mirror of
https://github.com/systemd/systemd.git
synced 2024-12-25 01:34:28 +03:00
network: allow users to forbid passthru MACVLAN from putting its link into promiscuous mode
While we haven't implemented a key for users to set MACVLAN/MACVTAP flags, we can at least allow them to make use of the Promiscuous= key of the corresponding link to set the nopromisc flag.
This commit is contained in:
parent
682f952cd7
commit
17a6a4ae2e
@ -5,6 +5,7 @@
|
||||
#include "conf-parser.h"
|
||||
#include "macvlan.h"
|
||||
#include "macvlan-util.h"
|
||||
#include "networkd-network.h"
|
||||
#include "parse-util.h"
|
||||
|
||||
DEFINE_CONFIG_PARSE_ENUM(config_parse_macvlan_mode, macvlan_mode, MacVlanMode, "Failed to parse macvlan mode");
|
||||
@ -16,6 +17,7 @@ static int netdev_macvlan_fill_message_create(NetDev *netdev, Link *link, sd_net
|
||||
assert(netdev);
|
||||
assert(link);
|
||||
assert(netdev->ifname);
|
||||
assert(link->network);
|
||||
|
||||
if (netdev->kind == NETDEV_KIND_MACVLAN)
|
||||
m = MACVLAN(netdev);
|
||||
@ -52,6 +54,13 @@ static int netdev_macvlan_fill_message_create(NetDev *netdev, Link *link, sd_net
|
||||
return log_netdev_error_errno(netdev, r, "Could not append IFLA_MACVLAN_MODE attribute: %m");
|
||||
}
|
||||
|
||||
/* set the nopromisc flag if Promiscuous= of the link is explicitly set to false */
|
||||
if (m->mode == NETDEV_MACVLAN_MODE_PASSTHRU && link->network->promiscuous == 0) {
|
||||
r = sd_netlink_message_append_u16(req, IFLA_MACVLAN_FLAGS, MACVLAN_FLAG_NOPROMISC);
|
||||
if (r < 0)
|
||||
return log_netdev_error_errno(netdev, r, "Could not append IFLA_MACVLAN_FLAGS attribute: %m");
|
||||
}
|
||||
|
||||
if (m->bc_queue_length != UINT32_MAX) {
|
||||
r = sd_netlink_message_append_u32(req, IFLA_MACVLAN_BC_QUEUE_LEN, m->bc_queue_length);
|
||||
if (r < 0)
|
||||
|
Loading…
Reference in New Issue
Block a user