsec receive channel. The MAC address
|
||||||
|
used to make secure channel identifier (SCI). This option is compulsory, and is not set by
|
||||||
|
default.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
<refsect1>
|
||||||
|
<title>[MACsecTransmitAssociation] Section Options</title>
|
||||||
|
<para>The <literal>[MACsecTransmitAssociation]</literal> section only applies for network devices
|
||||||
|
of kind <literal>macsec</literal>, and accepts the following keys:</para>
|
||||||
|
|
||||||
|
<variablelist class='network-directives'>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>PacketNumber=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Specifies the packet number to be used for replay protection and the construction of
|
||||||
|
the initialization vector (along with the secure channel identifier [SCI]). Takes a value
|
||||||
|
between 1-4,294,967,295. Defaults to unset.
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>KeyId=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Specifies the identification for the key. Takes a number between 0-255. This option
|
||||||
|
is compulsory, and is not set by default.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Key=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Specifies the encryption key used in the transmission channel. The same key must be
|
||||||
|
configured on the peer’s matching receive channel. This option is compulsory, and is not set
|
||||||
|
by default. Takes a 128-bit key encoded in a hexadecimal string, for example
|
||||||
|
<literal>dffafc8d7b9a43d5b9a3dfbbf6a30c16</literal>.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>KeyFile=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Takes a absolute path to a file which contains a 128-bit key encoded in a hexadecimal
|
||||||
|
string, which will be used in the transmission channel. When this option is specified,
|
||||||
|
<varname>Key=</varname> is ignored. Note that the file must be readable by the user
|
||||||
|
<literal>systemd-network</literal>, so it should be, e.g., owned by
|
||||||
|
<literal>root:systemd-network</literal> with a <literal>0640</literal> file mode.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Activate=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Takes a boolean. If enabled, then the security association is activated. Defaults to
|
||||||
|
unset.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>UseForEncoding=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Takes a boolean. If enabled, then the security association is used for encoding. Only
|
||||||
|
one <literal>[MACsecTransmitAssociation]</literal> section can enable this option. When enabled,
|
||||||
|
<varname>Activate=yes</varname> is implied. Defaults to unset.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
|
<refsect1>
|
||||||
|
<title>[MACsecReceiveAssociation] Section Options</title>
|
||||||
|
<para>The <literal>[MACsecReceiveAssociation]</literal> section only applies for
|
||||||
|
network devices of kind <literal>macsec</literal>, and accepts the
|
||||||
|
following keys:</para>
|
||||||
|
|
||||||
|
<variablelist class='network-directives'>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Port=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Accepts the same key in <literal>[MACsecReceiveChannel]</literal> section.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>MACAddress=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Accepts the same key in <literal>[MACsecReceiveChannel]</literal> section.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>PacketNumber=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>KeyId=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Key=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>KeyFile=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Activate=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Accepts the same key in <literal>[MACsecTransmitAssociation]</literal> section.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
</refsect1>
|
||||||
<refsect1>
|
<refsect1>
|
||||||
<title>[Tunnel] Section Options</title>
|
<title>[Tunnel] Section Options</title>
|
||||||
|
|
||||||
|
@ -768,6 +768,14 @@
|
|||||||
This option may be specified more than once.</para>
|
This option may be specified more than once.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>MACsec=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>The name of a MACsec device to create on the link. See
|
||||||
|
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||||
|
This option may be specified more than once.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><varname>ActiveSlave=</varname></term>
|
<term><varname>ActiveSlave=</varname></term>
|
||||||
<listitem>
|
<listitem>
|
||||||
|
@ -317,7 +317,8 @@ int read_full_stream_full(
|
|||||||
|
|
||||||
assert(f);
|
assert(f);
|
||||||
assert(ret_contents);
|
assert(ret_contents);
|
||||||
assert(!(flags & READ_FULL_FILE_UNBASE64) || ret_size);
|
assert(!FLAGS_SET(flags, READ_FULL_FILE_UNBASE64 | READ_FULL_FILE_UNHEX));
|
||||||
|
assert(!(flags & (READ_FULL_FILE_UNBASE64 | READ_FULL_FILE_UNHEX)) || ret_size);
|
||||||
|
|
||||||
n_next = LINE_MAX; /* Start size */
|
n_next = LINE_MAX; /* Start size */
|
||||||
|
|
||||||
@ -394,9 +395,12 @@ int read_full_stream_full(
|
|||||||
n_next = MIN(n * 2, READ_FULL_BYTES_MAX);
|
n_next = MIN(n * 2, READ_FULL_BYTES_MAX);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (flags & READ_FULL_FILE_UNBASE64) {
|
if (flags & (READ_FULL_FILE_UNBASE64 | READ_FULL_FILE_UNHEX)) {
|
||||||
buf[l++] = 0;
|
buf[l++] = 0;
|
||||||
r = unbase64mem_full(buf, l, flags & READ_FULL_FILE_SECURE, (void **) ret_contents, ret_size);
|
if (flags & READ_FULL_FILE_UNBASE64)
|
||||||
|
r = unbase64mem_full(buf, l, flags & READ_FULL_FILE_SECURE, (void **) ret_contents, ret_size);
|
||||||
|
else
|
||||||
|
r = unhexmem_full(buf, l, flags & READ_FULL_FILE_SECURE, (void **) ret_contents, ret_size);
|
||||||
goto finalize;
|
goto finalize;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -31,6 +31,7 @@ typedef enum {
|
|||||||
typedef enum {
|
typedef enum {
|
||||||
READ_FULL_FILE_SECURE = 1 << 0,
|
READ_FULL_FILE_SECURE = 1 << 0,
|
||||||
READ_FULL_FILE_UNBASE64 = 1 << 1,
|
READ_FULL_FILE_UNBASE64 = 1 << 1,
|
||||||
|
READ_FULL_FILE_UNHEX = 1 << 2,
|
||||||
} ReadFullFileFlags;
|
} ReadFullFileFlags;
|
||||||
|
|
||||||
int fopen_unlocked(const char *path, const char *options, FILE **ret);
|
int fopen_unlocked(const char *path, const char *options, FILE **ret);
|
||||||
|
@ -108,10 +108,12 @@ static int unhex_next(const char **p, size_t *l) {
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
int unhexmem(const char *p, size_t l, void **ret, size_t *ret_len) {
|
int unhexmem_full(const char *p, size_t l, bool secure, void **ret, size_t *ret_len) {
|
||||||
_cleanup_free_ uint8_t *buf = NULL;
|
_cleanup_free_ uint8_t *buf = NULL;
|
||||||
|
size_t buf_size;
|
||||||
const char *x;
|
const char *x;
|
||||||
uint8_t *z;
|
uint8_t *z;
|
||||||
|
int r;
|
||||||
|
|
||||||
assert(ret);
|
assert(ret);
|
||||||
assert(ret_len);
|
assert(ret_len);
|
||||||
@ -121,7 +123,8 @@ int unhexmem(const char *p, size_t l, void **ret, size_t *ret_len) {
|
|||||||
l = strlen(p);
|
l = strlen(p);
|
||||||
|
|
||||||
/* Note that the calculation of memory size is an upper boundary, as we ignore whitespace while decoding */
|
/* Note that the calculation of memory size is an upper boundary, as we ignore whitespace while decoding */
|
||||||
buf = malloc((l + 1) / 2 + 1);
|
buf_size = (l + 1) / 2 + 1;
|
||||||
|
buf = malloc(buf_size);
|
||||||
if (!buf)
|
if (!buf)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
@ -131,12 +134,16 @@ int unhexmem(const char *p, size_t l, void **ret, size_t *ret_len) {
|
|||||||
a = unhex_next(&x, &l);
|
a = unhex_next(&x, &l);
|
||||||
if (a == -EPIPE) /* End of string */
|
if (a == -EPIPE) /* End of string */
|
||||||
break;
|
break;
|
||||||
if (a < 0)
|
if (a < 0) {
|
||||||
return a;
|
r = a;
|
||||||
|
goto on_failure;
|
||||||
|
}
|
||||||
|
|
||||||
b = unhex_next(&x, &l);
|
b = unhex_next(&x, &l);
|
||||||
if (b < 0)
|
if (b < 0) {
|
||||||
return b;
|
r = b;
|
||||||
|
goto on_failure;
|
||||||
|
}
|
||||||
|
|
||||||
*(z++) = (uint8_t) a << 4 | (uint8_t) b;
|
*(z++) = (uint8_t) a << 4 | (uint8_t) b;
|
||||||
}
|
}
|
||||||
@ -147,6 +154,12 @@ int unhexmem(const char *p, size_t l, void **ret, size_t *ret_len) {
|
|||||||
*ret = TAKE_PTR(buf);
|
*ret = TAKE_PTR(buf);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
on_failure:
|
||||||
|
if (secure)
|
||||||
|
explicit_bzero_safe(buf, buf_size);
|
||||||
|
|
||||||
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* https://tools.ietf.org/html/rfc4648#section-6
|
/* https://tools.ietf.org/html/rfc4648#section-6
|
||||||
|
@ -18,7 +18,10 @@ char hexchar(int x) _const_;
|
|||||||
int unhexchar(char c) _const_;
|
int unhexchar(char c) _const_;
|
||||||
|
|
||||||
char *hexmem(const void *p, size_t l);
|
char *hexmem(const void *p, size_t l);
|
||||||
int unhexmem(const char *p, size_t l, void **mem, size_t *len);
|
int unhexmem_full(const char *p, size_t l, bool secure, void **mem, size_t *len);
|
||||||
|
static inline int unhexmem(const char *p, size_t l, void **mem, size_t *len) {
|
||||||
|
return unhexmem_full(p, l, false, mem, len);
|
||||||
|
}
|
||||||
|
|
||||||
char base32hexchar(int x) _const_;
|
char base32hexchar(int x) _const_;
|
||||||
int unbase32hexchar(char c) _const_;
|
int unbase32hexchar(char c) _const_;
|
||||||
|
177
src/basic/linux/if_macsec.h
Normal file
177
src/basic/linux/if_macsec.h
Normal file
@ -0,0 +1,177 @@
|
|||||||
|
/* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */
|
||||||
|
/*
|
||||||
|
* include/uapi/linux/if_macsec.h - MACsec device
|
||||||
|
*
|
||||||
|
* Copyright (c) 2015 Sabrina Dubroca <sd@queasysnail.net>
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef _UAPI_MACSEC_H
|
||||||
|
#define _UAPI_MACSEC_H
|
||||||
|
|
||||||
|
#include <linux/types.h>
|
||||||
|
|
||||||
|
#define MACSEC_GENL_NAME "macsec"
|
||||||
|
#define MACSEC_GENL_VERSION 1
|
||||||
|
|
||||||
|
#define MACSEC_MAX_KEY_LEN 128
|
||||||
|
|
||||||
|
#define MACSEC_KEYID_LEN 16
|
||||||
|
|
||||||
|
/* cipher IDs as per IEEE802.1AEbn-2011 */
|
||||||
|
#define MACSEC_CIPHER_ID_GCM_AES_128 0x0080C20001000001ULL
|
||||||
|
#define MACSEC_CIPHER_ID_GCM_AES_256 0x0080C20001000002ULL
|
||||||
|
|
||||||
|
/* deprecated cipher ID for GCM-AES-128 */
|
||||||
|
#define MACSEC_DEFAULT_CIPHER_ID 0x0080020001000001ULL
|
||||||
|
#define MACSEC_DEFAULT_CIPHER_ALT MACSEC_CIPHER_ID_GCM_AES_128
|
||||||
|
|
||||||
|
#define MACSEC_MIN_ICV_LEN 8
|
||||||
|
#define MACSEC_MAX_ICV_LEN 32
|
||||||
|
/* upper limit for ICV length as recommended by IEEE802.1AE-2006 */
|
||||||
|
#define MACSEC_STD_ICV_LEN 16
|
||||||
|
|
||||||
|
enum macsec_attrs {
|
||||||
|
MACSEC_ATTR_UNSPEC,
|
||||||
|
MACSEC_ATTR_IFINDEX, /* u32, ifindex of the MACsec netdevice */
|
||||||
|
MACSEC_ATTR_RXSC_CONFIG, /* config, nested macsec_rxsc_attrs */
|
||||||
|
MACSEC_ATTR_SA_CONFIG, /* config, nested macsec_sa_attrs */
|
||||||
|
MACSEC_ATTR_SECY, /* dump, nested macsec_secy_attrs */
|
||||||
|
MACSEC_ATTR_TXSA_LIST, /* dump, nested, macsec_sa_attrs for each TXSA */
|
||||||
|
MACSEC_ATTR_RXSC_LIST, /* dump, nested, macsec_rxsc_attrs for each RXSC */
|
||||||
|
MACSEC_ATTR_TXSC_STATS, /* dump, nested, macsec_txsc_stats_attr */
|
||||||
|
MACSEC_ATTR_SECY_STATS, /* dump, nested, macsec_secy_stats_attr */
|
||||||
|
__MACSEC_ATTR_END,
|
||||||
|
NUM_MACSEC_ATTR = __MACSEC_ATTR_END,
|
||||||
|
MACSEC_ATTR_MAX = __MACSEC_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
enum macsec_secy_attrs {
|
||||||
|
MACSEC_SECY_ATTR_UNSPEC,
|
||||||
|
MACSEC_SECY_ATTR_SCI,
|
||||||
|
MACSEC_SECY_ATTR_ENCODING_SA,
|
||||||
|
MACSEC_SECY_ATTR_WINDOW,
|
||||||
|
MACSEC_SECY_ATTR_CIPHER_SUITE,
|
||||||
|
MACSEC_SECY_ATTR_ICV_LEN,
|
||||||
|
MACSEC_SECY_ATTR_PROTECT,
|
||||||
|
MACSEC_SECY_ATTR_REPLAY,
|
||||||
|
MACSEC_SECY_ATTR_OPER,
|
||||||
|
MACSEC_SECY_ATTR_VALIDATE,
|
||||||
|
MACSEC_SECY_ATTR_ENCRYPT,
|
||||||
|
MACSEC_SECY_ATTR_INC_SCI,
|
||||||
|
MACSEC_SECY_ATTR_ES,
|
||||||
|
MACSEC_SECY_ATTR_SCB,
|
||||||
|
MACSEC_SECY_ATTR_PAD,
|
||||||
|
__MACSEC_SECY_ATTR_END,
|
||||||
|
