From 937e305e9305a9104cfb1362f318d9df5943b8a5 Mon Sep 17 00:00:00 2001 From: Susant Sahani Date: Tue, 15 Dec 2020 05:00:17 +0100 Subject: [PATCH] network: Allow to configure interface promiscuous mode --- man/systemd.network.xml | 13 ++++++++++--- src/network/networkd-link.c | 8 +++++++- src/network/networkd-network-gperf.gperf | 1 + src/network/networkd-network.c | 1 + src/network/networkd-network.h | 1 + test/fuzz/fuzz-network-parser/directives.network | 1 + 6 files changed, 21 insertions(+), 4 deletions(-) diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 27263c34ebb..e5647f7dae3 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -171,20 +171,27 @@ For example, disabling ARP is useful when creating multiple MACVLAN or VLAN virtual interfaces atop a single lower-level physical interface, which will then only serve as a link/"bridge" device aggregating traffic to the same physical link and not participate in - the network otherwise. + the network otherwise. Defaults to unset. Multicast= - Takes a boolean. If set to true, the multicast flag on the device is enabled. + Takes a boolean. If set to true, the multicast flag on the device is enabled. Defaults to unset. AllMulticast= Takes a boolean. If set to true, the driver retrieves all multicast packets from the network. - This happens when multicast routing is enabled. + This happens when multicast routing is enabled. Defaults to unset. + + + + Promiscuous= + + Takes a boolean. If set to true, promiscuous mode of the interface is enabled. + Defaults to unset. diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index b7047c06d19..7675f266e5e 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -1108,7 +1108,8 @@ static int link_set_flags(Link *link) { if (!link->network) return 0; - if (link->network->arp < 0 && link->network->multicast < 0 && link->network->allmulticast < 0) + if (link->network->arp < 0 && link->network->multicast < 0 && link->network->allmulticast < 0 && + link->network->promiscuous < 0) return 0; r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex); @@ -1130,6 +1131,11 @@ static int link_set_flags(Link *link) { SET_FLAG(ifi_flags, IFF_ALLMULTI, link->network->allmulticast); } + if (link->network->promiscuous >= 0) { + ifi_change |= IFF_PROMISC; + SET_FLAG(ifi_flags, IFF_PROMISC, link->network->promiscuous); + } + r = sd_rtnl_message_link_set_flags(req, ifi_flags, ifi_change); if (r < 0) return log_link_error_errno(link, r, "Could not set link flags: %m"); diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf index 619c6a8c594..be7c076c619 100644 --- a/src/network/networkd-network-gperf.gperf +++ b/src/network/networkd-network-gperf.gperf @@ -62,6 +62,7 @@ Link.Group, config_parse_uint32, Link.ARP, config_parse_tristate, 0, offsetof(Network, arp) Link.Multicast, config_parse_tristate, 0, offsetof(Network, multicast) Link.AllMulticast, config_parse_tristate, 0, offsetof(Network, allmulticast) +Link.Promiscuous, config_parse_tristate, 0, offsetof(Network, promiscuous) Link.Unmanaged, config_parse_bool, 0, offsetof(Network, unmanaged) Link.RequiredForOnline, config_parse_required_for_online, 0, 0 SR-IOV.VirtualFunction, config_parse_sr_iov_uint32, 0, 0 diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index 73c3788e278..a5440a83c79 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -321,6 +321,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi .arp = -1, .multicast = -1, .allmulticast = -1, + .promiscuous = -1, .configure_without_carrier = false, .ignore_carrier_loss = -1, diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h index 17e7d432c99..a23de93126d 100644 --- a/src/network/networkd-network.h +++ b/src/network/networkd-network.h @@ -87,6 +87,7 @@ struct Network { int arp; int multicast; int allmulticast; + int promiscuous; bool unmanaged; bool required_for_online; /* Is this network required to be considered online? */ LinkOperationalStateRange required_operstate_for_online; diff --git a/test/fuzz/fuzz-network-parser/directives.network b/test/fuzz/fuzz-network-parser/directives.network index cb0c3205a0d..611d5bb7f7c 100644 --- a/test/fuzz/fuzz-network-parser/directives.network +++ b/test/fuzz/fuzz-network-parser/directives.network @@ -38,6 +38,7 @@ MTUBytes= Multicast= MACAddress= Group= +Promiscuous= [SR-IOV] VirtualFunction= MACSpoofCheck=