network: introduce network_adjust_ipv6_accept_ra()

2020-10-12 16:36:54 +09:00 · 2020-10-12 16:36:54 +09:00 · 3773eb5485
parent c27abcf4fb
commit 3773eb5485
5 changed files with 22 additions and 29 deletions
--- a/src/network/networkd-ndisc.c
+++ b/src/network/networkd-ndisc.c
@ -14,7 +14,6 @@
 #include "networkd-dhcp6.h"
 #include "networkd-manager.h"
 #include "networkd-ndisc.h"
-#include "networkd-sysctl.h"
 #include "string-table.h"
 #include "string-util.h"
 #include "strv.h"
@ -52,19 +51,23 @@ bool link_ipv6_accept_ra_enabled(Link *link) {
        if (!link_ipv6ll_enabled(link))
                return false;

-        /* If unset use system default (enabled if local forwarding is disabled.
-         * disabled if local forwarding is enabled).
-         * If set, ignore or enforce RA independent of local forwarding state.
-         */
-        if (link->network->ipv6_accept_ra < 0)
+        assert(link->network->ipv6_accept_ra >= 0);
+        return link->network->ipv6_accept_ra;
+}
+
+void network_adjust_ipv6_accept_ra(Network *network) {
+        assert(network);
+
+        if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) {
+                if (network->ipv6_accept_ra > 0)
+                        log_warning("%s: IPv6AcceptRA= is enabled but IPv6 link local addressing is disabled or not supported. "
+                                    "Disabling IPv6AcceptRA=.", network->filename);
+                network->ipv6_accept_ra = false;
+        }
+
+        if (network->ipv6_accept_ra < 0)
                /* default to accept RA if ip_forward is disabled and ignore RA if ip_forward is enabled */
-                return !link_ip_forward_enabled(link, AF_INET6);
-        else if (link->network->ipv6_accept_ra > 0)
-                /* accept RA even if ip_forward is enabled */
-                return true;
-        else
-                /* ignore RA */
-                return false;
+                network->ipv6_accept_ra = !FLAGS_SET(network->ip_forward, ADDRESS_FAMILY_IPV6);
 }

 static int ndisc_remove_old_one(Link *link, const struct in6_addr *router, bool force);
--- a/src/network/networkd-ndisc.h
+++ b/src/network/networkd-ndisc.h
@ -71,6 +71,8 @@ static inline char* NDISC_DNSSL_DOMAIN(const NDiscDNSSL *n) {

 bool link_ipv6_accept_ra_enabled(Link *link);

+void network_adjust_ipv6_accept_ra(Network *network);
+
 int ndisc_configure(Link *link);
 void ndisc_vacuum(Link *link);
 void ndisc_flush(Link *link);
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@ -19,6 +19,7 @@
 #include "networkd-fdb.h"
 #include "networkd-manager.h"
 #include "networkd-mdb.h"
+#include "networkd-ndisc.h"
 #include "networkd-neighbor.h"
 #include "networkd-network.h"
 #include "networkd-nexthop.h"
@ -188,11 +189,6 @@ int network_verify(Network *network) {

        if (network->bond) {
                /* Bonding slave does not support addressing. */
-                if (network->ipv6_accept_ra > 0) {
-                        log_warning("%s: Cannot enable IPv6AcceptRA= when Bond= is specified, disabling IPv6AcceptRA=.",
-                                    network->filename);
-                        network->ipv6_accept_ra = 0;
-                }
                if (network->link_local >= 0 && network->link_local != ADDRESS_FAMILY_NO) {
                        log_warning("%s: Cannot enable LinkLocalAddressing= when Bond= is specified, disabling LinkLocalAddressing=.",
                                    network->filename);
@ -223,12 +219,6 @@ int network_verify(Network *network) {
                network->link_local = network->bridge ? ADDRESS_FAMILY_NO : ADDRESS_FAMILY_IPV6;

        if (!FLAGS_SET(network->link_local, ADDRESS_FAMILY_IPV6)) {
-                if (network->ipv6_accept_ra > 0) {
-                        log_warning("%s: IPv6AcceptRA= is enabled by the .network file but IPv6 link local addressing is disabled. "
-                                    "Disabling IPv6AcceptRA=.", network->filename);
-                        network->ipv6_accept_ra = false;
-                }
-
                if (FLAGS_SET(network->dhcp, ADDRESS_FAMILY_IPV6)) {
                        log_warning("%s: DHCPv6 client is enabled by the .network file but IPv6 link local addressing is disabled. "
                                    "Disabling DHCPv6 client.", network->filename);
@ -249,13 +239,12 @@ int network_verify(Network *network) {
                SET_FLAG(network->link_local, ADDRESS_FAMILY_FALLBACK_IPV4, false);
        }

-        if (network->ipv6_accept_ra < 0 && network->bridge)
-                network->ipv6_accept_ra = false;
-
        /* IPMasquerade=yes implies IPForward=yes */
        if (network->ip_masquerade)
                network->ip_forward |= ADDRESS_FAMILY_IPV4;

+        network_adjust_ipv6_accept_ra(network);
+
        if (network->mtu > 0 && network->dhcp_use_mtu) {
                log_warning("%s: MTUBytes= in [Link] section and UseMTU= in [DHCP] section are set. "
                            "Disabling UseMTU=.", network->filename);
--- a/src/network/networkd-sysctl.c
+++ b/src/network/networkd-sysctl.c
@ -38,7 +38,7 @@ static int link_set_proxy_arp(Link *link) {
        return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "proxy_arp", link->network->proxy_arp > 0);
 }

-bool link_ip_forward_enabled(Link *link, int family) {
+static bool link_ip_forward_enabled(Link *link, int family) {
        assert(link);
        assert(IN_SET(family, AF_INET, AF_INET6));

--- a/src/network/networkd-sysctl.h
+++ b/src/network/networkd-sysctl.h
@ -16,7 +16,6 @@ typedef enum IPv6PrivacyExtensions {
        _IPV6_PRIVACY_EXTENSIONS_INVALID = -1,
 } IPv6PrivacyExtensions;

-bool link_ip_forward_enabled(Link *link, int family);
 int link_set_sysctl(Link *link);
 int link_set_ipv6_mtu(Link *link);