NUM_MACSEC_SECY_ATTR = __MACSEC_SECY_ATTR_END,
|
||||||
|
MACSEC_SECY_ATTR_MAX = __MACSEC_SECY_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
enum macsec_rxsc_attrs {
|
||||||
|
MACSEC_RXSC_ATTR_UNSPEC,
|
||||||
|
MACSEC_RXSC_ATTR_SCI, /* config/dump, u64 */
|
||||||
|
MACSEC_RXSC_ATTR_ACTIVE, /* config/dump, u8 0..1 */
|
||||||
|
MACSEC_RXSC_ATTR_SA_LIST, /* dump, nested */
|
||||||
|
MACSEC_RXSC_ATTR_STATS, /* dump, nested, macsec_rxsc_stats_attr */
|
||||||
|
MACSEC_RXSC_ATTR_PAD,
|
||||||
|
__MACSEC_RXSC_ATTR_END,
|
||||||
|
NUM_MACSEC_RXSC_ATTR = __MACSEC_RXSC_ATTR_END,
|
||||||
|
MACSEC_RXSC_ATTR_MAX = __MACSEC_RXSC_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
enum macsec_sa_attrs {
|
||||||
|
MACSEC_SA_ATTR_UNSPEC,
|
||||||
|
MACSEC_SA_ATTR_AN, /* config/dump, u8 0..3 */
|
||||||
|
MACSEC_SA_ATTR_ACTIVE, /* config/dump, u8 0..1 */
|
||||||
|
MACSEC_SA_ATTR_PN, /* config/dump, u32 */
|
||||||
|
MACSEC_SA_ATTR_KEY, /* config, data */
|
||||||
|
MACSEC_SA_ATTR_KEYID, /* config/dump, 128-bit */
|
||||||
|
MACSEC_SA_ATTR_STATS, /* dump, nested, macsec_sa_stats_attr */
|
||||||
|
MACSEC_SA_ATTR_PAD,
|
||||||
|
__MACSEC_SA_ATTR_END,
|
||||||
|
NUM_MACSEC_SA_ATTR = __MACSEC_SA_ATTR_END,
|
||||||
|
MACSEC_SA_ATTR_MAX = __MACSEC_SA_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
enum macsec_nl_commands {
|
||||||
|
MACSEC_CMD_GET_TXSC,
|
||||||
|
MACSEC_CMD_ADD_RXSC,
|
||||||
|
MACSEC_CMD_DEL_RXSC,
|
||||||
|
MACSEC_CMD_UPD_RXSC,
|
||||||
|
MACSEC_CMD_ADD_TXSA,
|
||||||
|
MACSEC_CMD_DEL_TXSA,
|
||||||
|
MACSEC_CMD_UPD_TXSA,
|
||||||
|
MACSEC_CMD_ADD_RXSA,
|
||||||
|
MACSEC_CMD_DEL_RXSA,
|
||||||
|
MACSEC_CMD_UPD_RXSA,
|
||||||
|
};
|
||||||
|
|
||||||
|
/* u64 per-RXSC stats */
|
||||||
|
enum macsec_rxsc_stats_attr {
|
||||||
|
MACSEC_RXSC_STATS_ATTR_UNSPEC,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_OCTETS_VALIDATED,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_OCTETS_DECRYPTED,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_UNCHECKED,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_DELAYED,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_OK,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_INVALID,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_LATE,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_NOT_VALID,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_NOT_USING_SA,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_IN_PKTS_UNUSED_SA,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_PAD,
|
||||||
|
__MACSEC_RXSC_STATS_ATTR_END,
|
||||||
|
NUM_MACSEC_RXSC_STATS_ATTR = __MACSEC_RXSC_STATS_ATTR_END,
|
||||||
|
MACSEC_RXSC_STATS_ATTR_MAX = __MACSEC_RXSC_STATS_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
/* u32 per-{RX,TX}SA stats */
|
||||||
|
enum macsec_sa_stats_attr {
|
||||||
|
MACSEC_SA_STATS_ATTR_UNSPEC,
|
||||||
|
MACSEC_SA_STATS_ATTR_IN_PKTS_OK,
|
||||||
|
MACSEC_SA_STATS_ATTR_IN_PKTS_INVALID,
|
||||||
|
MACSEC_SA_STATS_ATTR_IN_PKTS_NOT_VALID,
|
||||||
|
MACSEC_SA_STATS_ATTR_IN_PKTS_NOT_USING_SA,
|
||||||
|
MACSEC_SA_STATS_ATTR_IN_PKTS_UNUSED_SA,
|
||||||
|
MACSEC_SA_STATS_ATTR_OUT_PKTS_PROTECTED,
|
||||||
|
MACSEC_SA_STATS_ATTR_OUT_PKTS_ENCRYPTED,
|
||||||
|
__MACSEC_SA_STATS_ATTR_END,
|
||||||
|
NUM_MACSEC_SA_STATS_ATTR = __MACSEC_SA_STATS_ATTR_END,
|
||||||
|
MACSEC_SA_STATS_ATTR_MAX = __MACSEC_SA_STATS_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
/* u64 per-TXSC stats */
|
||||||
|
enum macsec_txsc_stats_attr {
|
||||||
|
MACSEC_TXSC_STATS_ATTR_UNSPEC,
|
||||||
|
MACSEC_TXSC_STATS_ATTR_OUT_PKTS_PROTECTED,
|
||||||
|
MACSEC_TXSC_STATS_ATTR_OUT_PKTS_ENCRYPTED,
|
||||||
|
MACSEC_TXSC_STATS_ATTR_OUT_OCTETS_PROTECTED,
|
||||||
|
MACSEC_TXSC_STATS_ATTR_OUT_OCTETS_ENCRYPTED,
|
||||||
|
MACSEC_TXSC_STATS_ATTR_PAD,
|
||||||
|
__MACSEC_TXSC_STATS_ATTR_END,
|
||||||
|
NUM_MACSEC_TXSC_STATS_ATTR = __MACSEC_TXSC_STATS_ATTR_END,
|
||||||
|
MACSEC_TXSC_STATS_ATTR_MAX = __MACSEC_TXSC_STATS_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
/* u64 per-SecY stats */
|
||||||
|
enum macsec_secy_stats_attr {
|
||||||
|
MACSEC_SECY_STATS_ATTR_UNSPEC,
|
||||||
|
MACSEC_SECY_STATS_ATTR_OUT_PKTS_UNTAGGED,
|
||||||
|
MACSEC_SECY_STATS_ATTR_IN_PKTS_UNTAGGED,
|
||||||
|
MACSEC_SECY_STATS_ATTR_OUT_PKTS_TOO_LONG,
|
||||||
|
MACSEC_SECY_STATS_ATTR_IN_PKTS_NO_TAG,
|
||||||
|
MACSEC_SECY_STATS_ATTR_IN_PKTS_BAD_TAG,
|
||||||
|
MACSEC_SECY_STATS_ATTR_IN_PKTS_UNKNOWN_SCI,
|
||||||
|
MACSEC_SECY_STATS_ATTR_IN_PKTS_NO_SCI,
|
||||||
|
MACSEC_SECY_STATS_ATTR_IN_PKTS_OVERRUN,
|
||||||
|
MACSEC_SECY_STATS_ATTR_PAD,
|
||||||
|
__MACSEC_SECY_STATS_ATTR_END,
|
||||||
|
NUM_MACSEC_SECY_STATS_ATTR = __MACSEC_SECY_STATS_ATTR_END,
|
||||||
|
MACSEC_SECY_STATS_ATTR_MAX = __MACSEC_SECY_STATS_ATTR_END - 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
#endif /* _UAPI_MACSEC_H */
|
@ -95,6 +95,7 @@ basic_sources = files('''
|
|||||||
linux/if_bonding.h
|
linux/if_bonding.h
|
||||||
linux/if_bridge.h
|
linux/if_bridge.h
|
||||||
linux/if_link.h
|
linux/if_link.h
|
||||||
|
linux/if_macsec.h
|
||||||
linux/if_tun.h
|
linux/if_tun.h
|
||||||
linux/if_tunnel.h
|
linux/if_tunnel.h
|
||||||
linux/libc-compat.h
|
linux/libc-compat.h
|
||||||
|
@ -14,6 +14,7 @@ static const genl_family genl_families[] = {
|
|||||||
[SD_GENL_WIREGUARD] = { .name = "wireguard", .version = 1 },
|
[SD_GENL_WIREGUARD] = { .name = "wireguard", .version = 1 },
|
||||||
[SD_GENL_FOU] = { .name = "fou", .version = 1 },
|
[SD_GENL_FOU] = { .name = "fou", .version = 1 },
|
||||||
[SD_GENL_L2TP] = { .name = "l2tp", .version = 1},
|
[SD_GENL_L2TP] = { .name = "l2tp", .version = 1},
|
||||||
|
[SD_GENL_MACSEC] = { .name = "macsec", .version = 1},
|
||||||
};
|
};
|
||||||
|
|
||||||
int sd_genl_socket_open(sd_netlink **ret) {
|
int sd_genl_socket_open(sd_netlink **ret) {
|
||||||
|
@ -318,6 +318,23 @@ int sd_netlink_message_append_u32(sd_netlink_message *m, unsigned short type, ui
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int sd_netlink_message_append_u64(sd_netlink_message *m, unsigned short type, uint64_t data) {
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert_return(m, -EINVAL);
|
||||||
|
assert_return(!m->sealed, -EPERM);
|
||||||
|
|
||||||
|
r = message_attribute_has_type(m, NULL, type, NETLINK_TYPE_U64);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
r = add_rtattr(m, type, &data, sizeof(uint64_t));
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
int sd_netlink_message_append_data(sd_netlink_message *m, unsigned short type, const void *data, size_t len) {
|
int sd_netlink_message_append_data(sd_netlink_message *m, unsigned short type, const void *data, size_t len) {
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
@ -16,6 +16,7 @@
|
|||||||
#include <linux/if_addrlabel.h>
|
#include <linux/if_addrlabel.h>
|
||||||
#include <linux/if_bridge.h>
|
#include <linux/if_bridge.h>
|
||||||
#include <linux/if_link.h>
|
#include <linux/if_link.h>
|
||||||
|
#include <linux/if_macsec.h>
|
||||||
#include <linux/if_tunnel.h>
|
#include <linux/if_tunnel.h>
|
||||||
#include <linux/l2tp.h>
|
#include <linux/l2tp.h>
|
||||||
#include <linux/veth.h>
|
#include <linux/veth.h>
|
||||||
@ -306,6 +307,22 @@ static const NLType rtnl_link_info_data_can_types[] = {
|
|||||||
[IFLA_CAN_CTRLMODE] = { .size = sizeof(struct can_ctrlmode) },
|
[IFLA_CAN_CTRLMODE] = { .size = sizeof(struct can_ctrlmode) },
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static const NLType rtnl_link_info_data_macsec_types[] = {
|
||||||
|
[IFLA_MACSEC_SCI] = { .type = NETLINK_TYPE_U64 },
|
||||||
|
[IFLA_MACSEC_PORT] = { .type = NETLINK_TYPE_U16 },
|
||||||
|
[IFLA_MACSEC_ICV_LEN] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_CIPHER_SUITE] = { .type = NETLINK_TYPE_U64 },
|
||||||
|
[IFLA_MACSEC_WINDOW] = { .type = NETLINK_TYPE_U32 },
|
||||||
|
[IFLA_MACSEC_ENCODING_SA] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_ENCRYPT] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_PROTECT] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_INC_SCI] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_ES] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_SCB] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_REPLAY_PROTECT] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[IFLA_MACSEC_VALIDATION] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
};
|
||||||
|
|
||||||
/* these strings must match the .kind entries in the kernel */
|
/* these strings must match the .kind entries in the kernel */
|
||||||
static const char* const nl_union_link_info_data_table[] = {
|
static const char* const nl_union_link_info_data_table[] = {
|
||||||
[NL_UNION_LINK_INFO_DATA_BOND] = "bond",
|
[NL_UNION_LINK_INFO_DATA_BOND] = "bond",
|
||||||
@ -334,6 +351,7 @@ static const char* const nl_union_link_info_data_table[] = {
|
|||||||
[NL_UNION_LINK_INFO_DATA_WIREGUARD] = "wireguard",
|
[NL_UNION_LINK_INFO_DATA_WIREGUARD] = "wireguard",
|
||||||
[NL_UNION_LINK_INFO_DATA_NETDEVSIM] = "netdevsim",
|
[NL_UNION_LINK_INFO_DATA_NETDEVSIM] = "netdevsim",
|
||||||
[NL_UNION_LINK_INFO_DATA_CAN] = "can",
|
[NL_UNION_LINK_INFO_DATA_CAN] = "can",
|
||||||
|
[NL_UNION_LINK_INFO_DATA_MACSEC] = "macsec",
|
||||||
};
|
};
|
||||||
|
|
||||||
DEFINE_STRING_TABLE_LOOKUP(nl_union_link_info_data, NLUnionLinkInfoData);
|
DEFINE_STRING_TABLE_LOOKUP(nl_union_link_info_data, NLUnionLinkInfoData);
|
||||||
@ -383,6 +401,8 @@ static const NLTypeSystem rtnl_link_info_data_type_systems[] = {
|
|||||||
.types = rtnl_link_info_data_vxcan_types },
|
.types = rtnl_link_info_data_vxcan_types },
|
||||||
[NL_UNION_LINK_INFO_DATA_CAN] = { .count = ELEMENTSOF(rtnl_link_info_data_can_types),
|
[NL_UNION_LINK_INFO_DATA_CAN] = { .count = ELEMENTSOF(rtnl_link_info_data_can_types),
|
||||||
.types = rtnl_link_info_data_can_types },
|
.types = rtnl_link_info_data_can_types },
|
||||||
|
[NL_UNION_LINK_INFO_DATA_MACSEC] = { .count = ELEMENTSOF(rtnl_link_info_data_macsec_types),
|
||||||
|
.types = rtnl_link_info_data_macsec_types },
|
||||||
};
|
};
|
||||||
|
|
||||||
static const NLTypeSystemUnion rtnl_link_info_data_type_system_union = {
|
static const NLTypeSystemUnion rtnl_link_info_data_type_system_union = {
|
||||||
@ -843,11 +863,76 @@ static const NLTypeSystem genl_l2tp_tunnel_session_type_system = {
|
|||||||
.types = genl_l2tp,
|
.types = genl_l2tp,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static const NLType genl_rxsc_types[] = {
|
||||||
|
[MACSEC_RXSC_ATTR_SCI] = { .type = NETLINK_TYPE_U64 },
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLTypeSystem genl_rxsc_config_type_system = {
|
||||||
|
.count = ELEMENTSOF(genl_rxsc_types),
|
||||||
|
.types = genl_rxsc_types,
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLType genl_macsec_rxsc_types[] = {
|
||||||
|
[MACSEC_ATTR_IFINDEX] = { .type = NETLINK_TYPE_U32 },
|
||||||
|
[MACSEC_ATTR_RXSC_CONFIG] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_rxsc_config_type_system },
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLTypeSystem genl_macsec_rxsc_type_system = {
|
||||||
|
.count = ELEMENTSOF(genl_macsec_rxsc_types),
|
||||||
|
.types = genl_macsec_rxsc_types,
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLType genl_macsec_sa_config_types[] = {
|
||||||
|
[MACSEC_SA_ATTR_AN] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[MACSEC_SA_ATTR_ACTIVE] = { .type = NETLINK_TYPE_U8 },
|
||||||
|
[MACSEC_SA_ATTR_PN] = { .type = NETLINK_TYPE_U32 },
|
||||||
|
[MACSEC_SA_ATTR_KEYID] = { .size = MACSEC_KEYID_LEN },
|
||||||
|
[MACSEC_SA_ATTR_KEY] = { .size = MACSEC_MAX_KEY_LEN },
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLTypeSystem genl_macsec_sa_config_type_system = {
|
||||||
|
.count = ELEMENTSOF(genl_macsec_sa_config_types),
|
||||||
|
.types = genl_macsec_sa_config_types,
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLType genl_macsec_rxsa_types[] = {
|
||||||
|
[MACSEC_ATTR_IFINDEX] = { .type = NETLINK_TYPE_U32 },
|
||||||
|
[MACSEC_ATTR_SA_CONFIG] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_macsec_sa_config_type_system },
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLTypeSystem genl_macsec_rxsa_type_system = {
|
||||||
|
.count = ELEMENTSOF(genl_macsec_rxsa_types),
|
||||||
|
.types = genl_macsec_rxsa_types,
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLType genl_macsec_sa_types[] = {
|
||||||
|
[MACSEC_ATTR_IFINDEX] = { .type = NETLINK_TYPE_U32 },
