picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

network: introduce IPv4AcceptLocal= setting 

Closes #16090.
This commit is contained in:
Yu Watanabe 2020-06-08 13:48:14 +09:00
parent a07e962549
commit 94d76d071e
6 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
man/systemd.network.xml
View File

@ -672,6 +672,13 @@
When unset, the kernel's default will be used.
</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>IPv4AcceptLocal=</varname></term>
<listitem><para>Takes a boolean. Accept packets with local source addresses. In combination
with suitable routing, this can be used to direct packets between two local interfaces over
the wire and have them accepted properly. When unset, the kernel's default will be used.
</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>IPv4ProxyARP=</varname></term>
<listitem><para>Takes a boolean. Configures proxy ARP for IPv4. Proxy ARP is the technique in which one host,

20
src/network/networkd-link.c
View File

@ -2532,6 +2532,22 @@ static int link_set_ipv6_mtu(Link *link) {
return 0;
}
static int link_set_ipv4_accept_local(Link *link) {
int r;
if (link->flags & IFF_LOOPBACK)
return 0;
if (link->network->ipv4_accept_local < 0)
return 0;
r = sysctl_write_ip_property_boolean(AF_INET, link->ifname, "accept_local", link->network->ipv4_accept_local);
if (r < 0)
log_link_warning_errno(link, r, "Cannot set IPv4 accept_local flag for interface: %m");
return 0;
}
static bool link_is_static_address_configured(Link *link, Address *address) {
Address *net_address;
@ -2871,6 +2887,10 @@ static int link_configure(Link *link) {
if (r < 0)
return r;
r = link_set_ipv4_accept_local(link);
if (r < 0)
return r;
r = link_set_flags(link);
if (r < 0)
return r;

1
src/network/networkd-network-gperf.gperf
View File

@ -96,6 +96,7 @@ Network.IPv6DuplicateAddressDetection, config_parse_int,
Network.IPv6HopLimit, config_parse_int, 0, offsetof(Network, ipv6_hop_limit)
Network.IPv6ProxyNDP, config_parse_tristate, 0, offsetof(Network, ipv6_proxy_ndp)
Network.IPv6MTUBytes, config_parse_mtu, AF_INET6, offsetof(Network, ipv6_mtu)
Network.IPv4AcceptLocal, config_parse_tristate, 0, offsetof(Network, ipv4_accept_local)
Network.ActiveSlave, config_parse_bool, 0, offsetof(Network, active_slave)
Network.PrimarySlave, config_parse_bool, 0, offsetof(Network, primary_slave)
Network.IPv4ProxyARP, config_parse_tristate, 0, offsetof(Network, proxy_arp)

2
src/network/networkd-network.c
View File

@ -450,6 +450,8 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
/* If LinkLocalAddressing= is not set, then set to ADDRESS_FAMILY_IPV6 later. */
.link_local = _ADDRESS_FAMILY_INVALID,
.ipv4_accept_local = -1,
.ipv6_privacy_extensions = IPV6_PRIVACY_EXTENSIONS_NO,
.ipv6_accept_ra = -1,
.ipv6_dad_transmits = -1,

1
src/network/networkd-network.h
View File

@ -237,6 +237,7 @@ struct Network {
AddressFamily ip_forward;
bool ip_masquerade;
int ipv4_accept_local;
int ipv6_accept_ra;
int ipv6_dad_transmits;

1
test/fuzz/fuzz-network-parser/directives.network
View File

@ -153,6 +153,7 @@ Address=
IPv6ProxyNDPAddress=
IPv6AcceptRA=
IPv6AcceptRouterAdvertisements=
IPv4AcceptLocal=
DNSSECNegativeTrustAnchors=
MACVTAP=
IPv6PrivacyExtensions=