shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Code
40,655 Commits 36 Branches 656 Tags 226 MiB
44005bfb4e
Commit Graph

273 Commits

Author SHA1 Message Date
Yu Watanabe
44005bfb4e network,udev: add Property= setting in [Match] section 
Closes #5665.
 2019-07-01 01:24:42 +09:00
Iwan Timmer
4310bfc20b resolved: add strict mode for DNS-over-TLS 
Add strict mode for DNS-over-TLS, which will require TLS support from the server. Closes #10755
 2019-06-19 13:10:44 +02:00
Yu Watanabe
c98d78d32a man: add documentation about KeepConfiguration 2019-06-06 22:50:29 +09:00
Susant Sahani
e520ce6440 networkd: Ability to selectively ignore IPv6 prefixes supplied via router advertisement 
Closes https://github.com/systemd/systemd/issues/10647
 2019-05-19 22:23:06 +09:00
Yu Watanabe
ad2997a7b0 man: move Blacklist= in [DHCP] section 2019-05-18 12:27:27 +09:00
Susant Sahani
9b88f20aba networkd: route add MPLS TTL propagate 2019-05-18 10:30:41 +09:00
Yu Watanabe
5d5003ab35 network: add DefaultRouteOnDevice= setting in [Network] section 
When enabled, then default route bound to the interface will be created.
This is useful when adding routes on point-to-point interfaces.

Closes #788.
 2019-05-15 12:44:30 +09:00
Yu Watanabe
6e114a2475
Merge pull request #12555 from ssahani/route-properties 
networkd: route add support to configure fastopen_no_cookie
 2019-05-14 09:03:52 +02:00
Susant Sahani
1501b429a9 networkd: DHCP client add support to send RELEASE packet 
closes #10820
 2019-05-14 09:03:01 +02:00
Susant Sahani
633c725865 networkd: route add support to configure fastopen_no_cookie 
This patch adds fastopen_no_cookie option to enable/disable TCP fastopen
without a cookie on a per-route basis.
 2019-05-14 08:08:36 +05:30
Susant Sahani
bdb397ed10 networkd: bridge FDB support more NTF_* flags 
Add support to configure NTF_ROUTER and NTF_USE
 2019-05-14 02:24:51 +02:00
Yu Watanabe
5af7bc6f4c
Merge pull request #12480 from ssahani/proxy-arp 
network: bridge add support to configure proxy ARP/WIFI
 2019-05-10 15:30:41 +02:00
Susant Sahani
727b573418 networkd: Add support for blacklisting servers 
closes #6260

fuzzer: Add DHCP support for blacklisting servers
 2019-05-10 15:29:55 +02:00
Susant Sahani
0fadb2a46f network: add support to configure proxy ARP/WIFI 2019-05-09 15:03:04 +09:00
Susant Sahani
1087623bac networkd: Add support to configure proxy ARP and proxy ARP Wifi 2019-05-09 01:44:26 +02:00
Susant Sahani
61b824c561 networkd: bridge fdb add support to configure VXLAN VNI 2019-05-08 03:43:43 +02:00
Susant Sahani
715cedfbf0 networkd: Allow DHCP4 client to set the number to attempt to reconfigure. 
Otherwise current value is 6 and after 6 it will give up.
 2019-05-07 17:12:04 +02:00
Susant Sahani
8bc17bb3f7 networkd: Option to use LinkLocalAddressing only when DHCP fails 
When LinkLocalAddressing=fallback or LinkLocalAddressing=ipv4-fallback
then IPv4LL will be started only when DHCP fails.

Closes #9648.
 2019-05-04 16:45:57 +02:00
Susant Sahani
c2c2793f39 networkd: Add support to configure destination address for bridge FDB 
Closes #5145.

Example conf:
```
[Match]
Name=vxlan1309

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.2

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.4

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.5
```
 2019-05-03 06:11:52 +02:00
Ben Boeckel
5238e95759 codespell: fix spelling errors 2019-04-29 16:47:18 +02:00
Yu Watanabe
84ea567eb4 udev,network: warn when .link or .network file has no [Match] section 
Closes #12098.
 2019-04-25 08:41:10 +02:00
Susant Sahani
81962db798 network: Introduce MACsec 
Media Access Control Security (MACsec) is an 802.1AE IEEE
industry-standard security technology that provides secure
communication for all traffic on Ethernet links.
MACsec provides point-to-point security on Ethernet links between
directly connected nodes and is capable of identifying and preventing
most security threats, including denial of service, intrusion,
man-in-the-middle, masquerading, passive wiretapping, and playback attacks.

Closes #5754
 2019-04-12 10:12:41 +09:00
Yu Watanabe
d689bbcaa3 man: mention that conditions in [Match] section support negation 2019-03-21 23:38:51 +09:00
Lennart Poettering
b3f6c4531e
Merge pull request #12002 from keszybz/man-headers 
Man headers
 2019-03-14 15:55:04 +01:00
Lennart Poettering
c4a05aa1a8 networkd: clarify that IPv6 RA uses our own stack, no the kernel's 
Fixes: #8906
 2019-03-14 15:13:33 +01:00
Lennart Poettering
fba10579f1 man: document that Anonymize=yes makes DHCP leases grow in size 
Fixes: #11551
 2019-03-14 15:13:33 +01:00
Zbigniew Jędrzejewski-Szmek
3a54a15760 man: use same header for all files 
The "include" files had type "book" for some raeason. I don't think this
is meaningful. Let's just use the same everywhere.

