diff options
author | Nick Owens <nick.owens@coreos.com> | 2015-05-01 11:48:08 -0700 |
---|---|---|
committer | Nick Owens <nick.owens@coreos.com> | 2015-06-02 15:31:48 -0700 |
commit | a70ec7f19f3375c9eeda9f9a2f4181ca008239fc (patch) | |
tree | d3f46021eda5aead96d39aa5eb18b9da1dd0116c | |
parent | b30e7a269d1ee289d29282e93f41559ace9d4775 (diff) |
networkd: create "kernel" setting for IPForwarding
In 5a8bcb674f71a20e95df55319b34c556638378ce, IPForwarding was introduced
to set forwarding flags on interfaces in .network files. networkd sets
forwarding options regardless of the previous setting, even if it was
set by e.g. sysctl. This commit creates a new option for IPForwarding,
"kernel", that preserves the sysctl settings rather than always setting
them.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial
bug report.
-rw-r--r-- | src/network/networkd-link.c | 6 | ||||
-rw-r--r-- | src/network/networkd-manager.c | 4 | ||||
-rw-r--r-- | src/network/networkd.h | 1 |
3 files changed, 11 insertions, 0 deletions
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index f039a2d687..b30fd7ae89 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -1481,6 +1481,9 @@ static int link_set_ipv4_forward(Link *link) { const char *p = NULL; int r; + if (link->network->ip_forward == ADDRESS_FAMILY_KERNEL) + return 0; + p = strjoina("/proc/sys/net/ipv4/conf/", link->ifname, "/forwarding"); r = write_string_file_no_create(p, one_zero(link_ipv4_forward_enabled(link))); if (r < 0) @@ -1497,6 +1500,9 @@ static int link_set_ipv6_forward(Link *link) { if (!socket_ipv6_is_supported()) return 0; + if (link->network->ip_forward == ADDRESS_FAMILY_KERNEL) + return 0; + p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/forwarding"); r = write_string_file_no_create(p, one_zero(link_ipv6_forward_enabled(link))); if (r < 0) diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index db737ad484..2cc53df4b1 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -853,6 +853,8 @@ const char *address_family_boolean_to_string(AddressFamilyBoolean b) { return "ipv4"; if (b == ADDRESS_FAMILY_IPV6) return "ipv6"; + if (b == ADDRESS_FAMILY_KERNEL) + return "kernel"; return NULL; } @@ -872,6 +874,8 @@ AddressFamilyBoolean address_family_boolean_from_string(const char *s) { return ADDRESS_FAMILY_IPV4; if (streq(s, "ipv6")) return ADDRESS_FAMILY_IPV6; + if (streq(s, "kernel")) + return ADDRESS_FAMILY_KERNEL; return _ADDRESS_FAMILY_BOOLEAN_INVALID; } diff --git a/src/network/networkd.h b/src/network/networkd.h index 4b13d4aed1..49afeffe81 100644 --- a/src/network/networkd.h +++ b/src/network/networkd.h @@ -60,6 +60,7 @@ typedef enum AddressFamilyBoolean { ADDRESS_FAMILY_IPV4 = 1, ADDRESS_FAMILY_IPV6 = 2, ADDRESS_FAMILY_YES = 3, + ADDRESS_FAMILY_KERNEL = 4, _ADDRESS_FAMILY_BOOLEAN_MAX, _ADDRESS_FAMILY_BOOLEAN_INVALID = -1, } AddressFamilyBoolean; |