|
||||||
|
[MACSEC_ATTR_RXSC_CONFIG] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_rxsc_config_type_system },
|
||||||
|
[MACSEC_ATTR_SA_CONFIG] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_macsec_sa_config_type_system },
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLTypeSystem genl_macsec_sa_type_system = {
|
||||||
|
.count = ELEMENTSOF(genl_macsec_sa_types),
|
||||||
|
.types = genl_macsec_sa_types,
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLType genl_macsec[] = {
|
||||||
|
[MACSEC_CMD_ADD_RXSC] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_macsec_rxsc_type_system },
|
||||||
|
[MACSEC_CMD_ADD_TXSA] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_macsec_rxsa_type_system},
|
||||||
|
[MACSEC_CMD_ADD_RXSA] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_macsec_sa_type_system },
|
||||||
|
};
|
||||||
|
|
||||||
|
static const NLTypeSystem genl_macsec_device_type_system = {
|
||||||
|
.count = ELEMENTSOF(genl_macsec),
|
||||||
|
.types = genl_macsec,
|
||||||
|
};
|
||||||
|
|
||||||
static const NLType genl_families[] = {
|
static const NLType genl_families[] = {
|
||||||
[SD_GENL_ID_CTRL] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_ctrl_id_ctrl_type_system },
|
[SD_GENL_ID_CTRL] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_ctrl_id_ctrl_type_system },
|
||||||
[SD_GENL_WIREGUARD] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_wireguard_type_system },
|
[SD_GENL_WIREGUARD] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_wireguard_type_system },
|
||||||
[SD_GENL_FOU] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_fou_cmds_type_system},
|
[SD_GENL_FOU] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_fou_cmds_type_system},
|
||||||
[SD_GENL_L2TP] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_l2tp_tunnel_session_type_system },
|
[SD_GENL_L2TP] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_l2tp_tunnel_session_type_system },
|
||||||
|
[SD_GENL_MACSEC] = { .type = NETLINK_TYPE_NESTED, .type_system = &genl_macsec_device_type_system },
|
||||||
};
|
};
|
||||||
|
|
||||||
const NLTypeSystem genl_family_type_system_root = {
|
const NLTypeSystem genl_family_type_system_root = {
|
||||||
|
@ -80,6 +80,7 @@ typedef enum NLUnionLinkInfoData {
|
|||||||
NL_UNION_LINK_INFO_DATA_WIREGUARD,
|
NL_UNION_LINK_INFO_DATA_WIREGUARD,
|
||||||
NL_UNION_LINK_INFO_DATA_NETDEVSIM,
|
NL_UNION_LINK_INFO_DATA_NETDEVSIM,
|
||||||
NL_UNION_LINK_INFO_DATA_CAN,
|
NL_UNION_LINK_INFO_DATA_CAN,
|
||||||
|
NL_UNION_LINK_INFO_DATA_MACSEC,
|
||||||
_NL_UNION_LINK_INFO_DATA_MAX,
|
_NL_UNION_LINK_INFO_DATA_MAX,
|
||||||
_NL_UNION_LINK_INFO_DATA_INVALID = -1
|
_NL_UNION_LINK_INFO_DATA_INVALID = -1
|
||||||
} NLUnionLinkInfoData;
|
} NLUnionLinkInfoData;
|
||||||
|
@ -39,6 +39,8 @@ sources = files('''
|
|||||||
netdev/fou-tunnel.h
|
netdev/fou-tunnel.h
|
||||||
netdev/l2tp-tunnel.c
|
netdev/l2tp-tunnel.c
|
||||||
netdev/l2tp-tunnel.h
|
netdev/l2tp-tunnel.h
|
||||||
|
netdev/macsec.c
|
||||||
|
netdev/macsec.h
|
||||||
networkd-address-label.c
|
networkd-address-label.c
|
||||||
networkd-address-label.h
|
networkd-address-label.h
|
||||||
networkd-address-pool.c
|
networkd-address-pool.c
|
||||||
|
1249
src/network/netdev/macsec.c
Normal file
1249
src/network/netdev/macsec.c
Normal file
File diff suppressed because it is too large
Load Diff
85
src/network/netdev/macsec.h
Normal file
85
src/network/netdev/macsec.h
Normal file
@ -0,0 +1,85 @@
|
|||||||
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include <linux/if_macsec.h>
|
||||||
|
|
||||||
|
#include "in-addr-util.h"
|
||||||
|
#include "netdev.h"
|
||||||
|
#include "networkd-util.h"
|
||||||
|
#include "sparse-endian.h"
|
||||||
|
|
||||||
|
/* See the definition of MACSEC_NUM_AN in kernel's drivers/net/macsec.c */
|
||||||
|
#define MACSEC_MAX_ASSOCIATION_NUMBER 4
|
||||||
|
|
||||||
|
typedef struct MACsec MACsec;
|
||||||
|
|
||||||
|
typedef union MACsecSCI {
|
||||||
|
uint64_t as_uint64;
|
||||||
|
|
||||||
|
struct {
|
||||||
|
struct ether_addr mac;
|
||||||
|
be16_t port;
|
||||||
|
} _packed_;
|
||||||
|
} MACsecSCI;
|
||||||
|
|
||||||
|
assert_cc(sizeof(MACsecSCI) == sizeof(uint64_t));
|
||||||
|
|
||||||
|
typedef struct SecurityAssociation {
|
||||||
|
uint8_t association_number;
|
||||||
|
uint32_t packet_number;
|
||||||
|
uint8_t key_id[MACSEC_KEYID_LEN];
|
||||||
|
uint8_t *key;
|
||||||
|
uint32_t key_len;
|
||||||
|
char *key_file;
|
||||||
|
int activate;
|
||||||
|
int use_for_encoding;
|
||||||
|
} SecurityAssociation;
|
||||||
|
|
||||||
|
typedef struct TransmitAssociation {
|
||||||
|
MACsec *macsec;
|
||||||
|
NetworkConfigSection *section;
|
||||||
|
|
||||||
|
SecurityAssociation sa;
|
||||||
|
} TransmitAssociation;
|
||||||
|
|
||||||
|
typedef struct ReceiveAssociation {
|
||||||
|
MACsec *macsec;
|
||||||
|
NetworkConfigSection *section;
|
||||||
|
|
||||||
|
MACsecSCI sci;
|
||||||
|
SecurityAssociation sa;
|
||||||
|
} ReceiveAssociation;
|
||||||
|
|
||||||
|
typedef struct ReceiveChannel {
|
||||||
|
MACsec *macsec;
|
||||||
|
NetworkConfigSection *section;
|
||||||
|
|
||||||
|
MACsecSCI sci;
|
||||||
|
ReceiveAssociation *rxsa[MACSEC_MAX_ASSOCIATION_NUMBER];
|
||||||
|
unsigned n_rxsa;
|
||||||
|
} ReceiveChannel;
|
||||||
|
|
||||||
|
struct MACsec {
|
||||||
|
NetDev meta;
|
||||||
|
|
||||||
|
uint16_t port;
|
||||||
|
int encrypt;
|
||||||
|
uint8_t encoding_an;
|
||||||
|
|
||||||
|
OrderedHashmap *receive_channels;
|
||||||
|
OrderedHashmap *receive_channels_by_section;
|
||||||
|
OrderedHashmap *transmit_associations_by_section;
|
||||||
|
OrderedHashmap *receive_associations_by_section;
|
||||||
|
};
|
||||||
|
|
||||||
|
DEFINE_NETDEV_CAST(MACSEC, MACsec);
|
||||||
|
extern const NetDevVTable macsec_vtable;
|
||||||
|
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_port);
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_hw_address);
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_packet_number);
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key_id);
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key);
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_key_file);
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_sa_activate);
|
||||||
|
CONFIG_PARSER_PROTOTYPE(config_parse_macsec_use_for_encoding);
|
@ -9,6 +9,7 @@ _Pragma("GCC diagnostic ignored \"-Wimplicit-fallthrough\"")
|
|||||||
#include "netdev/bridge.h"
|
#include "netdev/bridge.h"
|
||||||
#include "netdev/geneve.h"
|
#include "netdev/geneve.h"
|
||||||
#include "netdev/ipvlan.h"
|
#include "netdev/ipvlan.h"
|
||||||
|
#include "netdev/macsec.h"
|
||||||
#include "netdev/macvlan.h"
|
#include "netdev/macvlan.h"
|
||||||
#include "netdev/tunnel.h"
|
#include "netdev/tunnel.h"
|
||||||
#include "netdev/tuntap.h"
|
#include "netdev/tuntap.h"
|
||||||
@ -34,158 +35,175 @@ struct ConfigPerfItem;
|
|||||||
%struct-type
|
%struct-type
|
||||||
%includes
|
%includes
|
||||||
%%
|
%%
|
||||||
Match.Host, config_parse_net_condition, CONDITION_HOST, offsetof(NetDev, conditions)
|
Match.Host, config_parse_net_condition, CONDITION_HOST, offsetof(NetDev, conditions)
|
||||||
Match.Virtualization, config_parse_net_condition, CONDITION_VIRTUALIZATION, offsetof(NetDev, conditions)
|
Match.Virtualization, config_parse_net_condition, CONDITION_VIRTUALIZATION, offsetof(NetDev, conditions)
|
||||||
Match.KernelCommandLine, config_parse_net_condition, CONDITION_KERNEL_COMMAND_LINE, offsetof(NetDev, conditions)
|
Match.KernelCommandLine, config_parse_net_condition, CONDITION_KERNEL_COMMAND_LINE, offsetof(NetDev, conditions)
|
||||||
Match.KernelVersion, config_parse_net_condition, CONDITION_KERNEL_VERSION, offsetof(NetDev, conditions)
|
Match.KernelVersion, config_parse_net_condition, CONDITION_KERNEL_VERSION, offsetof(NetDev, conditions)
|
||||||
Match.Architecture, config_parse_net_condition, CONDITION_ARCHITECTURE, offsetof(NetDev, conditions)
|
Match.Architecture, config_parse_net_condition, CONDITION_ARCHITECTURE, offsetof(NetDev, conditions)
|
||||||
NetDev.Description, config_parse_string, 0, offsetof(NetDev, description)
|
NetDev.Description, config_parse_string, 0, offsetof(NetDev, description)
|
||||||
NetDev.Name, config_parse_ifname, 0, offsetof(NetDev, ifname)
|
NetDev.Name, config_parse_ifname, 0, offsetof(NetDev, ifname)
|
||||||
NetDev.Kind, config_parse_netdev_kind, 0, offsetof(NetDev, kind)
|
NetDev.Kind, config_parse_netdev_kind, 0, offsetof(NetDev, kind)
|
||||||
NetDev.MTUBytes, config_parse_mtu, AF_UNSPEC, offsetof(NetDev, mtu)
|
NetDev.MTUBytes, config_parse_mtu, AF_UNSPEC, offsetof(NetDev, mtu)
|
||||||
NetDev.MACAddress, config_parse_hwaddr, 0, offsetof(NetDev, mac)
|
NetDev.MACAddress, config_parse_hwaddr, 0, offsetof(NetDev, mac)
|
||||||
VLAN.Id, config_parse_vlanid, 0, offsetof(VLan, id)
|
VLAN.Id, config_parse_vlanid, 0, offsetof(VLan, id)
|
||||||
VLAN.GVRP, config_parse_tristate, 0, offsetof(VLan, gvrp)
|
VLAN.GVRP, config_parse_tristate, 0, offsetof(VLan, gvrp)
|
||||||
VLAN.MVRP, config_parse_tristate, 0, offsetof(VLan, mvrp)
|
VLAN.MVRP, config_parse_tristate, 0, offsetof(VLan, mvrp)
|
||||||
VLAN.LooseBinding, config_parse_tristate, 0, offsetof(VLan, loose_binding)
|
VLAN.LooseBinding, config_parse_tristate, 0, offsetof(VLan, loose_binding)
|
||||||
VLAN.ReorderHeader, config_parse_tristate, 0, offsetof(VLan, reorder_hdr)
|
VLAN.ReorderHeader, config_parse_tristate, 0, offsetof(VLan, reorder_hdr)
|
||||||
MACVLAN.Mode, config_parse_macvlan_mode, 0, offsetof(MacVlan, mode)
|
MACVLAN.Mode, config_parse_macvlan_mode, 0, offsetof(MacVlan, mode)
|
||||||
MACVTAP.Mode, config_parse_macvlan_mode, 0, offsetof(MacVlan, mode)
|
MACVTAP.Mode, config_parse_macvlan_mode, 0, offsetof(MacVlan, mode)
|
||||||
IPVLAN.Mode, config_parse_ipvlan_mode, 0, offsetof(IPVlan, mode)
|
IPVLAN.Mode, config_parse_ipvlan_mode, 0, offsetof(IPVlan, mode)
|
||||||
IPVLAN.Flags, config_parse_ipvlan_flags, 0, offsetof(IPVlan, flags)
|
IPVLAN.Flags, config_parse_ipvlan_flags, 0, offsetof(IPVlan, flags)
|
||||||
Tunnel.Local, config_parse_tunnel_address, 0, offsetof(Tunnel, local)
|
Tunnel.Local, config_parse_tunnel_address, 0, offsetof(Tunnel, local)
|
||||||
Tunnel.Remote, config_parse_tunnel_address, 0, offsetof(Tunnel, remote)
|
Tunnel.Remote, config_parse_tunnel_address, 0, offsetof(Tunnel, remote)
|
||||||
Tunnel.TOS, config_parse_unsigned, 0, offsetof(Tunnel, tos)
|
Tunnel.TOS, config_parse_unsigned, 0, offsetof(Tunnel, tos)
|
||||||
Tunnel.TTL, config_parse_unsigned, 0, offsetof(Tunnel, ttl)
|
Tunnel.TTL, config_parse_unsigned, 0, offsetof(Tunnel, ttl)
|
||||||
Tunnel.Key, config_parse_tunnel_key, 0, offsetof(Tunnel, key)
|
Tunnel.Key, config_parse_tunnel_key, 0, offsetof(Tunnel, key)
|
||||||
Tunnel.InputKey, config_parse_tunnel_key, 0, offsetof(Tunnel, ikey)
|
Tunnel.InputKey, config_parse_tunnel_key, 0, offsetof(Tunnel, ikey)
|
||||||
Tunnel.OutputKey, config_parse_tunnel_key, 0, offsetof(Tunnel, okey)
|
Tunnel.OutputKey, config_parse_tunnel_key, 0, offsetof(Tunnel, okey)
|
||||||
Tunnel.DiscoverPathMTU, config_parse_bool, 0, offsetof(Tunnel, pmtudisc)
|
Tunnel.DiscoverPathMTU, config_parse_bool, 0, offsetof(Tunnel, pmtudisc)
|
||||||
Tunnel.Mode, config_parse_ip6tnl_mode, 0, offsetof(Tunnel, ip6tnl_mode)
|
Tunnel.Mode, config_parse_ip6tnl_mode, 0, offsetof(Tunnel, ip6tnl_mode)
|
||||||
Tunnel.IPv6FlowLabel, config_parse_ipv6_flowlabel, 0, offsetof(Tunnel, ipv6_flowlabel)
|
Tunnel.IPv6FlowLabel, config_parse_ipv6_flowlabel, 0, offsetof(Tunnel, ipv6_flowlabel)
|
||||||
Tunnel.CopyDSCP, config_parse_bool, 0, offsetof(Tunnel, copy_dscp)
|
Tunnel.CopyDSCP, config_parse_bool, 0, offsetof(Tunnel, copy_dscp)
|
||||||
Tunnel.EncapsulationLimit, config_parse_encap_limit, 0, offsetof(Tunnel, encap_limit)
|
Tunnel.EncapsulationLimit, config_parse_encap_limit, 0, offsetof(Tunnel, encap_limit)
|
||||||
Tunnel.Independent, config_parse_bool, 0, offsetof(Tunnel, independent)
|
Tunnel.Independent, config_parse_bool, 0, offsetof(Tunnel, independent)
|
||||||
Tunnel.AllowLocalRemote, config_parse_tristate, 0, offsetof(Tunnel, allow_localremote)
|
Tunnel.AllowLocalRemote, config_parse_tristate, 0, offsetof(Tunnel, allow_localremote)
|
||||||
Tunnel.FooOverUDP, config_parse_bool, 0, offsetof(Tunnel, fou_tunnel)
|
Tunnel.FooOverUDP, config_parse_bool, 0, offsetof(Tunnel, fou_tunnel)
|
||||||
