picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
41643 commits 2 branches 0 tags 166 MiB
Commit graph

206 commits

Author SHA1 Message Date
Susant Sahani 5bc945bec4 network dhcp4: Add support send request options in a generic manner 2019-09-20 21:05:48 +09:00
Susant Sahani 203d4df573 network: Add support to advertie ipv6 route 
Implements https://tools.ietf.org/html/rfc4191

cat veth99.network
```
[Match]
Name=veth99

[Network]
DHCP=no
IPv6PrefixDelegation=yes
Address=2001:db8:0:1::1/64

[IPv6Prefix]
Prefix=2001:db8:0:1::4/64

[IPv6RoutePrefix]
Route=2001:db0:fff::/48

```
Wireshark

```
Frame 481: 142 bytes on wire (1136 bits), 142 bytes captured (1136 bits) on interface 0
Ethernet II, Src: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4), Dst: IPv6mcast_01 (33:33:00:00:00:01)
Internet Protocol Version 6, Src: fe80::1c04:f8ff:feb8:2fd4, Dst: ff02::1
Internet Control Message Protocol v6
    Type: Router Advertisement (134)
    Code: 0
    Checksum: 0xec77 [correct]
    [Checksum Status: Good]
    Cur hop limit: 0
    Flags: 0x00, Prf (Default Router Preference): Medium
    Router lifetime (s): 0
    Reachable time (ms): 0
    Retrans timer (ms): 0
    ICMPv6 Option (Source link-layer address : 1e:04:f8:b8:2f:d4)
        Type: Source link-layer address (1)
        Length: 1 (8 bytes)
        Link-layer address: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4)
    ICMPv6 Option (MTU : 1500)
        Type: MTU (5)
        Length: 1 (8 bytes)
        Reserved
        MTU: 1500
    ICMPv6 Option (Prefix information : 2001:db8:0:1::4/64)
        Type: Prefix information (3)
        Length: 4 (32 bytes)
        Prefix Length: 64
        Flag: 0xc0, On-link flag(L), Autonomous address-configuration flag(A)
        Valid Lifetime: 2592000
        Preferred Lifetime: 604800
        Reserved
        Prefix: 2001:db8:0:1::4
    ICMPv6 Option (Route Information : Medium 2001:db0:fff::/48)
        Type: Route Information (24)
        Length: 3 (24 bytes)
        Prefix Length: 48
        Flag: 0x00, Route Preference: Medium
            ...0 0... = Route Preference: Medium (0)
            000. .000 = Reserved: 0
        Route Lifetime: 604800
        Prefix: 2001:db0:fff::
```
 2019-09-17 12:09:59 +02:00
Yu Watanabe f6c6ff97f5 network: add RoutingPolicyRule.Family= setting 
Closes #13233.
 2019-08-16 22:02:17 +09:00
Yu Watanabe 2d79289525 network: rename AddressFamilyBoolean -> AddressFamily 
We usually do not call an extended boolean as XxxBoolean.
 2019-08-16 22:02:17 +09:00
Yu Watanabe 4bd04e3dcb network: drop recently added settings from deprecated [DHCP] section 2019-07-25 12:39:33 +09:00
Yu Watanabe a24e12f020 network: add DHCPv4.RoutesToDNS= setting 2019-07-19 01:49:39 +09:00
Yu Watanabe b956364db0 network: rename Neighbor.MACAddress= to Neighbor.LinkLayerAddress= 
And make it support IPv4 address.

