mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-24 21:34:08 +03:00
Merge pull request #41 from mischief/ipforwarding
networkd: create "kernel" setting for IPForwarding
This commit is contained in:
commit
cfe907ab6e
@ -366,7 +366,8 @@
|
|||||||
the routing table. Takes either a boolean argument, or the
|
the routing table. Takes either a boolean argument, or the
|
||||||
values <literal>ipv4</literal> or <literal>ipv6</literal>,
|
values <literal>ipv4</literal> or <literal>ipv6</literal>,
|
||||||
which only enables IP forwarding for the specified address
|
which only enables IP forwarding for the specified address
|
||||||
family. This controls the
|
family, or <literal>kernel</literal>, which preserves existing sysctl settings.
|
||||||
|
This controls the
|
||||||
<filename>net.ipv4.conf.<interface>.forwarding</filename>
|
<filename>net.ipv4.conf.<interface>.forwarding</filename>
|
||||||
and
|
and
|
||||||
<filename>net.ipv6.conf.<interface>.forwarding</filename>
|
<filename>net.ipv6.conf.<interface>.forwarding</filename>
|
||||||
@ -375,8 +376,8 @@
|
|||||||
for details about sysctl options). Defaults to
|
for details about sysctl options). Defaults to
|
||||||
<literal>no</literal>.</para>
|
<literal>no</literal>.</para>
|
||||||
|
|
||||||
<para>Note: unless this option is turned on, no IP
|
<para>Note: unless this option is turned on, or set to <literal>kernel</literal>,
|
||||||
forwarding is done on this interface, even if this is
|
no IP forwarding is done on this interface, even if this is
|
||||||
globally turned on in the kernel, with the
|
globally turned on in the kernel, with the
|
||||||
<filename>net.ipv4.ip_forward</filename> and
|
<filename>net.ipv4.ip_forward</filename> and
|
||||||
<filename>net.ipv4.ip_forward</filename> sysctl
|
<filename>net.ipv4.ip_forward</filename> sysctl
|
||||||
|
@ -1481,6 +1481,9 @@ static int link_set_ipv4_forward(Link *link) {
|
|||||||
const char *p = NULL;
|
const char *p = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
if (link->network->ip_forward == ADDRESS_FAMILY_KERNEL)
|
||||||
|
return 0;
|
||||||
|
|
||||||
p = strjoina("/proc/sys/net/ipv4/conf/", link->ifname, "/forwarding");
|
p = strjoina("/proc/sys/net/ipv4/conf/", link->ifname, "/forwarding");
|
||||||
r = write_string_file_no_create(p, one_zero(link_ipv4_forward_enabled(link)));
|
r = write_string_file_no_create(p, one_zero(link_ipv4_forward_enabled(link)));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
@ -1497,6 +1500,9 @@ static int link_set_ipv6_forward(Link *link) {
|
|||||||
if (!socket_ipv6_is_supported())
|
if (!socket_ipv6_is_supported())
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
if (link->network->ip_forward == ADDRESS_FAMILY_KERNEL)
|
||||||
|
return 0;
|
||||||
|
|
||||||
p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/forwarding");
|
p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/forwarding");
|
||||||
r = write_string_file_no_create(p, one_zero(link_ipv6_forward_enabled(link)));
|
r = write_string_file_no_create(p, one_zero(link_ipv6_forward_enabled(link)));
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -853,6 +853,8 @@ const char *address_family_boolean_to_string(AddressFamilyBoolean b) {
|
|||||||
return "ipv4";
|
return "ipv4";
|
||||||
if (b == ADDRESS_FAMILY_IPV6)
|
if (b == ADDRESS_FAMILY_IPV6)
|
||||||
return "ipv6";
|
return "ipv6";
|
||||||
|
if (b == ADDRESS_FAMILY_KERNEL)
|
||||||
|
return "kernel";
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -872,6 +874,8 @@ AddressFamilyBoolean address_family_boolean_from_string(const char *s) {
|
|||||||
return ADDRESS_FAMILY_IPV4;
|
return ADDRESS_FAMILY_IPV4;
|
||||||
if (streq(s, "ipv6"))
|
if (streq(s, "ipv6"))
|
||||||
return ADDRESS_FAMILY_IPV6;
|
return ADDRESS_FAMILY_IPV6;
|
||||||
|
if (streq(s, "kernel"))
|
||||||
|
return ADDRESS_FAMILY_KERNEL;
|
||||||
|
|
||||||
return _ADDRESS_FAMILY_BOOLEAN_INVALID;
|
return _ADDRESS_FAMILY_BOOLEAN_INVALID;
|
||||||
}
|
}
|
||||||
|
@ -60,6 +60,7 @@ typedef enum AddressFamilyBoolean {
|
|||||||
ADDRESS_FAMILY_IPV4 = 1,
|
ADDRESS_FAMILY_IPV4 = 1,
|
||||||
ADDRESS_FAMILY_IPV6 = 2,
|
ADDRESS_FAMILY_IPV6 = 2,
|
||||||
ADDRESS_FAMILY_YES = 3,
|
ADDRESS_FAMILY_YES = 3,
|
||||||
|
ADDRESS_FAMILY_KERNEL = 4,
|
||||||
_ADDRESS_FAMILY_BOOLEAN_MAX,
|
_ADDRESS_FAMILY_BOOLEAN_MAX,
|
||||||
_ADDRESS_FAMILY_BOOLEAN_INVALID = -1,
|
_ADDRESS_FAMILY_BOOLEAN_INVALID = -1,
|
||||||
} AddressFamilyBoolean;
|
} AddressFamilyBoolean;
|
||||||
|
Loading…
Reference in New Issue
Block a user