Tunnel.FOUDestinationPort, config_parse_ip_port, 0, offsetof(Tunnel, fou_destination_port)
|
Tunnel.FOUDestinationPort, config_parse_ip_port, 0, offsetof(Tunnel, fou_destination_port)
|
||||||
Tunnel.FOUSourcePort, config_parse_ip_port, 0, offsetof(Tunnel, encap_src_port)
|
Tunnel.FOUSourcePort, config_parse_ip_port, 0, offsetof(Tunnel, encap_src_port)
|
||||||
Tunnel.Encapsulation, config_parse_fou_encap_type, 0, offsetof(Tunnel, fou_encap_type)
|
Tunnel.Encapsulation, config_parse_fou_encap_type, 0, offsetof(Tunnel, fou_encap_type)
|
||||||
Tunnel.IPv6RapidDeploymentPrefix, config_parse_6rd_prefix, 0, 0
|
Tunnel.IPv6RapidDeploymentPrefix, config_parse_6rd_prefix, 0, 0
|
||||||
Tunnel.ERSPANIndex, config_parse_uint32, 0, offsetof(Tunnel, erspan_index)
|
Tunnel.ERSPANIndex, config_parse_uint32, 0, offsetof(Tunnel, erspan_index)
|
||||||
Tunnel.SerializeTunneledPackets, config_parse_tristate, 0, offsetof(Tunnel, gre_erspan_sequence)
|
Tunnel.SerializeTunneledPackets, config_parse_tristate, 0, offsetof(Tunnel, gre_erspan_sequence)
|
||||||
Tunnel.ISATAP, config_parse_tristate, 0, offsetof(Tunnel, isatap)
|
Tunnel.ISATAP, config_parse_tristate, 0, offsetof(Tunnel, isatap)
|
||||||
FooOverUDP.Protocol, config_parse_ip_protocol, 0, offsetof(FouTunnel, fou_protocol)
|
FooOverUDP.Protocol, config_parse_ip_protocol, 0, offsetof(FouTunnel, fou_protocol)
|
||||||
FooOverUDP.Encapsulation, config_parse_fou_encap_type, 0, offsetof(FouTunnel, fou_encap_type)
|
FooOverUDP.Encapsulation, config_parse_fou_encap_type, 0, offsetof(FouTunnel, fou_encap_type)
|
||||||
FooOverUDP.Port, config_parse_ip_port, 0, offsetof(FouTunnel, port)
|
FooOverUDP.Port, config_parse_ip_port, 0, offsetof(FouTunnel, port)
|
||||||
L2TP.TunnelId, config_parse_l2tp_tunnel_id, 0, offsetof(L2tpTunnel, tunnel_id)
|
L2TP.TunnelId, config_parse_l2tp_tunnel_id, 0, offsetof(L2tpTunnel, tunnel_id)
|
||||||
L2TP.PeerTunnelId, config_parse_l2tp_tunnel_id, 0, offsetof(L2tpTunnel, peer_tunnel_id)
|
L2TP.PeerTunnelId, config_parse_l2tp_tunnel_id, 0, offsetof(L2tpTunnel, peer_tunnel_id)
|
||||||
L2TP.UDPSourcePort, config_parse_ip_port, 0, offsetof(L2tpTunnel, l2tp_udp_sport)
|
L2TP.UDPSourcePort, config_parse_ip_port, 0, offsetof(L2tpTunnel, l2tp_udp_sport)
|
||||||
L2TP.UDPDestinationPort, config_parse_ip_port, 0, offsetof(L2tpTunnel, l2tp_udp_dport)
|
L2TP.UDPDestinationPort, config_parse_ip_port, 0, offsetof(L2tpTunnel, l2tp_udp_dport)
|
||||||
L2TP.Local, config_parse_l2tp_tunnel_address, 0, offsetof(L2tpTunnel, local)
|
L2TP.Local, config_parse_l2tp_tunnel_address, 0, offsetof(L2tpTunnel, local)
|
||||||
L2TP.Remote, config_parse_l2tp_tunnel_address, 0, offsetof(L2tpTunnel, remote)
|
L2TP.Remote, config_parse_l2tp_tunnel_address, 0, offsetof(L2tpTunnel, remote)
|
||||||
L2TP.EncapsulationType, config_parse_l2tp_encap_type, 0, offsetof(L2tpTunnel, l2tp_encap_type)
|
L2TP.EncapsulationType, config_parse_l2tp_encap_type, 0, offsetof(L2tpTunnel, l2tp_encap_type)
|
||||||
L2TP.UDPCheckSum, config_parse_bool, 0, offsetof(L2tpTunnel, udp_csum)
|
L2TP.UDPCheckSum, config_parse_bool, 0, offsetof(L2tpTunnel, udp_csum)
|
||||||
L2TP.UDP6CheckSumRx, config_parse_bool, 0, offsetof(L2tpTunnel, udp6_csum_rx)
|
L2TP.UDP6CheckSumRx, config_parse_bool, 0, offsetof(L2tpTunnel, udp6_csum_rx)
|
||||||
L2TP.UDP6CheckSumTx, config_parse_bool, 0, offsetof(L2tpTunnel, udp6_csum_tx)
|
L2TP.UDP6CheckSumTx, config_parse_bool, 0, offsetof(L2tpTunnel, udp6_csum_tx)
|
||||||
L2TPSession.SessionId, config_parse_l2tp_session_id, 0, 0
|
L2TPSession.SessionId, config_parse_l2tp_session_id, 0, 0
|
||||||
L2TPSession.PeerSessionId, config_parse_l2tp_session_id, 0, 0
|
L2TPSession.PeerSessionId, config_parse_l2tp_session_id, 0, 0
|
||||||
L2TPSession.Layer2SpecificHeader, config_parse_l2tp_session_l2spec, 0, 0
|
L2TPSession.Layer2SpecificHeader, config_parse_l2tp_session_l2spec, 0, 0
|
||||||
L2TPSession.Name, config_parse_l2tp_session_name, 0, 0
|
L2TPSession.Name, config_parse_l2tp_session_name, 0, 0
|
||||||
Peer.Name, config_parse_ifname, 0, offsetof(Veth, ifname_peer)
|
Peer.Name, config_parse_ifname, 0, offsetof(Veth, ifname_peer)
|
||||||
Peer.MACAddress, config_parse_hwaddr, 0, offsetof(Veth, mac_peer)
|
Peer.MACAddress, config_parse_hwaddr, 0, offsetof(Veth, mac_peer)
|
||||||
VXCAN.Peer, config_parse_ifname, 0, offsetof(VxCan, ifname_peer)
|
VXCAN.Peer, config_parse_ifname, 0, offsetof(VxCan, ifname_peer)
|
||||||
VXLAN.Id, config_parse_uint64, 0, offsetof(VxLan, id)
|
VXLAN.Id, config_parse_uint64, 0, offsetof(VxLan, id)
|
||||||
VXLAN.Group, config_parse_vxlan_address, 0, offsetof(VxLan, remote)
|
VXLAN.Group, config_parse_vxlan_address, 0, offsetof(VxLan, remote)
|
||||||
VXLAN.Local, config_parse_vxlan_address, 0, offsetof(VxLan, local)
|
VXLAN.Local, config_parse_vxlan_address, 0, offsetof(VxLan, local)
|
||||||
VXLAN.Remote, config_parse_vxlan_address, 0, offsetof(VxLan, remote)
|
VXLAN.Remote, config_parse_vxlan_address, 0, offsetof(VxLan, remote)
|
||||||
VXLAN.TOS, config_parse_unsigned, 0, offsetof(VxLan, tos)
|
VXLAN.TOS, config_parse_unsigned, 0, offsetof(VxLan, tos)
|
||||||
VXLAN.TTL, config_parse_unsigned, 0, offsetof(VxLan, ttl)
|
VXLAN.TTL, config_parse_unsigned, 0, offsetof(VxLan, ttl)
|
||||||
VXLAN.MacLearning, config_parse_bool, 0, offsetof(VxLan, learning)
|
VXLAN.MacLearning, config_parse_bool, 0, offsetof(VxLan, learning)
|
||||||
VXLAN.ARPProxy, config_parse_bool, 0, offsetof(VxLan, arp_proxy)
|
VXLAN.ARPProxy, config_parse_bool, 0, offsetof(VxLan, arp_proxy)
|
||||||
VXLAN.ReduceARPProxy, config_parse_bool, 0, offsetof(VxLan, arp_proxy)
|
VXLAN.ReduceARPProxy, config_parse_bool, 0, offsetof(VxLan, arp_proxy)
|
||||||
VXLAN.L2MissNotification, config_parse_bool, 0, offsetof(VxLan, l2miss)
|
VXLAN.L2MissNotification, config_parse_bool, 0, offsetof(VxLan, l2miss)
|
||||||
VXLAN.L3MissNotification, config_parse_bool, 0, offsetof(VxLan, l3miss)
|
VXLAN.L3MissNotification, config_parse_bool, 0, offsetof(VxLan, l3miss)
|
||||||
VXLAN.RouteShortCircuit, config_parse_bool, 0, offsetof(VxLan, route_short_circuit)
|
VXLAN.RouteShortCircuit, config_parse_bool, 0, offsetof(VxLan, route_short_circuit)
|
||||||
VXLAN.UDPCheckSum, config_parse_bool, 0, offsetof(VxLan, udpcsum)
|
VXLAN.UDPCheckSum, config_parse_bool, 0, offsetof(VxLan, udpcsum)
|
||||||
VXLAN.UDPChecksum, config_parse_bool, 0, offsetof(VxLan, udpcsum)
|
VXLAN.UDPChecksum, config_parse_bool, 0, offsetof(VxLan, udpcsum)
|
||||||
VXLAN.UDP6ZeroCheckSumRx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumrx)
|
VXLAN.UDP6ZeroCheckSumRx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumrx)
|
||||||
VXLAN.UDP6ZeroChecksumRx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumrx)
|
VXLAN.UDP6ZeroChecksumRx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumrx)
|
||||||
VXLAN.UDP6ZeroCheckSumTx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumtx)
|
VXLAN.UDP6ZeroCheckSumTx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumtx)
|
||||||
VXLAN.UDP6ZeroChecksumTx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumtx)
|
VXLAN.UDP6ZeroChecksumTx, config_parse_bool, 0, offsetof(VxLan, udp6zerocsumtx)
|
||||||
VXLAN.RemoteChecksumTx, config_parse_bool, 0, offsetof(VxLan, remote_csum_tx)
|
VXLAN.RemoteChecksumTx, config_parse_bool, 0, offsetof(VxLan, remote_csum_tx)
|
||||||
VXLAN.RemoteChecksumRx, config_parse_bool, 0, offsetof(VxLan, remote_csum_rx)
|
VXLAN.RemoteChecksumRx, config_parse_bool, 0, offsetof(VxLan, remote_csum_rx)
|
||||||
VXLAN.FDBAgeingSec, config_parse_sec, 0, offsetof(VxLan, fdb_ageing)
|
VXLAN.FDBAgeingSec, config_parse_sec, 0, offsetof(VxLan, fdb_ageing)
|
||||||
VXLAN.GroupPolicyExtension, config_parse_bool, 0, offsetof(VxLan, group_policy)
|
VXLAN.GroupPolicyExtension, config_parse_bool, 0, offsetof(VxLan, group_policy)
|
||||||
VXLAN.MaximumFDBEntries, config_parse_unsigned, 0, offsetof(VxLan, max_fdb)
|
VXLAN.MaximumFDBEntries, config_parse_unsigned, 0, offsetof(VxLan, max_fdb)
|
||||||
VXLAN.PortRange, config_parse_port_range, 0, 0
|
VXLAN.PortRange, config_parse_port_range, 0, 0
|
||||||
VXLAN.DestinationPort, config_parse_ip_port, 0, offsetof(VxLan, dest_port)
|
VXLAN.DestinationPort, config_parse_ip_port, 0, offsetof(VxLan, dest_port)
|
||||||
VXLAN.FlowLabel, config_parse_flow_label, 0, 0
|
VXLAN.FlowLabel, config_parse_flow_label, 0, 0
|
||||||
GENEVE.Id, config_parse_geneve_vni, 0, offsetof(Geneve, id)
|
GENEVE.Id, config_parse_geneve_vni, 0, offsetof(Geneve, id)
|
||||||
GENEVE.Remote, config_parse_geneve_address, 0, offsetof(Geneve, remote)
|
GENEVE.Remote, config_parse_geneve_address, 0, offsetof(Geneve, remote)
|
||||||
GENEVE.TOS, config_parse_uint8, 0, offsetof(Geneve, tos)
|
GENEVE.TOS, config_parse_uint8, 0, offsetof(Geneve, tos)
|
||||||
GENEVE.TTL, config_parse_uint8, 0, offsetof(Geneve, ttl)
|
GENEVE.TTL, config_parse_uint8, 0, offsetof(Geneve, ttl)
|
||||||
GENEVE.UDPChecksum, config_parse_bool, 0, offsetof(Geneve, udpcsum)
|
GENEVE.UDPChecksum, config_parse_bool, 0, offsetof(Geneve, udpcsum)
|
||||||
GENEVE.UDP6ZeroCheckSumRx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumrx)
|
GENEVE.UDP6ZeroCheckSumRx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumrx)
|
||||||
GENEVE.UDP6ZeroChecksumRx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumrx)
|
GENEVE.UDP6ZeroChecksumRx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumrx)
|
||||||
GENEVE.UDP6ZeroCheckSumTx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumtx)
|
GENEVE.UDP6ZeroCheckSumTx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumtx)
|
||||||
GENEVE.UDP6ZeroChecksumTx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumtx)
|
GENEVE.UDP6ZeroChecksumTx, config_parse_bool, 0, offsetof(Geneve, udp6zerocsumtx)
|
||||||
GENEVE.DestinationPort, config_parse_ip_port, 0, offsetof(Geneve, dest_port)
|
GENEVE.DestinationPort, config_parse_ip_port, 0, offsetof(Geneve, dest_port)
|
||||||
GENEVE.FlowLabel, config_parse_geneve_flow_label, 0, 0
|
GENEVE.FlowLabel, config_parse_geneve_flow_label, 0, 0
|
||||||
Tun.OneQueue, config_parse_bool, 0, offsetof(TunTap, one_queue)
|
MACsec.Port, config_parse_macsec_port, 0, 0
|
||||||
Tun.MultiQueue, config_parse_bool, 0, offsetof(TunTap, multi_queue)
|
MACsec.Encrypt, config_parse_tristate, 0, offsetof(MACsec, encrypt)
|
||||||
Tun.PacketInfo, config_parse_bool, 0, offsetof(TunTap, packet_info)
|
MACsecReceiveChannel.Port, config_parse_macsec_port, 0, 0
|
||||||
Tun.User, config_parse_string, 0, offsetof(TunTap, user_name)
|
MACsecReceiveChannel.MACAddress, config_parse_macsec_hw_address, 0, 0
|
||||||
Tun.Group, config_parse_string, 0, offsetof(TunTap, group_name)
|
MACsecTransmitAssociation.PacketNumber, config_parse_macsec_packet_number, 0, 0
|
||||||
Tap.OneQueue, config_parse_bool, 0, offsetof(TunTap, one_queue)
|
MACsecTransmitAssociation.KeyId, config_parse_macsec_key_id, 0, 0
|
||||||
Tap.MultiQueue, config_parse_bool, 0, offsetof(TunTap, multi_queue)
|
MACsecTransmitAssociation.Key, config_parse_macsec_key, 0, 0
|
||||||
Tap.PacketInfo, config_parse_bool, 0, offsetof(TunTap, packet_info)
|
MACsecTransmitAssociation.KeyFile, config_parse_macsec_key_file, 0, 0
|
||||||
Tap.VNetHeader, config_parse_bool, 0, offsetof(TunTap, vnet_hdr)
|
MACsecTransmitAssociation.Activate, config_parse_macsec_sa_activate, 0, 0
|
||||||
Tap.User, config_parse_string, 0, offsetof(TunTap, user_name)
|
MACsecTransmitAssociation.UseForEncoding, config_parse_macsec_use_for_encoding, 0, 0
|
||||||
Tap.Group, config_parse_string, 0, offsetof(TunTap, group_name)
|
MACsecReceiveAssociation.Port, config_parse_macsec_port, 0, 0
|
||||||
Bond.Mode, config_parse_bond_mode, 0, offsetof(Bond, mode)
|
MACsecReceiveAssociation.MACAddress, config_parse_macsec_hw_address, 0, 0
|
||||||
Bond.TransmitHashPolicy, config_parse_bond_xmit_hash_policy, 0, offsetof(Bond, xmit_hash_policy)
|
MACsecReceiveAssociation.PacketNumber, config_parse_macsec_packet_number, 0, 0
|
||||||
Bond.LACPTransmitRate, config_parse_bond_lacp_rate, 0, offsetof(Bond, lacp_rate)
|
MACsecReceiveAssociation.KeyId, config_parse_macsec_key_id, 0, 0
|
||||||
Bond.AdSelect, config_parse_bond_ad_select, 0, offsetof(Bond, ad_select)
|
MACsecReceiveAssociation.Key, config_parse_macsec_key, 0, 0
|
||||||
Bond.FailOverMACPolicy, config_parse_bond_fail_over_mac, 0, offsetof(Bond, fail_over_mac)
|
MACsecReceiveAssociation.KeyFile, config_parse_macsec_key_file, 0, 0
