Added support for xfrm interfaces
This commit is contained in:
parent
f34635bcda
commit
98d20a17a9
|
@ -179,6 +179,9 @@
|
||||||
<row><entry><varname>fou</varname></entry>
|
<row><entry><varname>fou</varname></entry>
|
||||||
<entry>Foo-over-UDP tunneling.</entry></row>
|
<entry>Foo-over-UDP tunneling.</entry></row>
|
||||||
|
|
||||||
|
<row><entry><varname>xfrm</varname></entry>
|
||||||
|
<entry>A virtual tunnel interface like vti/vti6 but with several advantages.</entry></row>
|
||||||
|
|
||||||
</tbody>
|
</tbody>
|
||||||
</tgroup>
|
</tgroup>
|
||||||
</table>
|
</table>
|
||||||
|
@ -1848,6 +1851,36 @@
|
||||||
Linux Ethernet Bonding Driver HOWTO</ulink></para>
|
Linux Ethernet Bonding Driver HOWTO</ulink></para>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
|
<refsect1>
|
||||||
|
<title>[Xfrm] Section Options</title>
|
||||||
|
|
||||||
|
<para>The <literal>[Xfrm]</literal> section accepts the following
|
||||||
|
keys:</para>
|
||||||
|
|
||||||
|
<variablelist class='network-directives'>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>InterfaceId=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Sets the ID/key of the xfrm interface which needs to be associated with a SA/policy.
|
||||||
|
Can be decimal or hexadecimal, valid range is 0-0xffffffff, defaults to 0.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Independent=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>Takes a boolean. If set to <literal>no</literal>, the xfrm interface should have an
|
||||||
|
underlying device which can be used for hardware offloading. Defaults to <literal>no</literal>.
|
||||||
|
See <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||||
|
for how to configure the underlying device.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
</variablelist>
|
||||||
|
|
||||||
|
<para>For more detail information see
|
||||||
|
<ulink url="https://lwn.net/Articles/757391">
|
||||||
|
Virtual xfrm interfaces</ulink></para>
|
||||||
|
</refsect1>
|
||||||
|
|
||||||
<refsect1>
|
<refsect1>
|
||||||
<title>[VRF] Section Options</title>
|
<title>[VRF] Section Options</title>
|
||||||
<para>The <literal>[VRF]</literal> section only applies for
|
<para>The <literal>[VRF]</literal> section only applies for
|
||||||
|
@ -2048,6 +2081,16 @@ PublicKey=RDf+LSpeEre7YEIKaxg+wbpsNV7du+ktR99uBEtIiCA=
|
||||||
AllowedIPs=fd31:bf08:57cb::/48,192.168.26.0/24
|
AllowedIPs=fd31:bf08:57cb::/48,192.168.26.0/24
|
||||||
Endpoint=wireguard.example.com:51820</programlisting>
|
Endpoint=wireguard.example.com:51820</programlisting>
|
||||||
</example>
|
</example>
|
||||||
|
|
||||||
|
<example>
|
||||||
|
<title>/etc/systemd/network/27-xfrm.netdev</title>
|
||||||
|
<programlisting>[Xfrm]
|
||||||
|
Name=xfrm0
|
||||||
|
Kind=xfrm
|
||||||
|
|
||||||
|
[Xfrm]
|
||||||
|
Independent=yes</programlisting>
|
||||||
|
</example>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
<refsect1>
|
<refsect1>
|
||||||
|
|
|
@ -856,6 +856,14 @@
|
||||||
</para>
|
</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
<varlistentry>
|
||||||
|
<term><varname>Xfrm=</varname></term>
|
||||||
|
<listitem>
|
||||||
|
<para>The name of the xfrm to create on the link. See
|
||||||
|
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||||
|
This option may be specified more than once.</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><varname>KeepConfiguration=</varname></term>
|
<term><varname>KeepConfiguration=</varname></term>
|
||||||
<listitem>
|
<listitem>
|
||||||
|
@ -2338,6 +2346,29 @@ Name=enp0s25
|
||||||
MACVTAP=macvtap-test
|
MACVTAP=macvtap-test
|
||||||
</programlisting>
|
</programlisting>
|
||||||
</example>
|
</example>
|
||||||
|
|
||||||
|
<example>
|
||||||
|
<title>A Xfrm interface with physical underlying device.</title>
|
||||||
|
|
||||||
|
<programlisting># /etc/systemd/network/27-xfrm.netdev
|
||||||
|
[NetDev]
|
||||||
|
Name=xfrm0
|
||||||
|
|
||||||
|
[Xfrm]
|
||||||
|
InterfaceId=7</programlisting>
|
||||||
|
|
||||||
|
<programlisting># /etc/systemd/network/27-eth0.network
|
||||||
|
[Match]
|
||||||
|
Name=eth0
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
Xfrm=xfrm0</programlisting>
|
||||||
|
|
||||||
|
<para>This creates a <literal>xfrm0</literal> interface and binds it to the <literal>eth0</literal> device.
