Age | Commit message (Collapse) | Author |
|
This adds two new settings to networkd's .network files:
IPForwarding=yes and IPMasquerade=yes. The former controls the
"forwarding" sysctl setting of the interface, thus controlling whether
IP forwarding shall be enabled on the specific interface. The latter
controls whether a firewall rule shall be installed that exposes traffic
coming from the interface as coming from the local host to all other
interfaces.
This also enables both options by default for container network
interfaces, thus making "systemd-nspawn --network-veth" have network
connectivity out of the box.
|
|
rules, using libiptc
|
|
These use the (deprecated) IPv4 address classes to deduce the corresponding subnet masks. This is useful when addresses
without subnet masks and prefix lengths are given.
Make use of these new functions from sd-dhcp-lease.
|
|
Primarily, this means we get rid of net_parse_inaddr(), and replace it
everywhere with in_addr_from_string() and in_addr_from_string_auto().
These functions do not clobber the callers arguments on failure, which
is more close to our usual coding style.
|
|
addresses are link-local or not
|
|
Name defending is still missing.
|
|
we already have a more complete one with af_to_name(), that is generated
from the header files, no need to duplicate this.
|
|
Let's settle on a single type for all address family values, even if
UNIX is very inconsitent on the precise type otherwise. Given that
socket() is the primary entrypoint for the sockets API, and that uses
"int", and "int" is relatively simple and generic, we settle on "int"
for this.
|
|
|
|
We mostly use "family" to refer to AF_INET, AF_INET6, etc, let's use
this terminology here, too
|
|
Let's turn resolved into a something truly useful: a fully asynchronous
DNS stub resolver that subscribes to network changes.
(More to come: caching, LLMNR, mDNS/DNS-SD, DNSSEC, IDN, NSS module)
|
|
private in-addr-util.[ch]
These are enough calls for a new file, and they are sufficiently
different from the sockaddr-related calls, hence let's split this out.
|