summaryrefslogtreecommitdiffstats
path: root/rc.inet1
Commit message (Collapse)AuthorAgeFilesLines
* rc.inet1: Skip bridge and bond configuration in LXC containerPatrick J. Volkerding2021-11-121-3/+10
| | | | | | | | | Add LXC detection at the beginning of the script to set container="lxc" if an LXC container is detected. Later, use this to skip bridge and bond creation in an LXC container. Patched script works in both LXC and on bare metal. Signed-off-by: Robby Workman <rworkman@slackware.com>
* Move enabling RA before SLAAC security section. Thanks to davjohn on LQ.Darren 'Tadgy' Austin2021-03-081-8/+8
|
* Added debugging output around new SLAAC enhancements.Darren 'Tadgy' Austin2021-03-081-0/+4
|
* Fix typo of 'default'.Darren 'Tadgy' Austin2021-03-081-1/+1
|
* Add SLAAC security and privacy options.Darren 'Tadgy' Austin2021-03-081-2/+17
| | | | | | | | | | This patch adds some security and privacy enhancements to SLAAC configuration. When SLAAC_PRIVIPGEN is "yes", address generation is enhanced with a secret key for the interface set in SLAAC_SECRET. This prevents predictable address generation. When SLAAC_TEMPADDR is "yes", a temporary address is used with SLAAC. Thanks to davjohn from LQ for the inital patches and help testing.
* Fix a typo in br_open when configuring IFOPTS: i->1.Darren 'Tadgy' Austin2021-03-071-1/+1
|
* Don't bring up a bridge interface if it will be brought up later by IP config.Darren 'Tadgy' Austin2021-03-071-2/+6
| | | | | This fixes a bug where SLAAC would take a while to be effective when the interface is already up. Thanks to davjohn on LQ for the report.
* Move configuration of SLACC before DHCP.Darren 'Tadgy' Austin2021-03-071-29/+29
| | | | | This seems to improve the ability to obtain a SLAAC address without waiting for up to 5 minutes. Thanks to davjohn on LQ for the patch.
* rc.inet1: Fix typo (destory -> destroy)Robby Workman2021-02-281-1/+1
|
* Some small syntax updates to quiet shellcheck.Darren 'Tadgy' Austin2021-02-271-15/+15
|
* Use extglobs to protect expansion of IFOPTS. Note: bash + extglob is now ↵Darren 'Tadgy' Austin2021-02-271-4/+7
| | | | required.
* Implement a new IPADDRS array for v4 IPs - read full commit messageDarren 'Tadgy' Austin2021-02-271-43/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit introduces the logic for a new IPADDRS array which will work in a similar way to the IPv6 IP6ADDRS array. The IPADDRS array can hold multiple IPv4 addresses with netmasks, which are used in preference to, but maintaining backwards compatibility with, the old IPADDR/NETMASK arrays. If IPADDRS is set for an interface, the IPs and netmasks configured in the array are set before an also configured IPADDR/NETMASK. This maintains backwards compatibility - users can continue to use the IPADDR/NETMASK and IPALIASES arrays to configure the interface and completely ignore IPADDRS, or keep their old rc.inet1.conf files, if they so wish. If the IPADDRS arrays contains multiple IPs, those IPs are all added to the interface regardles of whether any IP in IPADDRS is or is not set. These IPs will also be added to the interface just as with IPALIASES if DHCP/SLAAC is used to set the first IP. The IPALIASES IPs are also added to the interface to maintain backwards compatibility. IPa set in IPADDRS to be used as 'alias' interfaces, are NOT given the usual ethX:Y name, like the IPs listed in IPALIASES. To get an ethX:Y interface the iPALIASES array should be used; to have the IPs simply added to the interface the user should use the IPADDRS array with multiple (space separated) IPs and netmasks. Using IPALIASES along side IPADDRS is completly legal and maintains backwards compatibility - it would yield a mixture of IPs set with and without ethX:Y aliases. This changeset moves the IPv4 configuration to be on par with the new IPv6 configuration syntax, but maintains FULL backwards compatibility with the old style syntax. Additionally, handling of IP4ADDRS has been modified such that it matches the IPADDRS usage. That is, any IPs listed in IP6ADDRS are also added to the interface (just as IPADDRS and IPALIASES are added for v4) whether the interface is configured with DHCP/DHCP6/SLAAC or not. This is a change to the IP6ADDRS usage, but since this script hasn't been officially accepted, there is no backwards compatibility issues. Again, note that these changes DO NOT change previous behaviour or damage backwards compatability. New functionallity and semantics only change behaviour of non-released features, so there is no bother to the changes. netconfig will be modified to output the new IPADDRS syntax, just as it does for IP6ADDRS and both will allow multiple IPs to be specified at configuration time - this is an improvement on the current netconfig behaviour.