|
||||||
|
This allows hardware based ipsec offloading to the <literal>eth0</literal> nic.
|
||||||
|
If offloading is not needed, xfrm interfaces can be assigned to the <literal>lo</literal> device.
|
||||||
|
</para>
|
||||||
|
</example>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
<refsect1>
|
<refsect1>
|
||||||
|
|
|
@ -327,6 +327,11 @@ static const NLType rtnl_link_info_data_macsec_types[] = {
|
||||||
[IFLA_MACSEC_VALIDATION] = { .type = NETLINK_TYPE_U8 },
|
[IFLA_MACSEC_VALIDATION] = { .type = NETLINK_TYPE_U8 },
|
||||||
};
|
};
|
||||||
|
|
||||||
|
static const NLType rtnl_link_info_data_xfrm_types[] = {
|
||||||
|
[IFLA_XFRM_LINK] = { .type = NETLINK_TYPE_U32 },
|
||||||
|
[IFLA_XFRM_IF_ID] = { .type = NETLINK_TYPE_U32 }
|
||||||
|
};
|
||||||
|
|
||||||
/* these strings must match the .kind entries in the kernel */
|
/* these strings must match the .kind entries in the kernel */
|
||||||
static const char* const nl_union_link_info_data_table[] = {
|
static const char* const nl_union_link_info_data_table[] = {
|
||||||
[NL_UNION_LINK_INFO_DATA_BOND] = "bond",
|
[NL_UNION_LINK_INFO_DATA_BOND] = "bond",
|
||||||
|
@ -358,6 +363,7 @@ static const char* const nl_union_link_info_data_table[] = {
|
||||||
[NL_UNION_LINK_INFO_DATA_CAN] = "can",
|
[NL_UNION_LINK_INFO_DATA_CAN] = "can",
|
||||||
[NL_UNION_LINK_INFO_DATA_MACSEC] = "macsec",
|
[NL_UNION_LINK_INFO_DATA_MACSEC] = "macsec",
|
||||||
[NL_UNION_LINK_INFO_DATA_NLMON] = "nlmon",
|
[NL_UNION_LINK_INFO_DATA_NLMON] = "nlmon",
|
||||||
|
[NL_UNION_LINK_INFO_DATA_XFRM] = "xfrm",
|
||||||
};
|
};
|
||||||
|
|
||||||
DEFINE_STRING_TABLE_LOOKUP(nl_union_link_info_data, NLUnionLinkInfoData);
|
DEFINE_STRING_TABLE_LOOKUP(nl_union_link_info_data, NLUnionLinkInfoData);
|
||||||
|
@ -411,6 +417,8 @@ static const NLTypeSystem rtnl_link_info_data_type_systems[] = {
|
||||||
.types = rtnl_link_info_data_can_types },
|
.types = rtnl_link_info_data_can_types },
|
||||||
[NL_UNION_LINK_INFO_DATA_MACSEC] = { .count = ELEMENTSOF(rtnl_link_info_data_macsec_types),
|
[NL_UNION_LINK_INFO_DATA_MACSEC] = { .count = ELEMENTSOF(rtnl_link_info_data_macsec_types),
|
||||||
.types = rtnl_link_info_data_macsec_types },
|
.types = rtnl_link_info_data_macsec_types },
|
||||||
|
[NL_UNION_LINK_INFO_DATA_XFRM] = { .count = ELEMENTSOF(rtnl_link_info_data_xfrm_types),
|
||||||
|
.types = rtnl_link_info_data_xfrm_types },
|
||||||
};
|
};
|
||||||
|
|
||||||
static const NLTypeSystemUnion rtnl_link_info_data_type_system_union = {
|
static const NLTypeSystemUnion rtnl_link_info_data_type_system_union = {
|
||||||
|
|
|
@ -83,6 +83,7 @@ typedef enum NLUnionLinkInfoData {
