| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Add LXC detection at the beginning of the script to set container="lxc"
if an LXC container is detected. Later, use this to skip bridge and
bond creation in an LXC container. Patched script works in both LXC
and on bare metal.
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch adds some security and privacy enhancements to SLAAC configuration.
When SLAAC_PRIVIPGEN is "yes", address generation is enhanced with a secret
key for the interface set in SLAAC_SECRET. This prevents predictable
address generation.
When SLAAC_TEMPADDR is "yes", a temporary address is used with SLAAC.
Thanks to davjohn from LQ for the inital patches and help testing.
|
| |
|
|
|
|
|
| |
This fixes a bug where SLAAC would take a while to be effective when the
interface is already up. Thanks to davjohn on LQ for the report.
|
|
|
|
|
| |
This seems to improve the ability to obtain a SLAAC address without
waiting for up to 5 minutes. Thanks to davjohn on LQ for the patch.
|
| |
|
| |
|
|
|
|
| |
required.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit introduces the logic for a new IPADDRS array which will work in a
similar way to the IPv6 IP6ADDRS array. The IPADDRS array can hold multiple
IPv4 addresses with netmasks, which are used in preference to, but maintaining
backwards compatibility with, the old IPADDR/NETMASK arrays.
If IPADDRS is set for an interface, the IPs and netmasks configured in the
array are set before an also configured IPADDR/NETMASK. This maintains
backwards compatibility - users can continue to use the IPADDR/NETMASK and
IPALIASES arrays to configure the interface and completely ignore IPADDRS,
or keep their old rc.inet1.conf files, if they so wish.
If the IPADDRS arrays contains multiple IPs, those IPs are all added to the
interface regardles of whether any IP in IPADDRS is or is not set.
These IPs will also be added to the interface just as with IPALIASES if
DHCP/SLAAC is used to set the first IP. The IPALIASES IPs are also added to
the interface to maintain backwards compatibility.
IPa set in IPADDRS to be used as 'alias' interfaces, are NOT given the usual
ethX:Y name, like the IPs listed in IPALIASES. To get an ethX:Y interface
the iPALIASES array should be used; to have the IPs simply added to the
interface the user should use the IPADDRS array with multiple (space separated)
IPs and netmasks. Using IPALIASES along side IPADDRS is completly legal and
maintains backwards compatibility - it would yield a mixture of IPs set with
and without ethX:Y aliases.
This changeset moves the IPv4 configuration to be on par with the new IPv6
configuration syntax, but maintains FULL backwards compatibility with the old
style syntax.
Additionally, handling of IP4ADDRS has been modified such that it matches the
IPADDRS usage. That is, any IPs listed in IP6ADDRS are also added to the
interface (just as IPADDRS and IPALIASES are added for v4) whether the
interface is configured with DHCP/DHCP6/SLAAC or not. This is a change to
the IP6ADDRS usage, but since this script hasn't been officially accepted,
there is no backwards compatibility issues.
Again, note that these changes DO NOT change previous behaviour or damage
backwards compatability. New functionallity and semantics only change
behaviour of non-released features, so there is no bother to the changes.
netconfig will be modified to output the new IPADDRS syntax, just as it does
for IP6ADDRS and both will allow multiple IPs to be specified at configuration
time - this is an improvement on the current netconfig behaviour.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The -L command line option was added to the dhcpcd call in the -current
development cycle to assist ARM users with getting networking up and running.
This addition was incorrect as rc.inet1 already has support to use or not use
-L by setting DHCP_NOIPV4LL[x]="". When I was updating rc.inet1 I took out
the -L, but didn't make it clear enough why I had taken it out and how to use
the DHCP_NOIP4ALL[x]="" option in rc.inet1.conf. This commit is simply
updating that comment to be more verbose.
|
|
|
|
|
| |
The rest of the shellcheck issues are non-issue warnings that
could possibly do with being corrected, but it's not a huge issue.
|
|
|
|
| |
Thanks to Master-Passeli for the bug report.
|
|
|
|
| |
Thanks to abga on LQ.
|
| |
|
|
|
|
| |
Thanks to upnort for the suggestions.
|
| |
|
|
|
|
|
|
|
|
|
| |
* Added more debug_log calls around taking down interfaces.
* When taking down a bridge, put the member interfaces down too.
* Configure wireless interfaces before everything else - it might be that
a wireless interface is part of a bond/bridge/VLAN.
* When taking down VLAN interfaces, check if the underlying interface has
an IP address. If it does, leave it up; else take it down.
|
|
|
|
| |
Also removed redundant setting of a 0.0.0.0 IP address.
|
|
|
|
|
|
|
|
|
|
| |
Previously we had an xOPTS variable for each type of interface that could
be configured. I've replaced this with a generic IFOPTS option which can
be used to supply interface type specific options to 'ip'.