* Restablish use of the -L option to assist Slackware ARM users.Darren 'Tadgy' Austin2021-02-271-1/+0
|
* Update comments regarding use of the hard coded dhcpcd -L command line option.current-20210227Darren 'Tadgy' Austin2020-08-171-3/+6
| | | | | | | | | | The -L command line option was added to the dhcpcd call in the -current development cycle to assist ARM users with getting networking up and running. This addition was incorrect as rc.inet1 already has support to use or not use -L by setting DHCP_NOIPV4LL[x]="". When I was updating rc.inet1 I took out the -L, but didn't make it clear enough why I had taken it out and how to use the DHCP_NOIP4ALL[x]="" option in rc.inet1.conf. This commit is simply updating that comment to be more verbose.
* Correct a couple of issues making shellcheck barf errors.Darren 'Tadgy' Austin2020-01-051-2/+2
| | | | | The rest of the shellcheck issues are non-issue warnings that could possibly do with being corrected, but it's not a huge issue.
* Match interface name exactly when taking interfaces down.Darren 'Tadgy' Austin2019-11-291-1/+1
| | | | Thanks to Master-Passeli for the bug report.
* Flush interface before applying any IPs.Darren 'Tadgy' Austin2019-11-181-0/+2
| | | | Thanks to abga on LQ.
* Quiet "modprobe ipv6" using its built-in way to do it :-)Robby Workman2019-11-151-1/+1
|
* Quiet down the ipv6 modprobe. Tell the user what is going on.Darren 'Tadgy' Austin2019-11-151-1/+3
| | | | Thanks to upnort for the suggestions.
* Update documentation. Default BONDMODE to balance-rr. Update rc.inet1.conf.Darren 'Tadgy' Austin2019-11-141-2/+2
|
* Several small fixes - see log.Darren 'Tadgy' Austin2019-11-131-8/+24
| | | | | | | | | * Added more debug_log calls around taking down interfaces. * When taking down a bridge, put the member interfaces down too. * Configure wireless interfaces before everything else - it might be that a wireless interface is part of a bond/bridge/VLAN. * When taking down VLAN interfaces, check if the underlying interface has an IP address. If it does, leave it up; else take it down.
* When creating a bond, flush the underlying interface IP.Darren 'Tadgy' Austin2019-11-131-4/+2
| | | | Also removed redundant setting of a 0.0.0.0 IP address.
* Remove BONDOPTS, VLANOPTS and BROPTS and replace with generic IFOPTS.Darren 'Tadgy' Austin2019-11-131-15/+26
| | | | | | | | | | Previously we had an xOPTS variable for each type of interface that could be configured. I've replaced this with a generic IFOPTS option which can be used to supply interface type specific options to 'ip'. As the option is now generic, it can be applied to physical interfaces too; so interfaces such as eth0 can have options applied just like a virtual interface.
* Added support for a BROPTS variable to set bridge specific settings.Darren 'Tadgy' Austin2019-11-131-0/+6
| | | | | | | Before, it was not possible to set bridge specific options when creating a bridge. This option adds the ability to set options via a BROPTS variable, which takes a pipe (|) delimited set of options as documented in the ip-link(8) man page (search for "BRIDGE Type Support").
* Be consistent with variable case. Emit warning when assuming netmask.Darren 'Tadgy' Austin2019-11-131-47/+50
|
* Create and document a new VLANOPTS variable.Darren 'Tadgy' Austin2019-11-131-0/+6
| | | | | This variable can be used to set custom options to configure the VLAN interface. It does not need to be used in 'normal' operation with a VLAN.