|
||||||
NL_UNION_LINK_INFO_DATA_CAN,
|
NL_UNION_LINK_INFO_DATA_CAN,
|
||||||
NL_UNION_LINK_INFO_DATA_MACSEC,
|
NL_UNION_LINK_INFO_DATA_MACSEC,
|
||||||
NL_UNION_LINK_INFO_DATA_NLMON,
|
NL_UNION_LINK_INFO_DATA_NLMON,
|
||||||
|
NL_UNION_LINK_INFO_DATA_XFRM,
|
||||||
_NL_UNION_LINK_INFO_DATA_MAX,
|
_NL_UNION_LINK_INFO_DATA_MAX,
|
||||||
_NL_UNION_LINK_INFO_DATA_INVALID = -1
|
_NL_UNION_LINK_INFO_DATA_INVALID = -1
|
||||||
} NLUnionLinkInfoData;
|
} NLUnionLinkInfoData;
|
||||||
|
|
|
@ -43,6 +43,8 @@ sources = files('''
|
||||||
netdev/l2tp-tunnel.h
|
netdev/l2tp-tunnel.h
|
||||||
netdev/macsec.c
|
netdev/macsec.c
|
||||||
netdev/macsec.h
|
netdev/macsec.h
|
||||||
|
netdev/xfrm.c
|
||||||
|
netdev/xfrm.h
|
||||||
networkd-address-label.c
|
networkd-address-label.c
|
||||||
networkd-address-label.h
|
networkd-address-label.h
|
||||||
networkd-address-pool.c
|
networkd-address-pool.c
|
||||||
|
|
|
@ -22,6 +22,7 @@ _Pragma("GCC diagnostic ignored \"-Wimplicit-fallthrough\"")
|
||||||
#include "netdev/wireguard.h"
|
#include "netdev/wireguard.h"
|
||||||
#include "netdev/fou-tunnel.h"
|
#include "netdev/fou-tunnel.h"
|
||||||
#include "netdev/l2tp-tunnel.h"
|
#include "netdev/l2tp-tunnel.h"
|
||||||
|
#include "netdev/xfrm.h"
|
||||||
#include "vlan-util.h"
|
#include "vlan-util.h"
|
||||||
%}
|
%}
|
||||||
struct ConfigPerfItem;
|
struct ConfigPerfItem;
|
||||||
|
@ -218,3 +219,5 @@ WireGuardPeer.PublicKey, config_parse_wireguard_public_key,
|
||||||
WireGuardPeer.PresharedKey, config_parse_wireguard_preshared_key, 0, 0
|
WireGuardPeer.PresharedKey, config_parse_wireguard_preshared_key, 0, 0
|
||||||
WireGuardPeer.PresharedKeyFile, config_parse_wireguard_preshared_key_file, 0, 0
|
WireGuardPeer.PresharedKeyFile, config_parse_wireguard_preshared_key_file, 0, 0
|
||||||
WireGuardPeer.PersistentKeepalive, config_parse_wireguard_keepalive, 0, 0
|
WireGuardPeer.PersistentKeepalive, config_parse_wireguard_keepalive, 0, 0
|
||||||
|
Xfrm.InterfaceId, config_parse_uint32, 0, offsetof(Xfrm, if_id)
|
||||||
|
Xfrm.Independent, config_parse_bool, 0, offsetof(Xfrm, independent)
|
||||||
|
|
|
@ -29,6 +29,7 @@
|
||||||
#include "netdev/vxcan.h"
|
#include "netdev/vxcan.h"
|
||||||
#include "netdev/vxlan.h"
|
#include "netdev/vxlan.h"
|
||||||
#include "netdev/wireguard.h"
|
#include "netdev/wireguard.h"
|
||||||
|
#include "netdev/xfrm.h"
|
||||||
#include "netlink-util.h"
|
#include "netlink-util.h"
|
||||||
#include "network-internal.h"
|
#include "network-internal.h"
|
||||||
#include "networkd-link.h"
|
#include "networkd-link.h"
|
||||||
|