Closes #13015.
 2019-07-11 22:22:29 +09:00
Lennart Poettering 7e82b4059b
Merge pull request #13006 from yuwata/network-split-dhcp-12917 
networkd: DHCPv6 - separate DHCPv6 options from DHCPv4 options
 2019-07-11 10:28:03 +02:00
1848 98d20a17a9 Added support for xfrm interfaces 2019-07-10 23:02:19 +09:00
Yu Watanabe 4f7331a85e network: rename [DHCP] section to [DHCPv4] 
To keep the backward compatibility broken by the previous commit.
 2019-07-10 17:33:09 +09:00
Susant Sahani caa8ca4286 networkd: DHCPv6 - separate DHCPv6 options from DHCPv4 options 
Closes https://github.com/systemd/systemd/issues/12917
 2019-07-10 16:59:29 +09:00
Zbigniew Jędrzejewski-Szmek 8fabb625ac
Merge pull request #12912 from yuwata/network-move-functions 
network: move functions
 2019-07-02 09:46:38 +02:00
Yu Watanabe 44005bfb4e network,udev: add Property= setting in [Match] section 
Closes #5665.
 2019-07-01 01:24:42 +09:00
Yu Watanabe 54a8423788 network,udev: fix multiple invert matching lines 
Previously,
```
[Match]
Name=!aaa
Name=!bbb
```
does not work. This fixes the issue.
 2019-07-01 01:24:42 +09:00
Yu Watanabe 8fcf1d6180 network: move DHCP server related functions to networkd-dhcp-server.c 2019-06-30 04:46:27 +09:00
Yu Watanabe ca5ad760a5 network: move conf parsers and function prototypes 2019-06-30 04:45:56 +09:00
Susant Sahani 7da377ef16 networkd: add support to keep configuration 2019-06-06 22:50:29 +09:00
Susant Sahani e520ce6440 networkd: Ability to selectively ignore IPv6 prefixes supplied via router advertisement 
Closes https://github.com/systemd/systemd/issues/10647
 2019-05-19 22:23:06 +09:00
Susant Sahani 9b88f20aba networkd: route add MPLS TTL propagate 2019-05-18 10:30:41 +09:00
Susant Sahani 69c317a07f networkd: introduce netdev ipvtap 
This patch adds netdev ipvtap that is based on the
IP-VLAN network interface, called ipvtap. An ipvtap device can be created
in the same way as an ipvlan device, using 'kind ipvtap', and then accessed
using the tap user space interface.
 2019-05-16 09:48:53 +09:00
Yu Watanabe 5d5003ab35 network: add DefaultRouteOnDevice= setting in [Network] section 
When enabled, then default route bound to the interface will be created.
This is useful when adding routes on point-to-point interfaces.

Closes #788.
 2019-05-15 12:44:30 +09:00
Yu Watanabe 6e114a2475
Merge pull request #12555 from ssahani/route-properties 
networkd: route add support to configure fastopen_no_cookie
 2019-05-14 09:03:52 +02:00
Susant Sahani 1501b429a9 networkd: DHCP client add support to send RELEASE packet 
closes #10820
 2019-05-14 09:03:01 +02:00
Susant Sahani 633c725865 networkd: route add support to configure fastopen_no_cookie 
This patch adds fastopen_no_cookie option to enable/disable TCP fastopen
without a cookie on a per-route basis.
 2019-05-14 08:08:36 +05:30
Susant Sahani bdb397ed10 networkd: bridge FDB support more NTF_* flags 
Add support to configure NTF_ROUTER and NTF_USE
 2019-05-14 02:24:51 +02:00
Yu Watanabe 5af7bc6f4c
Merge pull request #12480 from ssahani/proxy-arp 
network: bridge add support to configure proxy ARP/WIFI
 2019-05-10 15:30:41 +02:00
Susant Sahani 727b573418 networkd: Add support for blacklisting servers 
closes #6260

fuzzer: Add DHCP support for blacklisting servers
 2019-05-10 15:29:55 +02:00
Susant Sahani 0fadb2a46f network: add support to configure proxy ARP/WIFI 2019-05-09 15:03:04 +09:00
Susant Sahani 1087623bac networkd: Add support to configure proxy ARP and proxy ARP Wifi 2019-05-09 01:44:26 +02:00
Susant Sahani 61b824c561 networkd: bridge fdb add support to configure VXLAN VNI 2019-05-08 03:43:43 +02:00
Susant Sahani 715cedfbf0 networkd: Allow DHCP4 client to set the number to attempt to reconfigure. 
Otherwise current value is 6 and after 6 it will give up.
 2019-05-07 17:12:04 +02:00
Yu Watanabe e800fd24a1 network: use DEFINE_STRING_TABLE_LOOKUP() macro for AddressFamilyBoolean 2019-05-04 16:46:02 +02:00
Susant Sahani c2c2793f39 networkd: Add support to configure destination address for bridge FDB 
Closes #5145.