$ perl -i -0pe 's^..DOCTYPE (book|refentry) PUBLIC "-//OASIS//DTD DocBook XML V4.[25]//EN"\s+"http^<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"\n  "http^gms' man/*.xml
 2019-03-14 14:42:05 +01:00
Zbigniew Jędrzejewski-Szmek
0307f79171 man: standarize on one-line license header 
No need to waste space, and uniformity is good.

$ perl -i -0pe 's|\n+<!--\s*SPDX-License-Identifier: LGPL-2.1..\s*-->|\n<!-- SPDX-License-Identifier: LGPL-2.1+ -->|gms' man/*.xml
 2019-03-14 14:29:37 +01:00
Tobias Jungel
7f15b71460 networkd: Add bridge port capabilities 
This PR adds the configuration switches for multicast flooding, neighbor
suppression and learning of a bridge port.
 2019-03-13 16:27:22 +01:00
Yu Watanabe
8d6082e4dd man: update wait-online and RequiredForOnline= setting 2019-03-13 14:29:03 +09:00
Clemens Gruber
c423be28a0 network: introduce TripleSampling= option in CAN section 
When enabled, three samples are used to determine the value of a
received bit by majority rule.

This patch adds support for the TripleSampling= option in the [CAN]
section of .network files.
 2019-03-11 17:15:47 +01:00
Robin Elvedi
68b7f7ac89 fix a typo in the man page for dhcpserver 2019-03-09 11:15:11 +09:00
Yu Watanabe
4e68898ed7 man: mention Address= can be specified once in [Address] section 2019-03-01 15:52:12 +09:00
Yu Watanabe
e6ef3a130f man: mention limit about prefix length when null address is specified to Address= 2019-03-01 15:52:12 +09:00
Yu Watanabe
9cb8c55934 network: rename GatewayOnlink= to GatewayOnLink= 
But still GatewayOnlink= is supported for backward compatibility.
 2019-02-28 10:00:22 +09:00
Yu Watanabe
85fc09c97a man: mention that LinkLocalAddressing= is disabled by default when Bridge= is set 2019-02-25 09:34:14 +09:00
Zbigniew Jędrzejewski-Szmek
dc0d407851 udev,network: use standard paths for .network and .link files 
This centralizes the configuration to one header file.
/usr/local/lib is now included in the search list, and documentation is
updated accordingly.
 2019-02-18 10:29:33 +01:00
Lennart Poettering
84e4b0b893
Merge pull request #11716 from ssahani/drop-autoconf-address 
networkd: ipv6ra allow to ignore addresses
 2019-02-15 12:17:46 +01:00
Susant Sahani
062c2eea3a networkd: ipv6ra allow to ignore addresses 
Allows to ignore prefixes.

```
UseAutonomousPrefix=
UseOnLinkPrefix=
```

closes #9582
 2019-02-14 21:05:17 +05:30
Susant Sahani
93b4dab57e networkd: Allow to retain configs even if carrier is lost 
When there is bad link in the network the carrier goes up/down.
This makes networkd stops all the clients and drop config.
But if the remote router/dhcpserver running a prevention
of DHCP Starvation attack or DHCP Flood attack it does not allow
networkd to take a DHCP lease resulting failure in configuration.
This patch allows to keep the client running and keep the conf
also for this scenario.

Closes #9111
 2019-02-06 13:35:11 +01:00
Lennart Poettering
7ece6f5897 networkd: permit DNS "DefaultRoute" configuration in .network files 2018-12-21 12:10:07 +01:00
William A. Kennington III
e4a71bf36f networkd: Static neighbor support 
When using networkd we currently have no way of ensuring that static
neighbor entries are set when our link comes up. This change adds a new
section to the network definition that allows multiple static neighbors
to be set on a link.
 2018-12-09 16:56:37 -08:00
Yu Watanabe
801503d22b
Merge pull request #10988 from ssahani/IFLA_BRPORT_MCAST_TO_UCAST 
networkd: bridge add support to configure multicast_to_unicast
 2018-12-06 14:32:52 +01:00
Susant Sahani
8b220643b1 networkd: RPDB rule - add support to configure inverted rule. 
Closes #10706
 2018-12-06 10:42:36 +05:30
Susant Sahani
d3aa8b49e5 networkd: bridge add support to configure multicast_to_unicast 
closes #10649
 2018-12-03 23:49:46 +05:30
Yu Watanabe
3a269dcf51 network: make IPProtocol= also accept IP protocol number 2018-12-02 06:13:47 +01:00
Yu Watanabe
97f9df9e30 network: rename Protocol= in [RoutingPolicyRule] to IPProtocol= 2018-12-02 06:13:47 +01:00
Susant Sahani
926062f083 networkd: add support to configure ip rule port range and protocol. 
Please see:

iprule: support for ip_proto, sport and dport match options
https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=f686f764682745daf6a93b0a6330ba42a961f858

Closes 10622
 2018-11-28 20:06:28 +05:30
Yu Watanabe
9b6ffef372 man: update explanation for boolean options 2018-11-27 15:07:58 +09:00
Yu Watanabe
025314d97d man: improve the explanation of "Defaults to unset" 2018-11-27 14:40:25 +09:00