IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Pass around Link objcets rather than FdbEntry objects. The link objects have an up-to-date
ifname we can use for logging. match_name sholud _never_ be used for anything except
matching. Firstly, it may be unset (usually is), and secondly it may not be up-to-date.
For now we only support the hardcoded values RT_SCOPE_{UNIVERSE,LOCAL,HOST},
and not numerical values or values from /etc/iproute2/rt_scopes.
This addresses https://bugs.freedesktop.org/show_bug.cgi?id=88508.
This allows the admin to set the host-specific part of IPv6 addresses, but still
receive the prefix via SLAAC.
.network file snippet:
[Network]
IPv6Token=::12
gives:
$ ip token
token ::12 dev eth0
This closes https://bugs.freedesktop.org/show_bug.cgi?id=81177.
This allows both IPv4 and IPv6 link-local addresses to be enabled or disabled. By default
we still enable IPv6LL and disable IPv4LL. The old config option is kept for backwards
compatibility, but removed from the documentation.
Object path components must start with [A-Za-z_] (AFAIK).
Also the value of 'p' is undefined if asprintf fails.
Compare to user_bus_path() in src/login/logind-user-dbus.c:281.
We will be woken up on rtnl or dbus activity, so let's just quit if some time has passed and that is the only thing that can happen.
Note that we will always stay around if we expect network activity (e.g. DHCP is enabled), as we are not restarted on that.
Only the very basics, more to come.
For now:
$ busctl tree org.freedesktop.network1
└─/org/freedesktop/network1
└─/org/freedesktop/network1/link
├─/org/freedesktop/network1/link/1
├─/org/freedesktop/network1/link/2
├─/org/freedesktop/network1/link/3
├─/org/freedesktop/network1/link/4
├─/org/freedesktop/network1/link/5
├─/org/freedesktop/network1/link/6
├─/org/freedesktop/network1/link/7
├─/org/freedesktop/network1/link/8
└─/org/freedesktop/network1/link/9
$ busctl introspect org.freedesktop.network1 /org/freedesktop/network1
NAME TYPE SIGNATURE RESULT/VALUE FLAGS
org.freedesktop.network1.Manager interface - - -
.OperationalState property s "carrier" emits-change
$ busctl introspect org.freedesktop.network1 /org/freedesktop/network1/link/1
NAME TYPE SIGNATURE RESULT/VALUE FLAGS
org.freedesktop.network1.Link interface - - -
.AdministrativeState property s "unmanaged" emits-change
.OperationalState property s "carrier" emits-change
If we get a NEWLINK + NEWADDR between enumerating the links and enumerating the addresses, we
would get a warning that the link corresponding to the address does not exist. This is a false
warning as both the NEWLINK and NEWADDR would be processed after enumerating completed, so drop
it.
After all it is now much more like strjoin() than strappend(). At the
same time, add support for NULL sentinels, even if they are normally not
necessary.
We would otherwise wait for the interface to be completely configured, which
could take considerable time with IPv4LL. As a result nspawn was very slow
at obtaining IP addresses.
Once IPv6 addresses have been acquired, assign these to the interface
with the prefix lengths taken from the ICMPv6 Router Advertisement
handling code. The preferred and valid IPv6 address lifetimes are
handed to the kernel which will clean up them if not renewed in time.
When a prefix announced via Router Advertisements expires, find all
addresses that match that prefix and update the address to have a
prefix length of 128 causing the prefix to be off-link.
This patch introduces ipv6 gre and gretap.
test:
ip6gre.netdev:
[NetDev]
Name=ip6gretap
Kind=ip6gretap
[Tunnel]
Local=2a00:ffde:4567:edde::4987
Remote=2001:473:fece:cafe::5179
ip6gre.network:
[Match]
Name=eno16777736
[Network]
Tunnel=ip6gretap
ip link
6: ip6gre@eno16777736: <POINTOPOINT,NOARP> mtu 1448 qdisc noop state
DOWN mode DEFAULT group default
link/gre6 2a:00:ff🇩🇪45:67:ed🇩🇪00:00:00:00:00:00:49:87 peer
20:01:04:73:fe:ce:ca:fe:00:00:00:00:00:00:51:79
We need to turn on /proc/sys/net/ipv4/ip_forward before the
per-interface forwarding setting is useful, hence let's propagate the
per-interface setting once to the system-wide setting.
Due to the unclear ownership rules of that flag, and the fact that
turning it on also has effects on other sysctl flags we try to minimize
changes to the flag, and only turn it on once. There's no logic to
turning it off again, but this should be fairly unproblematic as the
per-interface setting defaults to off anyway.
This introduces am AddressFamilyBoolean type that works more or less
like a booleaan, but can optionally turn on/off things for ipv4 and ipv6
independently. THis also ports the DHCP field over to it.
This adds two new settings to networkd's .network files:
IPForwarding=yes and IPMasquerade=yes. The former controls the
"forwarding" sysctl setting of the interface, thus controlling whether
IP forwarding shall be enabled on the specific interface. The latter
controls whether a firewall rule shall be installed that exposes traffic
coming from the interface as coming from the local host to all other
interfaces.
This also enables both options by default for container network
interfaces, thus making "systemd-nspawn --network-veth" have network
connectivity out of the box.
Those values are based on a file we read from disk, so we should
verify everything we receive, and make sure everything we print
is sensible.
Also, print fractional seconds for TTL.