|
||||||
Bond.ARPIPTargets, config_parse_arp_ip_target_address, 0, 0
|
MACsecReceiveAssociation.Activate, config_parse_macsec_sa_activate, 0, 0
|
||||||
Bond.ARPValidate, config_parse_bond_arp_validate, 0, offsetof(Bond, arp_validate)
|
Tun.OneQueue, config_parse_bool, 0, offsetof(TunTap, one_queue)
|
||||||
Bond.ARPAllTargets, config_parse_bond_arp_all_targets, 0, offsetof(Bond, arp_all_targets)
|
Tun.MultiQueue, config_parse_bool, 0, offsetof(TunTap, multi_queue)
|
||||||
Bond.PrimaryReselectPolicy, config_parse_bond_primary_reselect, 0, offsetof(Bond, primary_reselect)
|
Tun.PacketInfo, config_parse_bool, 0, offsetof(TunTap, packet_info)
|
||||||
Bond.ResendIGMP, config_parse_unsigned, 0, offsetof(Bond, resend_igmp)
|
Tun.User, config_parse_string, 0, offsetof(TunTap, user_name)
|
||||||
Bond.PacketsPerSlave, config_parse_unsigned, 0, offsetof(Bond, packets_per_slave)
|
Tun.Group, config_parse_string, 0, offsetof(TunTap, group_name)
|
||||||
Bond.GratuitousARP, config_parse_unsigned, 0, offsetof(Bond, num_grat_arp)
|
Tap.OneQueue, config_parse_bool, 0, offsetof(TunTap, one_queue)
|
||||||
Bond.AllSlavesActive, config_parse_bool, 0, offsetof(Bond, all_slaves_active)
|
Tap.MultiQueue, config_parse_bool, 0, offsetof(TunTap, multi_queue)
|
||||||
Bond.DynamicTransmitLoadBalancing, config_parse_tristate, 0, offsetof(Bond, tlb_dynamic_lb)
|
Tap.PacketInfo, config_parse_bool, 0, offsetof(TunTap, packet_info)
|
||||||
Bond.MinLinks, config_parse_unsigned, 0, offsetof(Bond, min_links)
|
Tap.VNetHeader, config_parse_bool, 0, offsetof(TunTap, vnet_hdr)
|
||||||
Bond.MIIMonitorSec, config_parse_sec, 0, offsetof(Bond, miimon)
|
Tap.User, config_parse_string, 0, offsetof(TunTap, user_name)
|
||||||
Bond.UpDelaySec, config_parse_sec, 0, offsetof(Bond, updelay)
|
Tap.Group, config_parse_string, 0, offsetof(TunTap, group_name)
|
||||||
Bond.DownDelaySec, config_parse_sec, 0, offsetof(Bond, downdelay)
|
Bond.Mode, config_parse_bond_mode, 0, offsetof(Bond, mode)
|
||||||
Bond.ARPIntervalSec, config_parse_sec, 0, offsetof(Bond, arp_interval)
|
Bond.TransmitHashPolicy, config_parse_bond_xmit_hash_policy, 0, offsetof(Bond, xmit_hash_policy)
|
||||||
Bond.LearnPacketIntervalSec, config_parse_sec, 0, offsetof(Bond, lp_interval)
|
Bond.LACPTransmitRate, config_parse_bond_lacp_rate, 0, offsetof(Bond, lacp_rate)
|
||||||
Bond.AdActorSystemPriority, config_parse_ad_actor_sys_prio, 0, offsetof(Bond, ad_actor_sys_prio)
|
Bond.AdSelect, config_parse_bond_ad_select, 0, offsetof(Bond, ad_select)
|
||||||
Bond.AdUserPortKey, config_parse_ad_user_port_key, 0, offsetof(Bond, ad_user_port_key)
|
Bond.FailOverMACPolicy, config_parse_bond_fail_over_mac, 0, offsetof(Bond, fail_over_mac)
|
||||||
Bond.AdActorSystem, config_parse_ad_actor_system, 0, offsetof(Bond, ad_actor_system)
|
Bond.ARPIPTargets, config_parse_arp_ip_target_address, 0, 0
|
||||||
Bridge.HelloTimeSec, config_parse_sec, 0, offsetof(Bridge, hello_time)
|
Bond.ARPValidate, config_parse_bond_arp_validate, 0, offsetof(Bond, arp_validate)
|
||||||
Bridge.MaxAgeSec, config_parse_sec, 0, offsetof(Bridge, max_age)
|
Bond.ARPAllTargets, config_parse_bond_arp_all_targets, 0, offsetof(Bond, arp_all_targets)
|
||||||
Bridge.AgeingTimeSec, config_parse_sec, 0, offsetof(Bridge, ageing_time)
|
Bond.PrimaryReselectPolicy, config_parse_bond_primary_reselect, 0, offsetof(Bond, primary_reselect)
|
||||||
Bridge.ForwardDelaySec, config_parse_sec, 0, offsetof(Bridge, forward_delay)
|
Bond.ResendIGMP, config_parse_unsigned, 0, offsetof(Bond, resend_igmp)
|
||||||
Bridge.Priority, config_parse_uint16, 0, offsetof(Bridge, priority)
|
Bond.PacketsPerSlave, config_parse_unsigned, 0, offsetof(Bond, packets_per_slave)
|
||||||
Bridge.GroupForwardMask, config_parse_uint16, 0, offsetof(Bridge, group_fwd_mask)
|
Bond.GratuitousARP, config_parse_unsigned, 0, offsetof(Bond, num_grat_arp)
|
||||||
Bridge.DefaultPVID, config_parse_default_port_vlanid, 0, offsetof(Bridge, default_pvid)
|
Bond.AllSlavesActive, config_parse_bool, 0, offsetof(Bond, all_slaves_active)
|
||||||
Bridge.MulticastQuerier, config_parse_tristate, 0, offsetof(Bridge, mcast_querier)
|
Bond.DynamicTransmitLoadBalancing, config_parse_tristate, 0, offsetof(Bond, tlb_dynamic_lb)
|
||||||
Bridge.MulticastSnooping, config_parse_tristate, 0, offsetof(Bridge, mcast_snooping)
|
Bond.MinLinks, config_parse_unsigned, 0, offsetof(Bond, min_links)
|
||||||
Bridge.VLANFiltering, config_parse_tristate, 0, offsetof(Bridge, vlan_filtering)
|
Bond.MIIMonitorSec, config_parse_sec, 0, offsetof(Bond, miimon)
|
||||||
Bridge.STP, config_parse_tristate, 0, offsetof(Bridge, stp)
|
Bond.UpDelaySec, config_parse_sec, 0, offsetof(Bond, updelay)
|
||||||
VRF.TableId, config_parse_uint32, 0, offsetof(Vrf, table) /* deprecated */
|
Bond.DownDelaySec, config_parse_sec, 0, offsetof(Bond, downdelay)
|
||||||
VRF.Table, config_parse_uint32, 0, offsetof(Vrf, table)
|
Bond.ARPIntervalSec, config_parse_sec, 0, offsetof(Bond, arp_interval)
|
||||||
WireGuard.FwMark, config_parse_unsigned, 0, offsetof(Wireguard, fwmark)
|
Bond.LearnPacketIntervalSec, config_parse_sec, 0, offsetof(Bond, lp_interval)
|
||||||
WireGuard.ListenPort, config_parse_wireguard_listen_port, 0, offsetof(Wireguard, port)
|
Bond.AdActorSystemPriority, config_parse_ad_actor_sys_prio, 0, offsetof(Bond, ad_actor_sys_prio)
|
||||||
WireGuard.PrivateKey, config_parse_wireguard_private_key, 0, 0
|
Bond.AdUserPortKey, config_parse_ad_user_port_key, 0, offsetof(Bond, ad_user_port_key)
|
||||||
WireGuard.PrivateKeyFile, config_parse_wireguard_private_key_file, 0, 0
|
Bond.AdActorSystem, config_parse_ad_actor_system, 0, offsetof(Bond, ad_actor_system)
|
||||||
WireGuardPeer.AllowedIPs, config_parse_wireguard_allowed_ips, 0, 0
|
Bridge.HelloTimeSec, config_parse_sec, 0, offsetof(Bridge, hello_time)
|
||||||
WireGuardPeer.Endpoint, config_parse_wireguard_endpoint, 0, 0
|
Bridge.MaxAgeSec, config_parse_sec, 0, offsetof(Bridge, max_age)
|
||||||
WireGuardPeer.PublicKey, config_parse_wireguard_public_key, 0, 0
|
Bridge.AgeingTimeSec, config_parse_sec, 0, offsetof(Bridge, ageing_time)
|
||||||
WireGuardPeer.PresharedKey, config_parse_wireguard_preshared_key, 0, 0
|
Bridge.ForwardDelaySec, config_parse_sec, 0, offsetof(Bridge, forward_delay)
|
||||||
WireGuardPeer.PresharedKeyFile, config_parse_wireguard_preshared_key_file, 0, 0
|
Bridge.Priority, config_parse_uint16, 0, offsetof(Bridge, priority)
|
||||||
WireGuardPeer.PersistentKeepalive, config_parse_wireguard_keepalive, 0, 0
|
Bridge.GroupForwardMask, config_parse_uint16, 0, offsetof(Bridge, group_fwd_mask)
|
||||||
|
Bridge.DefaultPVID, config_parse_default_port_vlanid, 0, offsetof(Bridge, default_pvid)
|
||||||
|
Bridge.MulticastQuerier, config_parse_tristate, 0, offsetof(Bridge, mcast_querier)
|
||||||
|
Bridge.MulticastSnooping, config_parse_tristate, 0, offsetof(Bridge, mcast_snooping)
|
||||||
|
Bridge.VLANFiltering, config_parse_tristate, 0, offsetof(Bridge, vlan_filtering)
|
||||||
|
Bridge.STP, config_parse_tristate, 0, offsetof(Bridge, stp)
|
||||||
|
VRF.TableId, config_parse_uint32, 0, offsetof(Vrf, table) /* deprecated */
|
||||||
|
VRF.Table, config_parse_uint32, 0, offsetof(Vrf, table)
|
||||||
|
WireGuard.FwMark, config_parse_unsigned, 0, offsetof(Wireguard, fwmark)
|
||||||
|
WireGuard.ListenPort, config_parse_wireguard_listen_port, 0, offsetof(Wireguard, port)
|
||||||
|
WireGuard.PrivateKey, config_parse_wireguard_private_key, 0, 0
|
||||||
|
WireGuard.PrivateKeyFile, config_parse_wireguard_private_key_file, 0, 0
|
||||||
|
WireGuardPeer.AllowedIPs, config_parse_wireguard_allowed_ips, 0, 0
|
||||||
|
WireGuardPeer.Endpoint, config_parse_wireguard_endpoint, 0, 0
|
||||||
|
WireGuardPeer.PublicKey, config_parse_wireguard_public_key, 0, 0
|
||||||
|
WireGuardPeer.PresharedKey, config_parse_wireguard_preshared_key, 0, 0
|
||||||
|
WireGuardPeer.PresharedKeyFile, config_parse_wireguard_preshared_key_file, 0, 0
|
||||||
|
WireGuardPeer.PersistentKeepalive, config_parse_wireguard_keepalive, 0, 0
|
||||||
|
@ -14,6 +14,7 @@
|
|||||||
#include "netdev/geneve.h"
|
#include "netdev/geneve.h"
|
||||||
#include "netdev/ipvlan.h"
|
#include "netdev/ipvlan.h"
|
||||||
#include "netdev/l2tp-tunnel.h"
|
#include "netdev/l2tp-tunnel.h"
|
||||||
|
#include "netdev/macsec.h"
|
||||||
#include "netdev/macvlan.h"
|
#include "netdev/macvlan.h"
|
||||||
#include "netdev/netdev.h"
|
#include "netdev/netdev.h"
|
||||||
#include "netdev/netdevsim.h"
|
#include "netdev/netdevsim.h"
|
||||||
@ -66,6 +67,7 @@ const NetDevVTable * const netdev_vtable[_NETDEV_KIND_MAX] = {
|
|||||||
[NETDEV_KIND_FOU] = &foutnl_vtable,
|
[NETDEV_KIND_FOU] = &foutnl_vtable,
|
||||||
[NETDEV_KIND_ERSPAN] = &erspan_vtable,
|
[NETDEV_KIND_ERSPAN] = &erspan_vtable,
|
||||||
[NETDEV_KIND_L2TP] = &l2tptnl_vtable,
|
[NETDEV_KIND_L2TP] = &l2tptnl_vtable,
|
||||||
|
[NETDEV_KIND_MACSEC] = &macsec_vtable,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = {
|
static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = {
|
||||||
@ -98,6 +100,7 @@ static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = {
|
|||||||
[NETDEV_KIND_FOU] = "fou",
|
[NETDEV_KIND_FOU] = "fou",
|
||||||
[NETDEV_KIND_ERSPAN] = "erspan",
|
[NETDEV_KIND_ERSPAN] = "erspan",
|
||||||
[NETDEV_KIND_L2TP] = "l2tp",
|
[NETDEV_KIND_L2TP] = "l2tp",
|
||||||
|
[NETDEV_KIND_MACSEC] = "macsec",
|
||||||
};
|
};
|
||||||
|
|
||||||
DEFINE_STRING_TABLE_LOOKUP(netdev_kind, NetDevKind);
|
DEFINE_STRING_TABLE_LOOKUP(netdev_kind, NetDevKind);
|
||||||
|
@ -47,6 +47,7 @@ typedef enum NetDevKind {
|
|||||||
NETDEV_KIND_FOU,
|
NETDEV_KIND_FOU,
|
||||||
NETDEV_KIND_ERSPAN,
|
NETDEV_KIND_ERSPAN,
|
||||||
NETDEV_KIND_L2TP,
|
NETDEV_KIND_L2TP,
|
||||||
|
NETDEV_KIND_MACSEC,
|
||||||
_NETDEV_KIND_MAX,
|
_NETDEV_KIND_MAX,
|
||||||
_NETDEV_KIND_TUNNEL, /* Used by config_parse_stacked_netdev() */
|
_NETDEV_KIND_TUNNEL, /* Used by config_parse_stacked_netdev() */
|
||||||
_NETDEV_KIND_INVALID = -1
|
_NETDEV_KIND_INVALID = -1
|
||||||
|
@ -20,191 +20,192 @@ struct ConfigPerfItem;
|
|||||||
%struct-type
|
%struct-type
|
||||||
%includes
|
%includes
|
||||||
%%
|
%%
|
||||||
Match.MACAddress, config_parse_hwaddrs, 0, offsetof(Network, match_mac)
|
Match.MACAddress, config_parse_hwaddrs, 0, offsetof(Network, match_mac)
|
||||||
Match.Path, config_parse_strv, 0, offsetof(Network, match_path)
|
Match.Path, config_parse_strv, 0, offsetof(Network, match_path)
|
||||||
Match.Driver, config_parse_strv, 0, offsetof(Network, match_driver)
|
Match.Driver, config_parse_strv, 0, offsetof(Network, match_driver)
|
||||||
Match.Type, config_parse_strv, 0, offsetof(Network, match_type)
|
Match.Type, config_parse_strv, 0, offsetof(Network, match_type)
|
||||||
Match.Name, config_parse_ifnames, 0, offsetof(Network, match_name)
|
Match.Name, config_parse_ifnames, 0, offsetof(Network, match_name)
|
||||||
Match.Host, config_parse_net_condition, CONDITION_HOST, offsetof(Network, conditions)
|
Match.Host, config_parse_net_condition, CONDITION_HOST, offsetof(Network, conditions)
|
||||||
Match.Virtualization, config_parse_net_condition, CONDITION_VIRTUALIZATION, offsetof(Network, conditions)
|
Match.Virtualization, config_parse_net_condition, CONDITION_VIRTUALIZATION, offsetof(Network, conditions)
|
||||||
Match.KernelCommandLine, config_parse_net_condition, CONDITION_KERNEL_COMMAND_LINE, offsetof(Network, conditions)
|
Match.KernelCommandLine, config_parse_net_condition, CONDITION_KERNEL_COMMAND_LINE, offsetof(Network, conditions)
|
||||||
Match.KernelVersion, config_parse_net_condition, CONDITION_KERNEL_VERSION, offsetof(Network, conditions)
|
Match.KernelVersion, config_parse_net_condition, CONDITION_KERNEL_VERSION, offsetof(Network, conditions)
|
||||||
Match.Architecture, config_parse_net_condition, CONDITION_ARCHITECTURE, offsetof(Network, conditions)
|
Match.Architecture, config_parse_net_condition, CONDITION_ARCHITECTURE, offsetof(Network, conditions)
|
||||||
Link.MACAddress, config_parse_hwaddr, 0, offsetof(Network, mac)
|
Link.MACAddress, config_parse_hwaddr, 0, offsetof(Network, mac)
|
||||||
Link.MTUBytes, config_parse_mtu, AF_UNSPEC, offsetof(Network, mtu)
|
Link.MTUBytes, config_parse_mtu, AF_UNSPEC, offsetof(Network, mtu)
|
||||||
Link.ARP, config_parse_tristate, 0, offsetof(Network, arp)
|
Link.ARP, config_parse_tristate, 0, offsetof(Network, arp)
|
||||||
Link.Multicast, config_parse_tristate, 0, offsetof(Network, multicast)