@ -72,6 +73,7 @@ const NetDevVTable * const netdev_vtable[_NETDEV_KIND_MAX] = {
|
||||||
[NETDEV_KIND_L2TP] = &l2tptnl_vtable,
|
[NETDEV_KIND_L2TP] = &l2tptnl_vtable,
|
||||||
[NETDEV_KIND_MACSEC] = &macsec_vtable,
|
[NETDEV_KIND_MACSEC] = &macsec_vtable,
|
||||||
[NETDEV_KIND_NLMON] = &nlmon_vtable,
|
[NETDEV_KIND_NLMON] = &nlmon_vtable,
|
||||||
|
[NETDEV_KIND_XFRM] = &xfrm_vtable,
|
||||||
};
|
};
|
||||||
|
|
||||||
static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = {
|
static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = {
|
||||||
|
@ -107,6 +109,7 @@ static const char* const netdev_kind_table[_NETDEV_KIND_MAX] = {
|
||||||
[NETDEV_KIND_L2TP] = "l2tp",
|
[NETDEV_KIND_L2TP] = "l2tp",
|
||||||
[NETDEV_KIND_MACSEC] = "macsec",
|
[NETDEV_KIND_MACSEC] = "macsec",
|
||||||
[NETDEV_KIND_NLMON] = "nlmon",
|
[NETDEV_KIND_NLMON] = "nlmon",
|
||||||
|
[NETDEV_KIND_XFRM] = "xfrm",
|
||||||
};
|
};
|
||||||
|
|
||||||
DEFINE_STRING_TABLE_LOOKUP(netdev_kind, NetDevKind);
|
DEFINE_STRING_TABLE_LOOKUP(netdev_kind, NetDevKind);
|
||||||
|
@ -807,6 +810,9 @@ int netdev_load_one(Manager *manager, const char *filename) {
|
||||||
case NETDEV_KIND_ERSPAN:
|
case NETDEV_KIND_ERSPAN:
|
||||||
independent = ERSPAN(netdev)->independent;
|
independent = ERSPAN(netdev)->independent;
|
||||||
break;
|
break;
|
||||||
|
case NETDEV_KIND_XFRM:
|
||||||
|
independent = XFRM(netdev)->independent;
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
|
@ -50,6 +50,7 @@ typedef enum NetDevKind {
|
||||||
NETDEV_KIND_L2TP,
|
NETDEV_KIND_L2TP,
|
||||||
NETDEV_KIND_MACSEC,
|
NETDEV_KIND_MACSEC,
|
||||||
NETDEV_KIND_NLMON,
|
NETDEV_KIND_NLMON,
|
||||||
|
NETDEV_KIND_XFRM,
|
||||||
_NETDEV_KIND_MAX,
|
_NETDEV_KIND_MAX,
|
||||||
_NETDEV_KIND_TUNNEL, /* Used by config_parse_stacked_netdev() */
|
_NETDEV_KIND_TUNNEL, /* Used by config_parse_stacked_netdev() */
|
||||||
_NETDEV_KIND_INVALID = -1
|
_NETDEV_KIND_INVALID = -1
|
||||||
|
|
40
src/network/netdev/xfrm.c
Normal file
40
src/network/netdev/xfrm.c
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||||
|
|
||||||
|
#include "missing_network.h"
|
||||||
|
#include "netdev/xfrm.h"
|
||||||
|
|
||||||
|
static int xfrm_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *message) {
|
||||||
|
int if_idx, r;
|
||||||
|
Xfrm *x;
|
||||||
|
|
||||||
|
assert(netdev);
|
||||||
|
assert(message);
|
||||||
|
|
||||||
|
x = XFRM(netdev);
|
||||||
|
|
||||||
|
if (x->independent)
|
||||||
|
if_idx = LOOPBACK_IFINDEX;
|
||||||
|
else {
|
||||||
|
assert(link);
|
||||||
|
if (link->ifindex == 0)
|
||||||
|
return log_netdev_error_errno(netdev, SYNTHETIC_ERRNO(ENODEV), "Could not get interface index: %m");