As the option is now generic, it can be applied to physical interfaces too;
so interfaces such as eth0 can have options applied just like a virtual
interface.
|
|
|
|
|
|
|
| |
Before, it was not possible to set bridge specific options when creating
a bridge. This option adds the ability to set options via a BROPTS
variable, which takes a pipe (|) delimited set of options as documented
in the ip-link(8) man page (search for "BRIDGE Type Support").
|
| |
|
|
|
|
|
| |
This variable can be used to set custom options to configure the VLAN
interface. It does not need to be used in 'normal' operation with a VLAN.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The bonding code introduces three new variables for use in rc.inet1.conf:
BONDNICS[x]=""
BONDMODE[x]=""
BONDOPTS[x]=""
The BONDNICS variable takes a list of interfaces which should be slaved to
the bond.
BONDMODE sets the mode of the bond. Useful options are 'balance-rr',
'active-backup' and '802.3ad'. A full list of options can be found in
/usr/src/linux/Documentation/networking/bonding.txt and README.bonding.
BONDOPTS are a pipe (|) separated list of options to apply to the bond after
the interfaces have been added. Useful options are 'primary' (which is
required when BONDMODE is 'active-backup', 'xmit_hash_policy' (which can be
used with 'balance-rr' to choose the hash policy, 'lacp_rate' (which should
be used with '802.3ad' mode), and 'miimon' (which should be used with all
modes) See the kernel source documentation or README.bonding for more info.
|
|
|
|
|
|
|
|
|
|
|
| |
Remove code to skip interfaces that do not have IP addresses configured.
This checking is redundant now, and prevents interfaces being brought up
without IP addresses - which is important for bridging/bonding/VLANs.
When grabbing the vlan ID from the interface name, use ## instead of #.
Move the point where bridges are taken down to before the point where
wireless interfaces are taken down. This is required so that a bridge
on a wireless interface is take down before the interface itself.
When looping through the interfaces to take down, use MAXNICS-1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rc.inet1:
* VLAN support added to rc.inet1{,.conf}.
* Created new info_log function to replace $LOGGING variable.
* When logging to syslog, use a tag of 'rc.inet1' with PID.
* Decrease script noisyness at non-debug levels.
* Add more debugging logging for testing.
* Use -4 when configuring IPv4 loopback address.
* Configure ::1 for IPv6 loopbacking.
* Use 'local' not 'declare' in functions.
* Move where DAD is disabled when setting IPv6 addresses.
* Add error checking to some calls to 'ip'.
* Walk backwards through interfaces when deconfiguring.
rc.wireless:
* Log to syslog, failling back to stdout.
* Output error to stderr if not called from rc.inet1.
Manpages and netconfig:
* Updated for new VLAN support.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It occurred to me that IPv6 addresses don't really need to have IP6ALIASES
since all IPs are just added to the interface itself. So I've changed the
syntax from using IP6ADDR + PREFIXLEN + IP6ALIASES to using just a single
IP6ADDRS array, which takes a list of IP addresses with a prefix length
in a space separated list. eg:
IP6ADDRS[0]="a:b:c:d::1/64 1:2:3::1/48"
If the prefix length is omitted a /64 length is assumed and a warning
emitted.
|
|
|
|
|
|
| |
This is ugly, but it beats doing the sleep regardless of whether
there's any need for it and causing folks to whine about two
seconds of loss in boot time.
|
|
|
|
| |
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
|
| |
This prevents an annoying "RTNETLINK answers: File exists" warning
when restarting networking
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
| |
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
| |
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
| |
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
| |
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
|
|
|
|
| |
This has the effect of allowing someone to disable ipv6 entirely,
and the script do the right thing.
Move the enabling of DAD into the correct section - no idea how
it ended up in the ipv4 block of code. D'oh.
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* USE_AUTOCONF->USE_SLAAC to be more consistent with IPv6 terminology
* PREFIX6->PREFIXLEN to be more consistent with IPv6 terminology
Thanks to David Spencer (idlemoor) for the patch to the above
* AUTOCONF_TIMEOUT->SLAAC_TIMEOUT to be consistent with USE_SLAAC change
Since some options for IPv6 no longer end in '6', we can relax the naming
of others, so these make sense: IPADDR6->IP6ADDR ; IPALIASES6->IP6ALIASES
Update to rc.inet1.conf example file - thanks to David Spencer.
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
|
|
|
| |
Also fix loading of interface modules - previously just $i was used,
where it should have been ${i%%:*}
Also added pre-loading of ipv6 module
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
|
|
|
|
| |
https://www.agwa.name/blog/post/beware_the_ipv6_dad_race_condition
This removes the need to sleep for 3 seconds after setting up the
interfaces, but does mean we lose detection of address clashes on
the inteface - it's a trade off
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
In testing here, this was necessary to prevent daemons reporting 'Cannot
assign requested address' for IPv6 addresses when they attempt to bind()
to the interface address. This only seems to affect v6 addresses - v4
addresses seem to be immediately available to bind() - but a 3 second
pause shouldn't hurt given that the other methods of configuration can
block for up to 15 seconds.
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
| |
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
| |
Removed unneeded sleep when taking interface down
Signed-off-by: Robby Workman <rworkman@slackware.com>
|
|
|
|
|
|
| |
This is more in line with Slackware tradition
Signed-off-by: Robby Workman <rworkman@slackware.com>
|