|
Link.Multicast, config_parse_tristate, 0, offsetof(Network, multicast)
|
||||||
Link.AllMulticast, config_parse_tristate, 0, offsetof(Network, allmulticast)
|
Link.AllMulticast, config_parse_tristate, 0, offsetof(Network, allmulticast)
|
||||||
Link.Unmanaged, config_parse_bool, 0, offsetof(Network, unmanaged)
|
Link.Unmanaged, config_parse_bool, 0, offsetof(Network, unmanaged)
|
||||||
Link.RequiredForOnline, config_parse_required_for_online, 0, 0
|
Link.RequiredForOnline, config_parse_required_for_online, 0, 0
|
||||||
Network.Description, config_parse_string, 0, offsetof(Network, description)
|
Network.Description, config_parse_string, 0, offsetof(Network, description)
|
||||||
Network.Bridge, config_parse_ifname, 0, offsetof(Network, bridge_name)
|
Network.Bridge, config_parse_ifname, 0, offsetof(Network, bridge_name)
|
||||||
Network.Bond, config_parse_ifname, 0, offsetof(Network, bond_name)
|
Network.Bond, config_parse_ifname, 0, offsetof(Network, bond_name)
|
||||||
Network.VLAN, config_parse_stacked_netdev, NETDEV_KIND_VLAN, offsetof(Network, stacked_netdev_names)
|
Network.VLAN, config_parse_stacked_netdev, NETDEV_KIND_VLAN, offsetof(Network, stacked_netdev_names)
|
||||||
Network.MACVLAN, config_parse_stacked_netdev, NETDEV_KIND_MACVLAN, offsetof(Network, stacked_netdev_names)
|
Network.MACVLAN, config_parse_stacked_netdev, NETDEV_KIND_MACVLAN, offsetof(Network, stacked_netdev_names)
|
||||||
Network.MACVTAP, config_parse_stacked_netdev, NETDEV_KIND_MACVTAP, offsetof(Network, stacked_netdev_names)
|
Network.MACVTAP, config_parse_stacked_netdev, NETDEV_KIND_MACVTAP, offsetof(Network, stacked_netdev_names)
|
||||||
Network.IPVLAN, config_parse_stacked_netdev, NETDEV_KIND_IPVLAN, offsetof(Network, stacked_netdev_names)
|
Network.IPVLAN, config_parse_stacked_netdev, NETDEV_KIND_IPVLAN, offsetof(Network, stacked_netdev_names)
|
||||||
Network.VXLAN, config_parse_stacked_netdev, NETDEV_KIND_VXLAN, offsetof(Network, stacked_netdev_names)
|
Network.VXLAN, config_parse_stacked_netdev, NETDEV_KIND_VXLAN, offsetof(Network, stacked_netdev_names)
|
||||||
Network.L2TP, config_parse_stacked_netdev, NETDEV_KIND_L2TP, offsetof(Network, stacked_netdev_names)
|
Network.L2TP, config_parse_stacked_netdev, NETDEV_KIND_L2TP, offsetof(Network, stacked_netdev_names)
|
||||||
Network.Tunnel, config_parse_stacked_netdev, _NETDEV_KIND_TUNNEL, offsetof(Network, stacked_netdev_names)
|
Network.MACsec, config_parse_stacked_netdev, NETDEV_KIND_MACSEC, offsetof(Network, stacked_netdev_names)
|
||||||
Network.VRF, config_parse_ifname, 0, offsetof(Network, vrf_name)
|
Network.Tunnel, config_parse_stacked_netdev, _NETDEV_KIND_TUNNEL, offsetof(Network, stacked_netdev_names)
|
||||||
Network.DHCP, config_parse_dhcp, 0, offsetof(Network, dhcp)
|
Network.VRF, config_parse_ifname, 0, offsetof(Network, vrf_name)
|
||||||
Network.DHCPServer, config_parse_bool, 0, offsetof(Network, dhcp_server)
|
Network.DHCP, config_parse_dhcp, 0, offsetof(Network, dhcp)
|
||||||
Network.LinkLocalAddressing, config_parse_address_family_boolean, 0, offsetof(Network, link_local)
|
Network.DHCPServer, config_parse_bool, 0, offsetof(Network, dhcp_server)
|
||||||
Network.IPv4LLRoute, config_parse_bool, 0, offsetof(Network, ipv4ll_route)
|
Network.LinkLocalAddressing, config_parse_address_family_boolean, 0, offsetof(Network, link_local)
|
||||||
Network.IPv6Token, config_parse_ipv6token, 0, offsetof(Network, ipv6_token)
|
Network.IPv4LLRoute, config_parse_bool, 0, offsetof(Network, ipv4ll_route)
|
||||||
Network.LLDP, config_parse_lldp_mode, 0, offsetof(Network, lldp_mode)
|
Network.IPv6Token, config_parse_ipv6token, 0, offsetof(Network, ipv6_token)
|
||||||
Network.EmitLLDP, config_parse_lldp_emit, 0, offsetof(Network, lldp_emit)
|
Network.LLDP, config_parse_lldp_mode, 0, offsetof(Network, lldp_mode)
|
||||||
Network.Address, config_parse_address, 0, 0
|
Network.EmitLLDP, config_parse_lldp_emit, 0, offsetof(Network, lldp_emit)
|
||||||
Network.Gateway, config_parse_gateway, 0, 0
|
Network.Address, config_parse_address, 0, 0
|
||||||
Network.Domains, config_parse_domains, 0, 0
|
Network.Gateway, config_parse_gateway, 0, 0
|
||||||
Network.DNS, config_parse_dns, 0, 0
|
Network.Domains, config_parse_domains, 0, 0
|
||||||
Network.DNSDefaultRoute, config_parse_tristate, 0, offsetof(Network, dns_default_route)
|
Network.DNS, config_parse_dns, 0, 0
|
||||||
Network.LLMNR, config_parse_resolve_support, 0, offsetof(Network, llmnr)
|
Network.DNSDefaultRoute, config_parse_tristate, 0, offsetof(Network, dns_default_route)
|
||||||
Network.MulticastDNS, config_parse_resolve_support, 0, offsetof(Network, mdns)
|
Network.LLMNR, config_parse_resolve_support, 0, offsetof(Network, llmnr)
|
||||||
Network.DNSOverTLS, config_parse_dns_over_tls_mode, 0, offsetof(Network, dns_over_tls_mode)
|
Network.MulticastDNS, config_parse_resolve_support, 0, offsetof(Network, mdns)
|
||||||
Network.DNSSEC, config_parse_dnssec_mode, 0, offsetof(Network, dnssec_mode)
|
Network.DNSOverTLS, config_parse_dns_over_tls_mode, 0, offsetof(Network, dns_over_tls_mode)
|
||||||
Network.DNSSECNegativeTrustAnchors, config_parse_dnssec_negative_trust_anchors, 0, 0
|
Network.DNSSEC, config_parse_dnssec_mode, 0, offsetof(Network, dnssec_mode)
|
||||||
Network.NTP, config_parse_ntp, 0, offsetof(Network, ntp)
|
Network.DNSSECNegativeTrustAnchors, config_parse_dnssec_negative_trust_anchors, 0, 0
|
||||||
Network.IPForward, config_parse_address_family_boolean_with_kernel,0, offsetof(Network, ip_forward)
|
Network.NTP, config_parse_ntp, 0, offsetof(Network, ntp)
|
||||||
Network.IPMasquerade, config_parse_bool, 0, offsetof(Network, ip_masquerade)
|
Network.IPForward, config_parse_address_family_boolean_with_kernel, 0, offsetof(Network, ip_forward)
|
||||||
Network.IPv6PrivacyExtensions, config_parse_ipv6_privacy_extensions, 0, offsetof(Network, ipv6_privacy_extensions)
|
Network.IPMasquerade, config_parse_bool, 0, offsetof(Network, ip_masquerade)
|
||||||
Network.IPv6AcceptRA, config_parse_tristate, 0, offsetof(Network, ipv6_accept_ra)
|
Network.IPv6PrivacyExtensions, config_parse_ipv6_privacy_extensions, 0, offsetof(Network, ipv6_privacy_extensions)
|
||||||
Network.IPv6AcceptRouterAdvertisements, config_parse_tristate, 0, offsetof(Network, ipv6_accept_ra)
|
Network.IPv6AcceptRA, config_parse_tristate, 0, offsetof(Network, ipv6_accept_ra)
|
||||||
Network.IPv6DuplicateAddressDetection, config_parse_int, 0, offsetof(Network, ipv6_dad_transmits)
|
Network.IPv6AcceptRouterAdvertisements, config_parse_tristate, 0, offsetof(Network, ipv6_accept_ra)
|
||||||
Network.IPv6HopLimit, config_parse_int, 0, offsetof(Network, ipv6_hop_limit)
|
Network.IPv6DuplicateAddressDetection, config_parse_int, 0, offsetof(Network, ipv6_dad_transmits)
|
||||||
Network.IPv6ProxyNDP, config_parse_tristate, 0, offsetof(Network, ipv6_proxy_ndp)
|
Network.IPv6HopLimit, config_parse_int, 0, offsetof(Network, ipv6_hop_limit)
|
||||||
Network.IPv6MTUBytes, config_parse_mtu, AF_INET6, offsetof(Network, ipv6_mtu)
|
Network.IPv6ProxyNDP, config_parse_tristate, 0, offsetof(Network, ipv6_proxy_ndp)
|
||||||
Network.ActiveSlave, config_parse_bool, 0, offsetof(Network, active_slave)
|
Network.IPv6MTUBytes, config_parse_mtu, AF_INET6, offsetof(Network, ipv6_mtu)
|
||||||
Network.PrimarySlave, config_parse_bool, 0, offsetof(Network, primary_slave)
|
Network.ActiveSlave, config_parse_bool, 0, offsetof(Network, active_slave)
|
||||||
Network.IPv4ProxyARP, config_parse_tristate, 0, offsetof(Network, proxy_arp)
|
Network.PrimarySlave, config_parse_bool, 0, offsetof(Network, primary_slave)
|
||||||
Network.ProxyARP, config_parse_tristate, 0, offsetof(Network, proxy_arp)
|
Network.IPv4ProxyARP, config_parse_tristate, 0, offsetof(Network, proxy_arp)
|
||||||
Network.IPv6ProxyNDPAddress, config_parse_ipv6_proxy_ndp_address, 0, 0
|
Network.ProxyARP, config_parse_tristate, 0, offsetof(Network, proxy_arp)
|
||||||
Network.BindCarrier, config_parse_strv, 0, offsetof(Network, bind_carrier)
|
Network.IPv6ProxyNDPAddress, config_parse_ipv6_proxy_ndp_address, 0, 0
|
||||||
Network.ConfigureWithoutCarrier, config_parse_bool, 0, offsetof(Network, configure_without_carrier)
|
Network.BindCarrier, config_parse_strv, 0, offsetof(Network, bind_carrier)
|
||||||
Network.IgnoreCarrierLoss, config_parse_bool, 0, offsetof(Network, ignore_carrier_loss)
|
Network.ConfigureWithoutCarrier, config_parse_bool, 0, offsetof(Network, configure_without_carrier)
|
||||||
Address.Address, config_parse_address, 0, 0
|
Network.IgnoreCarrierLoss, config_parse_bool, 0, offsetof(Network, ignore_carrier_loss)
|
||||||
Address.Peer, config_parse_address, 0, 0
|
Address.Address, config_parse_address, 0, 0
|
||||||
Address.Broadcast, config_parse_broadcast, 0, 0
|
Address.Peer, config_parse_address, 0, 0
|
||||||
Address.Label, config_parse_label, 0, 0
|
Address.Broadcast, config_parse_broadcast, 0, 0
|
||||||
Address.PreferredLifetime, config_parse_lifetime, 0, 0
|
Address.Label, config_parse_label, 0, 0
|
||||||
Address.HomeAddress, config_parse_address_flags, 0, 0
|
Address.PreferredLifetime, config_parse_lifetime, 0, 0
|
||||||
Address.DuplicateAddressDetection, config_parse_address_flags, 0, 0
|
Address.HomeAddress, config_parse_address_flags, 0, 0
|
||||||
Address.ManageTemporaryAddress, config_parse_address_flags, 0, 0
|
Address.DuplicateAddressDetection, config_parse_address_flags, 0, 0
|
||||||
Address.PrefixRoute, config_parse_address_flags, 0, 0
|
Address.ManageTemporaryAddress, config_parse_address_flags, 0, 0
|
||||||
Address.AutoJoin, config_parse_address_flags, 0, 0
|
Address.PrefixRoute, config_parse_address_flags, 0, 0
|
||||||
Address.Scope, config_parse_address_scope, 0, 0
|
Address.AutoJoin, config_parse_address_flags, 0, 0
|
||||||
IPv6AddressLabel.Prefix, config_parse_address_label_prefix, 0, 0
|
Address.Scope, config_parse_address_scope, 0, 0
|
||||||
IPv6AddressLabel.Label, config_parse_address_label, 0, 0
|
IPv6AddressLabel.Prefix, config_parse_address_label_prefix, 0, 0
|
||||||
Neighbor.Address, config_parse_neighbor_address, 0, 0
|
IPv6AddressLabel.Label, config_parse_address_label, 0, 0
|
||||||
Neighbor.MACAddress, config_parse_neighbor_hwaddr, 0, 0
|
Neighbor.Address, config_parse_neighbor_address, 0, 0
|
||||||
RoutingPolicyRule.TypeOfService, config_parse_routing_policy_rule_tos, 0, 0
|
Neighbor.MACAddress, config_parse_neighbor_hwaddr, 0, 0
|
||||||
RoutingPolicyRule.Priority, config_parse_routing_policy_rule_priority, 0, 0
|
RoutingPolicyRule.TypeOfService, config_parse_routing_policy_rule_tos, 0, 0
|
||||||
RoutingPolicyRule.Table, config_parse_routing_policy_rule_table, 0, 0
|
RoutingPolicyRule.Priority, config_parse_routing_policy_rule_priority, 0, 0
|
||||||
RoutingPolicyRule.FirewallMark, config_parse_routing_policy_rule_fwmark_mask, 0, 0
|
RoutingPolicyRule.Table, config_parse_routing_policy_rule_table, 0, 0
|
||||||
RoutingPolicyRule.From, config_parse_routing_policy_rule_prefix, 0, 0
|
RoutingPolicyRule.FirewallMark, config_parse_routing_policy_rule_fwmark_mask, 0, 0
|
||||||
RoutingPolicyRule.To, config_parse_routing_policy_rule_prefix, 0, 0
|
RoutingPolicyRule.From, config_parse_routing_policy_rule_prefix, 0, 0
|
||||||
RoutingPolicyRule.IncomingInterface, config_parse_routing_policy_rule_device, 0, 0
|
RoutingPolicyRule.To, config_parse_routing_policy_rule_prefix, 0, 0
|
||||||
RoutingPolicyRule.OutgoingInterface, config_parse_routing_policy_rule_device, 0, 0
|
RoutingPolicyRule.IncomingInterface, config_parse_routing_policy_rule_device, 0, 0
|
||||||
RoutingPolicyRule.IPProtocol, config_parse_routing_policy_rule_ip_protocol, 0, 0
|
RoutingPolicyRule.OutgoingInterface, config_parse_routing_policy_rule_device, 0, 0
|
||||||
RoutingPolicyRule.SourcePort, config_parse_routing_policy_rule_port_range, 0, 0
|
RoutingPolicyRule.IPProtocol, config_parse_routing_policy_rule_ip_protocol, 0, 0
|
||||||
RoutingPolicyRule.DestinationPort, config_parse_routing_policy_rule_port_range, 0, 0
|
RoutingPolicyRule.SourcePort, config_parse_routing_policy_rule_port_range, 0, 0
|
||||||
RoutingPolicyRule.InvertRule, config_parse_routing_policy_rule_invert, 0, 0
|
RoutingPolicyRule.DestinationPort, config_parse_routing_policy_rule_port_range, 0, 0
|
||||||
Route.Gateway, config_parse_gateway, 0, 0
|
RoutingPolicyRule.InvertRule, config_parse_routing_policy_rule_invert, 0, 0
|
||||||