|
||||||
|
if_idx = link->ifindex;
|
||||||
|
}
|
||||||
|
|
||||||
|
r = sd_netlink_message_append_u32(message, IFLA_XFRM_LINK, if_idx);
|
||||||
|
if (r < 0)
|
||||||
|
return log_netdev_error_errno(netdev, r, "Could not append IFLA_XFRM_LINK: %m");
|
||||||
|
|
||||||
|
r = sd_netlink_message_append_u32(message, IFLA_XFRM_IF_ID, x->if_id);
|
||||||
|
if (r < 0)
|
||||||
|
return log_netdev_error_errno(netdev, r, "Could not append IFLA_XFRM_IF_ID: %m");
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
const NetDevVTable xfrm_vtable = {
|
||||||
|
.object_size = sizeof(Xfrm),
|
||||||
|
.sections = "Match\0NetDev\0Xfrm\0",
|
||||||
|
.fill_message_create = xfrm_fill_message_create,
|
||||||
|
.create_type = NETDEV_CREATE_STACKED
|
||||||
|
};
|
14
src/network/netdev/xfrm.h
Normal file
14
src/network/netdev/xfrm.h
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include "netdev/netdev.h"
|
||||||
|
|
||||||
|
typedef struct Xfrm {
|
||||||
|
NetDev meta;
|
||||||
|
|
||||||
|
uint32_t if_id;
|
||||||
|
bool independent;
|
||||||
|
} Xfrm;
|
||||||
|
|
||||||
|
DEFINE_NETDEV_CAST(XFRM, Xfrm);
|
||||||
|
extern const NetDevVTable xfrm_vtable;
|
|
@ -158,7 +158,9 @@ bool link_ipv4ll_enabled(Link *link, AddressFamilyBoolean mask) {
|
||||||
if (!link->network)
|
if (!link->network)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if (STRPTR_IN_SET(link->kind, "vrf", "wireguard", "ipip", "gre", "ip6gre", "ip6tnl", "sit", "vti", "vti6", "can", "vcan", "vxcan", "nlmon"))
|
if (STRPTR_IN_SET(link->kind,
|
||||||
|
"vrf", "wireguard", "ipip", "gre", "ip6gre","ip6tnl", "sit", "vti",
|
||||||
|
"vti6", "can", "vcan", "vxcan", "nlmon", "xfrm"))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/* L3 or L3S mode do not support ARP. */
|
/* L3 or L3S mode do not support ARP. */
|
||||||
|
|
|
@ -55,6 +55,7 @@ Network.VXLAN, config_parse_stacked_netdev,
|
||||||
Network.L2TP, config_parse_stacked_netdev, NETDEV_KIND_L2TP, offsetof(Network, stacked_netdev_names)
|
Network.L2TP, config_parse_stacked_netdev, NETDEV_KIND_L2TP, offsetof(Network, stacked_netdev_names)
|
||||||
Network.MACsec, config_parse_stacked_netdev, NETDEV_KIND_MACSEC, offsetof(Network, stacked_netdev_names)
|
Network.MACsec, config_parse_stacked_netdev, NETDEV_KIND_MACSEC, offsetof(Network, stacked_netdev_names)
|
||||||
Network.Tunnel, config_parse_stacked_netdev, _NETDEV_KIND_TUNNEL, offsetof(Network, stacked_netdev_names)
|
Network.Tunnel, config_parse_stacked_netdev, _NETDEV_KIND_TUNNEL, offsetof(Network, stacked_netdev_names)
|
||||||
|
