diff options
author | Lennart Poettering <lennart@poettering.net> | 2015-01-13 13:47:08 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2015-01-13 13:55:15 +0100 |
commit | 5a8bcb674f71a20e95df55319b34c556638378ce (patch) | |
tree | db1de9b03cb9bf4c017a0f620cf9d310c9de6098 /src/network/networkd.h | |
parent | 76917807eb50ccde58901e8bec7ed3d408d1cc22 (diff) |
networkd: add minimal IP forwarding and masquerading support to .network files
This adds two new settings to networkd's .network files:
IPForwarding=yes and IPMasquerade=yes. The former controls the
"forwarding" sysctl setting of the interface, thus controlling whether
IP forwarding shall be enabled on the specific interface. The latter
controls whether a firewall rule shall be installed that exposes traffic
coming from the interface as coming from the local host to all other
interfaces.
This also enables both options by default for container network
interfaces, thus making "systemd-nspawn --network-veth" have network
connectivity out of the box.
Diffstat (limited to 'src/network/networkd.h')
-rw-r--r-- | src/network/networkd.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/network/networkd.h b/src/network/networkd.h index 7107c5f932..39b2d2bec9 100644 --- a/src/network/networkd.h +++ b/src/network/networkd.h @@ -120,6 +120,9 @@ struct Network { unsigned cost; + bool ip_masquerade; + bool ip_forward; + struct ether_addr *mac; unsigned mtu; @@ -157,6 +160,8 @@ struct Address { union in_addr_union in_addr; union in_addr_union in_addr_peer; + bool ip_forward_done; + LIST_FIELDS(Address, addresses); }; @@ -326,6 +331,8 @@ void address_free(Address *address); int address_configure(Address *address, Link *link, sd_rtnl_message_handler_t callback); int address_update(Address *address, Link *link, sd_rtnl_message_handler_t callback); int address_drop(Address *address, Link *link, sd_rtnl_message_handler_t callback); +int address_establish(Address *address, Link *link); +int address_release(Address *address, Link *link); bool address_equal(Address *a1, Address *a2); DEFINE_TRIVIAL_CLEANUP_FUNC(Address*, address_free); |