Route.Destination, config_parse_destination, 0, 0
|
Route.Gateway, config_parse_gateway, 0, 0
|
||||||
Route.Source, config_parse_destination, 0, 0
|
Route.Destination, config_parse_destination, 0, 0
|
||||||
Route.Metric, config_parse_route_priority, 0, 0
|
Route.Source, config_parse_destination, 0, 0
|
||||||
Route.Scope, config_parse_route_scope, 0, 0
|
Route.Metric, config_parse_route_priority, 0, 0
|
||||||
Route.PreferredSource, config_parse_preferred_src, 0, 0
|
Route.Scope, config_parse_route_scope, 0, 0
|
||||||
Route.Table, config_parse_route_table, 0, 0
|
Route.PreferredSource, config_parse_preferred_src, 0, 0
|
||||||
Route.MTUBytes, config_parse_route_mtu, AF_UNSPEC, 0
|
Route.Table, config_parse_route_table, 0, 0
|
||||||
Route.GatewayOnLink, config_parse_gateway_onlink, 0, 0
|
Route.MTUBytes, config_parse_route_mtu, AF_UNSPEC, 0
|
||||||
Route.GatewayOnlink, config_parse_gateway_onlink, 0, 0
|
Route.GatewayOnLink, config_parse_gateway_onlink, 0, 0
|
||||||
Route.IPv6Preference, config_parse_ipv6_route_preference, 0, 0
|
Route.GatewayOnlink, config_parse_gateway_onlink, 0, 0
|
||||||
Route.Protocol, config_parse_route_protocol, 0, 0
|
Route.IPv6Preference, config_parse_ipv6_route_preference, 0, 0
|
||||||
Route.Type, config_parse_route_type, 0, 0
|
Route.Protocol, config_parse_route_protocol, 0, 0
|
||||||
Route.InitialCongestionWindow, config_parse_tcp_window, 0, 0
|
Route.Type, config_parse_route_type, 0, 0
|
||||||
Route.InitialAdvertisedReceiveWindow, config_parse_tcp_window, 0, 0
|
Route.InitialCongestionWindow, config_parse_tcp_window, 0, 0
|
||||||
Route.QuickAck, config_parse_quickack, 0, 0
|
Route.InitialAdvertisedReceiveWindow, config_parse_tcp_window, 0, 0
|
||||||
DHCP.ClientIdentifier, config_parse_dhcp_client_identifier, 0, offsetof(Network, dhcp_client_identifier)
|
Route.QuickAck, config_parse_quickack, 0, 0
|
||||||
DHCP.UseDNS, config_parse_bool, 0, offsetof(Network, dhcp_use_dns)
|
DHCP.ClientIdentifier, config_parse_dhcp_client_identifier, 0, offsetof(Network, dhcp_client_identifier)
|
||||||
DHCP.UseNTP, config_parse_bool, 0, offsetof(Network, dhcp_use_ntp)
|
DHCP.UseDNS, config_parse_bool, 0, offsetof(Network, dhcp_use_dns)
|
||||||
DHCP.UseMTU, config_parse_bool, 0, offsetof(Network, dhcp_use_mtu)
|
DHCP.UseNTP, config_parse_bool, 0, offsetof(Network, dhcp_use_ntp)
|
||||||
DHCP.UseHostname, config_parse_bool, 0, offsetof(Network, dhcp_use_hostname)
|
DHCP.UseMTU, config_parse_bool, 0, offsetof(Network, dhcp_use_mtu)
|
||||||
DHCP.UseDomains, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
|
DHCP.UseHostname, config_parse_bool, 0, offsetof(Network, dhcp_use_hostname)
|
||||||
DHCP.UseRoutes, config_parse_bool, 0, offsetof(Network, dhcp_use_routes)
|
DHCP.UseDomains, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
|
||||||
DHCP.Anonymize, config_parse_bool, 0, offsetof(Network, dhcp_anonymize)
|
DHCP.UseRoutes, config_parse_bool, 0, offsetof(Network, dhcp_use_routes)
|
||||||
DHCP.SendHostname, config_parse_bool, 0, offsetof(Network, dhcp_send_hostname)
|
DHCP.Anonymize, config_parse_bool, 0, offsetof(Network, dhcp_anonymize)
|
||||||
DHCP.Hostname, config_parse_hostname, 0, offsetof(Network, dhcp_hostname)
|
DHCP.SendHostname, config_parse_bool, 0, offsetof(Network, dhcp_send_hostname)
|
||||||
DHCP.RequestBroadcast, config_parse_bool, 0, offsetof(Network, dhcp_broadcast)
|
DHCP.Hostname, config_parse_hostname, 0, offsetof(Network, dhcp_hostname)
|
||||||
DHCP.CriticalConnection, config_parse_bool, 0, offsetof(Network, dhcp_critical)
|
DHCP.RequestBroadcast, config_parse_bool, 0, offsetof(Network, dhcp_broadcast)
|
||||||
DHCP.VendorClassIdentifier, config_parse_string, 0, offsetof(Network, dhcp_vendor_class_identifier)
|
DHCP.CriticalConnection, config_parse_bool, 0, offsetof(Network, dhcp_critical)
|
||||||
DHCP.UserClass, config_parse_dhcp_user_class, 0, offsetof(Network, dhcp_user_class)
|
DHCP.VendorClassIdentifier, config_parse_string, 0, offsetof(Network, dhcp_vendor_class_identifier)
|
||||||
DHCP.DUIDType, config_parse_duid_type, 0, offsetof(Network, duid)
|
DHCP.UserClass, config_parse_dhcp_user_class, 0, offsetof(Network, dhcp_user_class)
|
||||||
DHCP.DUIDRawData, config_parse_duid_rawdata, 0, offsetof(Network, duid)
|
DHCP.DUIDType, config_parse_duid_type, 0, offsetof(Network, duid)
|
||||||
DHCP.RouteMetric, config_parse_unsigned, 0, offsetof(Network, dhcp_route_metric)
|
DHCP.DUIDRawData, config_parse_duid_rawdata, 0, offsetof(Network, duid)
|
||||||
DHCP.RouteTable, config_parse_section_route_table, 0, 0
|
DHCP.RouteMetric, config_parse_unsigned, 0, offsetof(Network, dhcp_route_metric)
|
||||||
DHCP.UseTimezone, config_parse_bool, 0, offsetof(Network, dhcp_use_timezone)
|
DHCP.RouteTable, config_parse_section_route_table, 0, 0
|
||||||
DHCP.IAID, config_parse_iaid, 0, 0
|
DHCP.UseTimezone, config_parse_bool, 0, offsetof(Network, dhcp_use_timezone)
|
||||||
DHCP.ListenPort, config_parse_uint16, 0, offsetof(Network, dhcp_client_port)
|
DHCP.IAID, config_parse_iaid, 0, 0
|
||||||
DHCP.RapidCommit, config_parse_bool, 0, offsetof(Network, rapid_commit)
|
DHCP.ListenPort, config_parse_uint16, 0, offsetof(Network, dhcp_client_port)
|
||||||
DHCP.ForceDHCPv6PDOtherInformation, config_parse_bool, 0, offsetof(Network, dhcp6_force_pd_other_information)
|
DHCP.RapidCommit, config_parse_bool, 0, offsetof(Network, rapid_commit)
|
||||||
IPv6AcceptRA.UseAutonomousPrefix, config_parse_bool, 0, offsetof(Network, ipv6_accept_ra_use_autonomous_prefix)
|
DHCP.ForceDHCPv6PDOtherInformation, config_parse_bool, 0, offsetof(Network, dhcp6_force_pd_other_information)
|
||||||
IPv6AcceptRA.UseOnLinkPrefix, config_parse_bool, 0, offsetof(Network, ipv6_accept_ra_use_onlink_prefix)
|
IPv6AcceptRA.UseAutonomousPrefix, config_parse_bool, 0, offsetof(Network, ipv6_accept_ra_use_autonomous_prefix)
|
||||||
IPv6AcceptRA.UseDNS, config_parse_bool, 0, offsetof(Network, ipv6_accept_ra_use_dns)
|
IPv6AcceptRA.UseOnLinkPrefix, config_parse_bool, 0, offsetof(Network, ipv6_accept_ra_use_onlink_prefix)
|
||||||
IPv6AcceptRA.UseDomains, config_parse_dhcp_use_domains, 0, offsetof(Network, ipv6_accept_ra_use_domains)
|
IPv6AcceptRA.UseDNS, config_parse_bool, 0, offsetof(Network, ipv6_accept_ra_use_dns)
|
||||||
IPv6AcceptRA.RouteTable, config_parse_section_route_table, 0, 0
|
IPv6AcceptRA.UseDomains, config_parse_dhcp_use_domains, 0, offsetof(Network, ipv6_accept_ra_use_domains)
|
||||||
DHCPServer.MaxLeaseTimeSec, config_parse_sec, 0, offsetof(Network, dhcp_server_max_lease_time_usec)
|
IPv6AcceptRA.RouteTable, config_parse_section_route_table, 0, 0
|
||||||
DHCPServer.DefaultLeaseTimeSec, config_parse_sec, 0, offsetof(Network, dhcp_server_default_lease_time_usec)
|
DHCPServer.MaxLeaseTimeSec, config_parse_sec, 0, offsetof(Network, dhcp_server_max_lease_time_usec)
|
||||||
DHCPServer.EmitDNS, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_dns)
|
DHCPServer.DefaultLeaseTimeSec, config_parse_sec, 0, offsetof(Network, dhcp_server_default_lease_time_usec)
|
||||||
DHCPServer.DNS, config_parse_dhcp_server_dns, 0, 0
|
DHCPServer.EmitDNS, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_dns)
|
||||||
DHCPServer.EmitNTP, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_ntp)
|
DHCPServer.DNS, config_parse_dhcp_server_dns, 0, 0
|
||||||
DHCPServer.NTP, config_parse_dhcp_server_ntp, 0, 0
|
DHCPServer.EmitNTP, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_ntp)
|
||||||
DHCPServer.EmitRouter, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_router)
|
DHCPServer.NTP, config_parse_dhcp_server_ntp, 0, 0
|
||||||
DHCPServer.EmitTimezone, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_timezone)
|
DHCPServer.EmitRouter, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_router)
|
||||||
DHCPServer.Timezone, config_parse_timezone, 0, offsetof(Network, dhcp_server_timezone)
|
DHCPServer.EmitTimezone, config_parse_bool, 0, offsetof(Network, dhcp_server_emit_timezone)
|
||||||
DHCPServer.PoolOffset, config_parse_uint32, 0, offsetof(Network, dhcp_server_pool_offset)
|
DHCPServer.Timezone, config_parse_timezone, 0, offsetof(Network, dhcp_server_timezone)
|
||||||
DHCPServer.PoolSize, config_parse_uint32, 0, offsetof(Network, dhcp_server_pool_size)
|
DHCPServer.PoolOffset, config_parse_uint32, 0, offsetof(Network, dhcp_server_pool_offset)
|
||||||
Bridge.Cost, config_parse_uint32, 0, offsetof(Network, cost)
|
DHCPServer.PoolSize, config_parse_uint32, 0, offsetof(Network, dhcp_server_pool_size)
|
||||||
Bridge.UseBPDU, config_parse_tristate, 0, offsetof(Network, use_bpdu)
|
Bridge.Cost, config_parse_uint32, 0, offsetof(Network, cost)
|
||||||
Bridge.HairPin, config_parse_tristate, 0, offsetof(Network, hairpin)
|
Bridge.UseBPDU, config_parse_tristate, 0, offsetof(Network, use_bpdu)
|
||||||
Bridge.FastLeave, config_parse_tristate, 0, offsetof(Network, fast_leave)
|
Bridge.HairPin, config_parse_tristate, 0, offsetof(Network, hairpin)
|
||||||
Bridge.AllowPortToBeRoot, config_parse_tristate, 0, offsetof(Network, allow_port_to_be_root)
|
Bridge.FastLeave, config_parse_tristate, 0, offsetof(Network, fast_leave)
|
||||||
Bridge.UnicastFlood, config_parse_tristate, 0, offsetof(Network, unicast_flood)
|
Bridge.AllowPortToBeRoot, config_parse_tristate, 0, offsetof(Network, allow_port_to_be_root)
|
||||||
Bridge.MulticastFlood, config_parse_tristate, 0, offsetof(Network, multicast_flood)
|
Bridge.UnicastFlood, config_parse_tristate, 0, offsetof(Network, unicast_flood)
|
||||||
Bridge.MulticastToUnicast, config_parse_tristate, 0, offsetof(Network, multicast_to_unicast)
|
Bridge.MulticastFlood, config_parse_tristate, 0, offsetof(Network, multicast_flood)
|
||||||
Bridge.NeighborSuppression, config_parse_tristate, 0, offsetof(Network, neighbor_suppression)
|
Bridge.MulticastToUnicast, config_parse_tristate, 0, offsetof(Network, multicast_to_unicast)
|
||||||
Bridge.Learning, config_parse_tristate, 0, offsetof(Network, learning)
|
Bridge.NeighborSuppression, config_parse_tristate, 0, offsetof(Network, neighbor_suppression)
|
||||||
Bridge.Priority, config_parse_bridge_port_priority, 0, offsetof(Network, priority)
|
Bridge.Learning, config_parse_tristate, 0, offsetof(Network, learning)
|
||||||
BridgeFDB.MACAddress, config_parse_fdb_hwaddr, 0, 0
|
Bridge.Priority, config_parse_bridge_port_priority, 0, offsetof(Network, priority)
|
||||||
BridgeFDB.VLANId, config_parse_fdb_vlan_id, 0, 0
|
BridgeFDB.MACAddress, config_parse_fdb_hwaddr, 0, 0
|
||||||
BridgeVLAN.PVID, config_parse_brvlan_pvid, 0, 0
|
BridgeFDB.VLANId, config_parse_fdb_vlan_id, 0, 0
|
||||||
BridgeVLAN.VLAN, config_parse_brvlan_vlan, 0, 0
|
BridgeVLAN.PVID, config_parse_brvlan_pvid, 0, 0
|
||||||
BridgeVLAN.EgressUntagged, config_parse_brvlan_untagged, 0, 0
|
BridgeVLAN.VLAN, config_parse_brvlan_vlan, 0, 0
|
||||||
Network.IPv6PrefixDelegation, config_parse_router_prefix_delegation, 0, 0
|
BridgeVLAN.EgressUntagged, config_parse_brvlan_untagged, 0, 0
|
||||||
IPv6PrefixDelegation.RouterLifetimeSec, config_parse_sec, 0, offsetof(Network, router_lifetime_usec)
|
Network.IPv6PrefixDelegation, config_parse_router_prefix_delegation, 0, 0
|
||||||
IPv6PrefixDelegation.Managed, config_parse_bool, 0, offsetof(Network, router_managed)
|
IPv6PrefixDelegation.RouterLifetimeSec, config_parse_sec, 0, offsetof(Network, router_lifetime_usec)
|
||||||
IPv6PrefixDelegation.OtherInformation, config_parse_bool, 0, offsetof(Network, router_other_information)
|
IPv6PrefixDelegation.Managed, config_parse_bool, 0, offsetof(Network, router_managed)
|
||||||
IPv6PrefixDelegation.RouterPreference, config_parse_router_preference, 0, 0
|
IPv6PrefixDelegation.OtherInformation, config_parse_bool, 0, offsetof(Network, router_other_information)
|
||||||
IPv6PrefixDelegation.EmitDNS, config_parse_bool, 0, offsetof(Network, router_emit_dns)
|
IPv6PrefixDelegation.RouterPreference, config_parse_router_preference, 0, 0
|
||||||
IPv6PrefixDelegation.DNS, config_parse_radv_dns, 0, 0
|
IPv6PrefixDelegation.EmitDNS, config_parse_bool, 0, offsetof(Network, router_emit_dns)
|
||||||
IPv6PrefixDelegation.EmitDomains, config_parse_bool, 0, offsetof(Network, router_emit_domains)
|
IPv6PrefixDelegation.DNS, config_parse_radv_dns, 0, 0
|
||||||
IPv6PrefixDelegation.Domains, config_parse_radv_search_domains, 0, 0
|
IPv6PrefixDelegation.EmitDomains, config_parse_bool, 0, offsetof(Network, router_emit_domains)
|
||||||