Network.Xfrm, config_parse_stacked_netdev, NETDEV_KIND_XFRM, offsetof(Network, stacked_netdev_names)
|
||||||
Network.VRF, config_parse_ifname, 0, offsetof(Network, vrf_name)
|
Network.VRF, config_parse_ifname, 0, offsetof(Network, vrf_name)
|
||||||
Network.DHCP, config_parse_dhcp, 0, offsetof(Network, dhcp)
|
Network.DHCP, config_parse_dhcp, 0, offsetof(Network, dhcp)
|
||||||
Network.DHCPServer, config_parse_bool, 0, offsetof(Network, dhcp_server)
|
Network.DHCPServer, config_parse_bool, 0, offsetof(Network, dhcp_server)
|
||||||
|
|
|
@ -693,7 +693,8 @@ int config_parse_stacked_netdev(const char *unit,
|
||||||
assert(IN_SET(kind,
|
assert(IN_SET(kind,
|
||||||
NETDEV_KIND_VLAN, NETDEV_KIND_MACVLAN, NETDEV_KIND_MACVTAP,
|
NETDEV_KIND_VLAN, NETDEV_KIND_MACVLAN, NETDEV_KIND_MACVTAP,
|
||||||
NETDEV_KIND_IPVLAN, NETDEV_KIND_IPVTAP, NETDEV_KIND_VXLAN,
|
NETDEV_KIND_IPVLAN, NETDEV_KIND_IPVTAP, NETDEV_KIND_VXLAN,
|
||||||
NETDEV_KIND_L2TP, NETDEV_KIND_MACSEC, _NETDEV_KIND_TUNNEL));
|
NETDEV_KIND_L2TP, NETDEV_KIND_MACSEC, _NETDEV_KIND_TUNNEL,
|
||||||
|
NETDEV_KIND_XFRM));
|
||||||
|
|
||||||
if (!ifname_valid(rvalue)) {
|
if (!ifname_valid(rvalue)) {
|
||||||
log_syntax(unit, LOG_ERR, filename, line, 0,
|
log_syntax(unit, LOG_ERR, filename, line, 0,
|
||||||
|
|
|
@ -69,6 +69,7 @@ struct Network {
|
||||||
NetDev *bridge;
|
NetDev *bridge;
|
||||||
NetDev *bond;
|
NetDev *bond;
|
||||||
NetDev *vrf;
|
NetDev *vrf;
|
||||||
|
NetDev *xfrm;
|
||||||
Hashmap *stacked_netdevs;
|
Hashmap *stacked_netdevs;
|
||||||
char *bridge_name;
|
char *bridge_name;
|
||||||
char *bond_name;
|
char *bond_name;
|
||||||
|
|
7
test/fuzz/fuzz-netdev-parser/27-xfrm.netdev
Normal file
7
test/fuzz/fuzz-netdev-parser/27-xfrm.netdev
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
[NetDev]
|
||||||
|
Name=xfrm99
|
||||||
|
Kind=xfrm
|
||||||
|
|
||||||
|
[Xfrm]
|
||||||
|
InterfaceId=7
|
||||||
|
Independent=false
|
|
@ -207,3 +207,6 @@ KeyId=
|
||||||
Key=
|
Key=
|
||||||
KeyFile=
|
KeyFile=
|
||||||
Activate=
|
Activate=
|
||||||
|
[Xfrm]
|
||||||
|
Independent=
|
||||||
|
InterfaceId=
|
||||||
|
|
5
test/fuzz/fuzz-network-parser/27-xfrm.network
Normal file
5
test/fuzz/fuzz-network-parser/27-xfrm.network
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
[Match]
|
||||||
|
Name=eth0
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
Xfrm=xfrm99
|
|
@ -121,6 +121,7 @@ DNSSEC=
|
||||||
IPv6HopLimit=
|
IPv6HopLimit=
|
||||||
IPForward=
|
IPForward=
|
||||||
IPv6Token=
|
IPv6Token=
|
||||||
|
Xfrm=
|
||||||
Description=
|
Description=
|
||||||
VXLAN=
|
VXLAN=
|
||||||
L2TP=
|
L2TP=
|
||||||
|
|
Loading…
Reference in a new issue