* Initial support for bonding (link aggrigation) in rc.inet1.Darren 'Tadgy' Austin2019-11-131-7/+53
| | | | | | | | | | | | | | | | | | | The bonding code introduces three new variables for use in rc.inet1.conf: BONDNICS[x]="" BONDMODE[x]="" BONDOPTS[x]="" The BONDNICS variable takes a list of interfaces which should be slaved to the bond. BONDMODE sets the mode of the bond. Useful options are 'balance-rr', 'active-backup' and '802.3ad'. A full list of options can be found in /usr/src/linux/Documentation/networking/bonding.txt and README.bonding. BONDOPTS are a pipe (|) separated list of options to apply to the bond after the interfaces have been added. Useful options are 'primary' (which is required when BONDMODE is 'active-backup', 'xmit_hash_policy' (which can be used with 'balance-rr' to choose the hash policy, 'lacp_rate' (which should be used with '802.3ad' mode), and 'miimon' (which should be used with all modes) See the kernel source documentation or README.bonding for more info.
* Small fixes - see full log.Darren 'Tadgy' Austin2019-11-121-13/+7
| | | | | | | | | | | Remove code to skip interfaces that do not have IP addresses configured. This checking is redundant now, and prevents interfaces being brought up without IP addresses - which is important for bridging/bonding/VLANs. When grabbing the vlan ID from the interface name, use ## instead of #. Move the point where bridges are taken down to before the point where wireless interfaces are taken down. This is required so that a bridge on a wireless interface is take down before the interface itself. When looping through the interfaces to take down, use MAXNICS-1.
* Fix typo when de-configuring interfaces, i->1.Darren 'Tadgy' Austin2019-11-111-1/+1
|
* VLAN support. Sync logging/IPv6 changes from tadgy-ipv6-fixes branch.Darren 'Tadgy' Austin2019-11-111-70/+124
| | | | | | | | | | | | | | | | | | | | rc.inet1: * VLAN support added to rc.inet1{,.conf}. * Created new info_log function to replace $LOGGING variable. * When logging to syslog, use a tag of 'rc.inet1' with PID. * Decrease script noisyness at non-debug levels. * Add more debugging logging for testing. * Use -4 when configuring IPv4 loopback address. * Configure ::1 for IPv6 loopbacking. * Use 'local' not 'declare' in functions. * Move where DAD is disabled when setting IPv6 addresses. * Add error checking to some calls to 'ip'. * Walk backwards through interfaces when deconfiguring. rc.wireless: * Log to syslog, failling back to stdout. * Output error to stderr if not called from rc.inet1. Manpages and netconfig: * Updated for new VLAN support.
* Walk _backwards_ through interfaces when deconfiguring.Darren 'Tadgy' Austin2019-11-071-2/+3
|
* Initial commit of VLAN support.Darren 'Tadgy' Austin2019-11-071-4/+31
|
* Use 'broadcast +' for bringing up interfaces in IPALIASES block.Darren 'Tadgy' Austin2019-11-061-2/+2
|
* Remove IP6ALIASES block. IP6ADDR->IP6ADDRS.Darren 'Tadgy' Austin2019-11-061-17/+1
|
* New configuration methodology - see full commit log.Darren 'Tadgy' Austin2019-11-061-18/+22
| | | | | | | | | | | It occurred to me that IPv6 addresses don't really need to have IP6ALIASES since all IPs are just added to the interface itself. So I've changed the syntax from using IP6ADDR + PREFIXLEN + IP6ALIASES to using just a single IP6ADDRS array, which takes a list of IP addresses with a prefix length in a space separated list. eg: IP6ADDRS[0]="a:b:c:d::1/64 1:2:3::1/48" If the prefix length is omitted a /64 length is assumed and a warning emitted.
* If modprobe events occurred, sleep for a bit after they finishedRobby Workman2018-11-261-1/+6
| | | | | | This is ugly, but it beats doing the sleep regardless of whether there's any need for it and causing folks to whine about two seconds of loss in boot time.