IPv6PrefixDelegation.DNSLifetimeSec, config_parse_sec, 0, offsetof(Network, router_dns_lifetime_usec)
|
IPv6PrefixDelegation.Domains, config_parse_radv_search_domains, 0, 0
|
||||||
IPv6Prefix.Prefix, config_parse_prefix, 0, 0
|
IPv6PrefixDelegation.DNSLifetimeSec, config_parse_sec, 0, offsetof(Network, router_dns_lifetime_usec)
|
||||||
IPv6Prefix.OnLink, config_parse_prefix_flags, 0, 0
|
IPv6Prefix.Prefix, config_parse_prefix, 0, 0
|
||||||
IPv6Prefix.AddressAutoconfiguration, config_parse_prefix_flags, 0, 0
|
IPv6Prefix.OnLink, config_parse_prefix_flags, 0, 0
|
||||||
IPv6Prefix.ValidLifetimeSec, config_parse_prefix_lifetime, 0, 0
|
IPv6Prefix.AddressAutoconfiguration, config_parse_prefix_flags, 0, 0
|
||||||
IPv6Prefix.PreferredLifetimeSec, config_parse_prefix_lifetime, 0, 0
|
IPv6Prefix.ValidLifetimeSec, config_parse_prefix_lifetime, 0, 0
|
||||||
CAN.BitRate, config_parse_si_size, 0, offsetof(Network, can_bitrate)
|
IPv6Prefix.PreferredLifetimeSec, config_parse_prefix_lifetime, 0, 0
|
||||||
CAN.SamplePoint, config_parse_permille, 0, offsetof(Network, can_sample_point)
|
CAN.BitRate, config_parse_si_size, 0, offsetof(Network, can_bitrate)
|
||||||
CAN.RestartSec, config_parse_sec, 0, offsetof(Network, can_restart_us)
|
CAN.SamplePoint, config_parse_permille, 0, offsetof(Network, can_sample_point)
|
||||||
CAN.TripleSampling, config_parse_tristate, 0, offsetof(Network, can_triple_sampling)
|
CAN.RestartSec, config_parse_sec, 0, offsetof(Network, can_restart_us)
|
||||||
|
CAN.TripleSampling, config_parse_tristate, 0, offsetof(Network, can_triple_sampling)
|
||||||
/* backwards compatibility: do not add new entries to this section */
|
/* backwards compatibility: do not add new entries to this section */
|
||||||
Network.IPv4LL, config_parse_ipv4ll, 0, offsetof(Network, link_local)
|
Network.IPv4LL, config_parse_ipv4ll, 0, offsetof(Network, link_local)
|
||||||
DHCPv4.UseDNS, config_parse_bool, 0, offsetof(Network, dhcp_use_dns)
|
DHCPv4.UseDNS, config_parse_bool, 0, offsetof(Network, dhcp_use_dns)
|
||||||
DHCPv4.UseMTU, config_parse_bool, 0, offsetof(Network, dhcp_use_mtu)
|
DHCPv4.UseMTU, config_parse_bool, 0, offsetof(Network, dhcp_use_mtu)
|
||||||
DHCPv4.UseHostname, config_parse_bool, 0, offsetof(Network, dhcp_use_hostname)
|
DHCPv4.UseHostname, config_parse_bool, 0, offsetof(Network, dhcp_use_hostname)
|
||||||
DHCP.UseDomainName, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
|
DHCP.UseDomainName, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
|
||||||
DHCPv4.UseDomainName, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
|
DHCPv4.UseDomainName, config_parse_dhcp_use_domains, 0, offsetof(Network, dhcp_use_domains)
|
||||||
DHCPv4.CriticalConnection, config_parse_bool, 0, offsetof(Network, dhcp_critical)
|
DHCPv4.CriticalConnection, config_parse_bool, 0, offsetof(Network, dhcp_critical)
|
||||||
|
@ -687,7 +687,7 @@ int config_parse_stacked_netdev(const char *unit,
|
|||||||
assert(IN_SET(kind,
|
assert(IN_SET(kind,
|
||||||
NETDEV_KIND_VLAN, NETDEV_KIND_MACVLAN, NETDEV_KIND_MACVTAP,
|
NETDEV_KIND_VLAN, NETDEV_KIND_MACVLAN, NETDEV_KIND_MACVTAP,
|
||||||
NETDEV_KIND_IPVLAN, NETDEV_KIND_VXLAN, NETDEV_KIND_L2TP,
|
NETDEV_KIND_IPVLAN, NETDEV_KIND_VXLAN, NETDEV_KIND_L2TP,
|
||||||
_NETDEV_KIND_TUNNEL));
|
NETDEV_KIND_MACSEC, _NETDEV_KIND_TUNNEL));
|
||||||
|
|
||||||
if (!ifname_valid(rvalue)) {
|
if (!ifname_valid(rvalue)) {
|
||||||
log_syntax(unit, LOG_ERR, filename, line, 0,
|
log_syntax(unit, LOG_ERR, filename, line, 0,
|
||||||
|
@ -40,6 +40,7 @@ typedef enum sd_gen_family {
|
|||||||
SD_GENL_WIREGUARD,
|
SD_GENL_WIREGUARD,
|
||||||
SD_GENL_FOU,
|
SD_GENL_FOU,
|
||||||
SD_GENL_L2TP,
|
SD_GENL_L2TP,
|
||||||
|
SD_GENL_MACSEC,
|
||||||
} sd_genl_family;
|
} sd_genl_family;
|
||||||
|
|
||||||
/* callback */
|
/* callback */
|
||||||
@ -81,6 +82,7 @@ int sd_netlink_message_append_flag(sd_netlink_message *m, unsigned short type);
|
|||||||
int sd_netlink_message_append_u8(sd_netlink_message *m, unsigned short type, uint8_t data);
|
int sd_netlink_message_append_u8(sd_netlink_message *m, unsigned short type, uint8_t data);
|
||||||
int sd_netlink_message_append_u16(sd_netlink_message *m, unsigned short type, uint16_t data);
|
int sd_netlink_message_append_u16(sd_netlink_message *m, unsigned short type, uint16_t data);
|
||||||
int sd_netlink_message_append_u32(sd_netlink_message *m, unsigned short type, uint32_t data);
|
int sd_netlink_message_append_u32(sd_netlink_message *m, unsigned short type, uint32_t data);
|
||||||
|
int sd_netlink_message_append_u64(sd_netlink_message *m, unsigned short type, uint64_t data);
|
||||||
int sd_netlink_message_append_data(sd_netlink_message *m, unsigned short type, const void *data, size_t len);
|
int sd_netlink_message_append_data(sd_netlink_message *m, unsigned short type, const void *data, size_t len);
|
||||||
int sd_netlink_message_append_in_addr(sd_netlink_message *m, unsigned short type, const struct in_addr *data);
|
int sd_netlink_message_append_in_addr(sd_netlink_message *m, unsigned short type, const struct in_addr *data);
|
||||||
int sd_netlink_message_append_in6_addr(sd_netlink_message *m, unsigned short type, const struct in6_addr *data);
|
int sd_netlink_message_append_in6_addr(sd_netlink_message *m, unsigned short type, const struct in6_addr *data);
|
||||||
|
@ -174,3 +174,24 @@ SessionId=
|
|||||||
PeerSessionId=
|
PeerSessionId=
|
||||||
Layer2SpecificHeader=
|
Layer2SpecificHeader=
|
||||||
Name=
|
Name=
|
||||||
|
[MACSEC]
|
||||||
|
Port=
|
||||||
|
Encrypt=
|
||||||
|
[MACsecReceiveAssociation]
|
||||||
|
Port=
|
||||||
|
MACAddress=
|
||||||
|
PacketNumber=
|
||||||
|
KeyId=
|
||||||
|
Key=
|
||||||
|
KeyFile=
|
||||||
|
Activate=
|
||||||
|
UseForEncoding=
|
||||||
|
[MACsecReceiveChannel]
|
||||||
|
Port=
|
||||||
|
MACAddress=
|
||||||
|
[MACsecTransmitAssociation]
|
||||||
|
PacketNumber=
|
||||||
|
KeyId=
|
||||||
|
Key=
|
||||||
|
KeyFile=
|
||||||
|
Activate=
|
||||||
|
@ -111,6 +111,7 @@ IPv6Token=
|
|||||||
Description=
|
Description=
|
||||||
VXLAN=
|
VXLAN=
|
||||||
L2TP=
|
L2TP=
|
||||||
|
MACsec=
|
||||||
LinkLocalAddressing=
|
LinkLocalAddressing=
|
||||||
ConfigureWithoutCarrier=
|
ConfigureWithoutCarrier=
|
||||||
NTP=
|
NTP=
|
||||||
|
1
test/test-network/conf/25-macsec.key
Normal file
1
test/test-network/conf/25-macsec.key
Normal file
@ -0,0 +1 @@
|
|||||||
|
85858585858585858585858585858585
|
68
test/test-network/conf/25-macsec.netdev
Normal file
68
test/test-network/conf/25-macsec.netdev
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
[NetDev]
|
||||||
|
Name=macsec99
|
||||||
|
Kind=macsec
|
||||||
|
|
||||||
|
[MACsec]
|
||||||
|
Port=11
|
||||||
|
Encrypt=yes
|
||||||
|
|
||||||
|
[MACsecTransmitAssociation]
|
||||||
|
PacketNumber=1024
|
||||||
|
KeyId=01
|
||||||
|
Key=81818181818181818181818181818181
|
||||||
|
Activate=yes
|
||||||
|
|
||||||
|
[MACsecTransmitAssociation]
|
||||||
|
PacketNumber=512
|
||||||
|
KeyId=0203
|
||||||
|
Key=82828282828282828282828282828282
|
||||||
|
UseForEncoding=yes
|
||||||
|
|
||||||
|
[MACsecReceiveChannel]
|
||||||
|
Port=2
|
||||||
|
MACAddress=8c:16:45:6c:83:a9
|
||||||
|
|
||||||
|
[MACsecReceiveAssociation]
|
||||||
|
Port=2
|
||||||
|
MACAddress=8c:16:45:6c:83:a9
|
||||||
|
PacketNumber=16
|
||||||
|
KeyId=020304
|
||||||
|
Key=83838383838383838383838383838383
|
||||||
|
|
||||||
|
[MACsecReceiveAssociation]
|
||||||
|
Port=256
|
||||||
|
MACAddress=c6:19:52:8f:e6:a0
|
||||||
|
PacketNumber=32
|
||||||
|
KeyId=02030405
|
||||||
|
Key=84848484848484848484848484848484
|
||||||
|
Activate=yes
|
||||||
|
|
||||||
|
[MACsecReceiveAssociation]
|
||||||
|
Port=256
|
||||||
|
MACAddress=c6:19:52:8f:e6:a0
|
||||||
|
PacketNumber=128
|
||||||
|
KeyId=0203040506
|
||||||
|
KeyFile=/run/systemd/network/25-macsec.key
|
||||||
|
Activate=yes
|
||||||
|
|
||||||
|
[MACsecReceiveAssociation]
|
||||||
|
Port=256
|
||||||
|
MACAddress=c6:19:52:8f:e6:a0
|
||||||
|
KeyId=020304050607
|
||||||
|
Key=86868686868686868686868686868686
|
||||||
|
Activate=no
|
||||||
|
|
||||||
|
[MACsecReceiveAssociation]
|
||||||
|
Port=256
|
||||||
|
MACAddress=c6:19:52:8f:e6:a0
|
||||||
|
KeyId=02030405060708
|
||||||
|
Key=87878787878787878787878787878787
|
||||||
|
Activate=no
|
||||||
|
|
||||||
|
[MACsecReceiveAssociation]
|
||||||
|
# This section should be dropped.
|
||||||
|
Port=256
|
||||||
|
MACAddress=c6:19:52:8f:e6:a0
|
||||||
|
KeyId=0203040506070809
|
||||||
|
Key=88888888888888888888888888888888
|
||||||
|
Activate=no
|
6
test/test-network/conf/25-macsec.network
Normal file
6
test/test-network/conf/25-macsec.network
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
[Match]
|
||||||
|
Name=macsec99
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
IPv6AcceptRA=no
|
||||||
|
Address=10.1.2.3/16
|
9
test/test-network/conf/macsec.network
Normal file
9
test/test-network/conf/macsec.network
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
[Match]
|
||||||
|
Name=dummy98
|
||||||
|
|
||||||
|
[Link]
|
||||||
|
MACAddress=00:50:56:c0:00:19
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
IPv6AcceptRA=no
|
||||||
|
MACsec=macsec99
|
@ -290,6 +290,9 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
|
|||||||
'25-ipip-tunnel.netdev',
|
'25-ipip-tunnel.netdev',
|
||||||
'25-ipvlan.netdev',
|
'25-ipvlan.netdev',
|
||||||
'25-isatap-tunnel.netdev',
|
'25-isatap-tunnel.netdev',
|
||||||
|
'25-macsec.key',
|
||||||
|
'25-macsec.netdev',
|
||||||
|
'25-macsec.network',
|
||||||
'25-sit-tunnel-local-any.netdev',
|
'25-sit-tunnel-local-any.netdev',
|
||||||
'25-sit-tunnel-remote-any.netdev',
|
'25-sit-tunnel-remote-any.netdev',
|
||||||
'25-sit-tunnel.netdev',
|
'25-sit-tunnel.netdev',
|
||||||
@ -322,6 +325,7 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
|
|||||||
'ipip.network',
|
'ipip.network',
|
||||||
'ipvlan.network',
|
'ipvlan.network',
|
||||||
'isatap.network',
|
'isatap.network',
|
||||||
|
'macsec.network',
|
||||||
'macvlan.network',
|
'macvlan.network',
|
||||||
'macvtap.network',
|
'macvtap.network',
|
||||||
'sit.network',
|
'sit.network',
|
||||||
@ -875,6 +879,35 @@ class NetworkdNetDevTests(unittest.TestCase, Utilities):
|
|||||||
self.assertRegex(output, 'remcsumrx')
|
self.assertRegex(output, 'remcsumrx')
|
||||||
self.assertRegex(output, 'gbp')
|
self.assertRegex(output, 'gbp')
|
||||||
|
|
||||||
|
def test_macsec(self):
|
||||||
|
self.copy_unit_to_networkd_unit_path('25-macsec.netdev', '25-macsec.network', '25-macsec.key',
|
||||||
|
'macsec.network', '12-dummy.netdev')
|
||||||
|
self.start_networkd(0)
|
||||||
|
|
||||||
|
self.wait_online(['dummy98:degraded', 'macsec99:routable'])
|
||||||
|
|
||||||
|
output = subprocess.check_output(['ip', '-d', 'link', 'show', 'macsec99']).rstrip().decode('utf-8')
|
||||||
|
print(output)
|
||||||
|
self.assertRegex(output, 'macsec99@dummy98')
|
||||||
|
self.assertRegex(output, 'macsec sci [0-9a-f]*000b')
|
||||||
|
self.assertRegex(output, 'encrypt on')
|
||||||
|
|
||||||
|
output = subprocess.check_output(['ip', 'macsec', 'show', 'macsec99']).rstrip().decode('utf-8')
|
||||||
|
print(output)
|
||||||
|
self.assertRegex(output, 'encrypt on')
|
||||||
|
self.assertRegex(output, 'TXSC: [0-9a-f]*000b on SA 1')
|
||||||
|
self.assertRegex(output, '0: PN [0-9]*, state on, key 01000000000000000000000000000000')
|
||||||
|
self.assertRegex(output, '1: PN [0-9]*, state on, key 02030000000000000000000000000000')
|
||||||
|
self.assertRegex(output, 'RXSC: c619528fe6a00100, state on')
|
||||||
|
self.assertRegex(output, '0: PN [0-9]*, state on, key 02030405000000000000000000000000')
|
||||||
|
self.assertRegex(output, '1: PN [0-9]*, state on, key 02030405060000000000000000000000')
|
||||||
|
self.assertRegex(output, '2: PN [0-9]*, state off, key 02030405060700000000000000000000')
|
||||||
|
self.assertRegex(output, '3: PN [0-9]*, state off, key 02030405060708000000000000000000')
|
||||||
|
self.assertNotRegex(output, 'key 02030405067080900000000000000000')
|
||||||
|
self.assertRegex(output, 'RXSC: 8c16456c83a90002, state on')
|
||||||
|
self.assertRegex(output, '0: PN [0-9]*, state off, key 02030400000000000000000000000000')
|
||||||
|
|
||||||
|
|
||||||
class NetworkdL2TPTests(unittest.TestCase, Utilities):
|
class NetworkdL2TPTests(unittest.TestCase, Utilities):
|
||||||
|
|
||||||
links =[
|
links =[
|
||||||
|
Loading…
Reference in New Issue
Block a user