Example conf:
```
[Match]
Name=vxlan1309

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.2

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.4

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.5
```
 2019-05-03 06:11:52 +02:00
Yu Watanabe e57319dd54 network: re-indent gperf files 2019-04-12 10:12:42 +09:00
Susant Sahani 81962db798 network: Introduce MACsec 
Media Access Control Security (MACsec) is an 802.1AE IEEE
industry-standard security technology that provides secure
communication for all traffic on Ethernet links.
MACsec provides point-to-point security on Ethernet links between
directly connected nodes and is capable of identifying and preventing
most security threats, including denial of service, intrusion,
man-in-the-middle, masquerading, passive wiretapping, and playback attacks.

Closes #5754
 2019-04-12 10:12:41 +09:00
Yu Watanabe c4f58deab5 network,udev: split static condition tests from net_match_config() 2019-03-21 23:37:39 +09:00
Susant Sahani 3a56e697c8 networkd: Introduce l2tp tunnel 
This works allows networkd to configure l2tp tunnel.
See http://man7.org/linux/man-pages/man8/ip-l2tp.8.html
 2019-03-14 10:57:41 +09:00
Tobias Jungel 7f15b71460 networkd: Add bridge port capabilities 
This PR adds the configuration switches for multicast flooding, neighbor
suppression and learning of a bridge port.
 2019-03-13 16:27:22 +01:00
Lennart Poettering 96c45cc697
Merge pull request #11861 from yuwata/network-verify-2 
network: config parser updates and wireguard refactoring
 2019-03-13 10:15:27 +01:00
Yu Watanabe 4ac77d63e9 network: make RequiredForOnline= also take operational state 
This will be used by systemd-networkd-wait-online.
 2019-03-13 14:29:03 +09:00
Yu Watanabe 95dba43542 network: use ltype to determine netdev kind in config_parse_stacked_netdev() 2019-03-13 11:59:18 +09:00
Clemens Gruber c423be28a0 network: introduce TripleSampling= option in CAN section 
When enabled, three samples are used to determine the value of a
received bit by majority rule.

This patch adds support for the TripleSampling= option in the [CAN]
section of .network files.
 2019-03-11 17:15:47 +01:00
Yu Watanabe 9cb8c55934 network: rename GatewayOnlink= to GatewayOnLink= 
But still GatewayOnlink= is supported for backward compatibility.
 2019-02-28 10:00:22 +09:00
Yu Watanabe cebe12571d network: make resolving NetDev names delayed and moved to network_verify() 
And before resolving NetDev names, check conditions in .network,
and if they do not match the system environment, drop the network
unit earlier.

Fixes #4211.
 2019-02-26 10:06:23 +09:00
Lennart Poettering 702451b038
Merge pull request #11698 from yuwata/fix-network-route-table 
network: honor specified route table
 2019-02-18 12:58:32 +01:00
Lennart Poettering 84e4b0b893
Merge pull request #11716 from ssahani/drop-autoconf-address 
networkd: ipv6ra allow to ignore addresses
 2019-02-15 12:17:46 +01:00
Yu Watanabe d5fa333960 network: introduce Network::ipv6_accept_ra_route_table_set flag 
It will be used in later commit.
 2019-02-15 10:58:22 +09:00
Susant Sahani 062c2eea3a networkd: ipv6ra allow to ignore addresses 
Allows to ignore prefixes.

```
UseAutonomousPrefix=
UseOnLinkPrefix=
```

closes #9582
 2019-02-14 21:05:17 +05:30
Susant Sahani 93b4dab57e networkd: Allow to retain configs even if carrier is lost 
When there is bad link in the network the carrier goes up/down.
This makes networkd stops all the clients and drop config.
But if the remote router/dhcpserver running a prevention
of DHCP Starvation attack or DHCP Flood attack it does not allow
networkd to take a DHCP lease resulting failure in configuration.
This patch allows to keep the client running and keep the conf
also for this scenario.

Closes #9111
 2019-02-06 13:35:11 +01:00
Lennart Poettering 7ece6f5897 networkd: permit DNS "DefaultRoute" configuration in .network files 2018-12-21 12:10:07 +01:00