* Add README.IPv6Darren 'Tadgy' Austin2018-11-261-9/+14
| | | | Signed-off-by: Robby Workman <rworkman@slackware.com>
* Flush ip addresses on lo when taking interfaces downDarren 'Tadgy' Austin2018-11-261-0/+2
| | | | | | | This prevents an annoying "RTNETLINK answers: File exists" warning when restarting networking Signed-off-by: Robby Workman <rworkman@slackware.com>
* Enable RA for DHCP/Fixed IP if explicitly told to do soDarren 'Tadgy' Austin2018-11-261-0/+8
| | | | Signed-off-by: Robby Workman <rworkman@slackware.com>
* In if_down(), only perform IPv6 operations if IPv6 is activeDarren 'Tadgy' Austin2018-11-261-4/+8
| | | | Signed-off-by: Robby Workman <rworkman@slackware.com>
* Remove hard coded -L from dhcpcd command lineDarren 'Tadgy' Austin2018-11-261-4/+2
| | | | Signed-off-by: Robby Workman <rworkman@slackware.com>
* Added USE_RA[x] option to explicitly enable/disable RA supportDarren 'Tadgy' Austin2018-11-261-3/+12
| | | | Signed-off-by: Robby Workman <rworkman@slackware.com>
* Protect blocks of code by testing whether ipv6 is activeDarren 'Tadgy' Austin2018-11-251-20/+30
| | | | | | | | | | This has the effect of allowing someone to disable ipv6 entirely, and the script do the right thing. Move the enabling of DAD into the correct section - no idea how it ended up in the ipv4 block of code. D'oh. Signed-off-by: Robby Workman <rworkman@slackware.com>
* Various fixups for nomenclature - see full commit messageDarren 'Tadgy' Austin2018-11-251-14/+14
| | | | | | | | | | | | | | | | * USE_AUTOCONF->USE_SLAAC to be more consistent with IPv6 terminology * PREFIX6->PREFIXLEN to be more consistent with IPv6 terminology Thanks to David Spencer (idlemoor) for the patch to the above * AUTOCONF_TIMEOUT->SLAAC_TIMEOUT to be consistent with USE_SLAAC change Since some options for IPv6 no longer end in '6', we can relax the naming of others, so these make sense: IPADDR6->IP6ADDR ; IPALIASES6->IP6ALIASES Update to rc.inet1.conf example file - thanks to David Spencer. Signed-off-by: Robby Workman <rworkman@slackware.com>
* Move interface module loading into a 'pre-load' sectionDarren 'Tadgy' Austin2018-11-251-9/+21
| | | | | | | | | Also fix loading of interface modules - previously just $i was used, where it should have been ${i%%:*} Also added pre-loading of ipv6 module Signed-off-by: Robby Workman <rworkman@slackware.com>
* Mitigate a race condition with Duplicate Address DetectionDarren 'Tadgy' Austin2018-11-251-4/+12
| | | | | | | | | | https://www.agwa.name/blog/post/beware_the_ipv6_dad_race_condition This removes the need to sleep for 3 seconds after setting up the interfaces, but does mean we lose detection of address clashes on the inteface - it's a trade off Signed-off-by: Robby Workman <rworkman@slackware.com>
* rc.inet1: sleep for 3 seconds after setting all the interface options/IPsDarren 'Tadgy' Austin2018-11-251-0/+4
| | | | | | | | | | | In testing here, this was necessary to prevent daemons reporting 'Cannot assign requested address' for IPv6 addresses when they attempt to bind() to the interface address. This only seems to affect v6 addresses - v4 addresses seem to be immediately available to bind() - but a 3 second pause shouldn't hurt given that the other methods of configuration can block for up to 15 seconds. Signed-off-by: Robby Workman <rworkman@slackware.com>
* Added ipv6 gateway up/down functionDarren 'Tadgy' Austin2018-11-251-4/+15
| | | | Signed-off-by: Robby Workman <rworkman@slackware.com>
* Added support for AUTOCONF6_TIMEOUT[x] optionDarren 'Tadgy' Austin2018-11-251-4/+5
| | | | | | Removed unneeded sleep when taking interface down Signed-off-by: Robby Workman <rworkman@slackware.com>
* Move AUTOCONF6 block to favour dynamic configuration over fixed IPDarren 'Tadgy' Austin2018-11-251-25/+23
| | | | | | This is more in line with Slackware tradition Signed-off-by: Robby Workman <rworkman@slackware.com>