[systemd-devel] [PATCH v2] networkd: do not change kernel forwarding parameters when IPForwarding is unset
Nick Owens
nick.owens at coreos.com
Fri May 15 12:08:15 PDT 2015
In 5a8bcb674f71a20e95df55319b34c556638378ce, IPForwarding was introduced
to set forwarding flags on interfaces in .network files. networkd sets
forwarding options regardless of the previous setting, even if it was
set by e.g. sysctl. This commit makes IPForwarding not change forwarding
settings, so that systems using sysctl continue to work even if
IPForwarding is unset in their .network files.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial
bug report.
---
man/systemd.network.xml | 4 ++--
src/network/networkd-link.c | 6 ++++++
src/network/networkd-network.c | 2 ++
3 files changed, 10 insertions(+), 2 deletions(-)
Zbyszek, Lennart: this new patch should address your concerns.
diff --git a/man/systemd.network.xml b/man/systemd.network.xml
index 5504b46..07c7e5b 100644
--- a/man/systemd.network.xml
+++ b/man/systemd.network.xml
@@ -365,8 +365,8 @@
<filename>net.ipv6.conf.<interface>.forwarding</filename>
sysctl options of the network interface (see <ulink
url="https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt">ip-sysctl.txt</ulink>
- for details about sysctl options). Defaults to
- <literal>no</literal>.</para>
+ for details about sysctl options). If unset, IP forwarding
+ parameters of the interface will not be changed.</para>
<para>Note: unless this option is turned on, no IP
forwarding is done on this interface, even if this is
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index 8b0de1f..d0b2b80 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -1478,6 +1478,9 @@ static int link_set_ipv4_forward(Link *link) {
const char *p = NULL;
int r;
+ if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID)
+ return 0;
+
p = strjoina("/proc/sys/net/ipv4/conf/", link->ifname, "/forwarding");
r = write_string_file_no_create(p, one_zero(link_ipv4_forward_enabled(link)));
if (r < 0)
@@ -1494,6 +1497,9 @@ static int link_set_ipv6_forward(Link *link) {
if (!socket_ipv6_is_supported())
return 0;
+ if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID)
+ return 0;
+
p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/forwarding");
r = write_string_file_no_create(p, one_zero(link_ipv6_forward_enabled(link)));
if (r < 0)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 8aa4eb2..f4762bd 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -109,6 +109,8 @@ static int network_load_one(Manager *manager, const char *filename) {
network->link_local = ADDRESS_FAMILY_IPV6;
+ network->ip_forward = _ADDRESS_FAMILY_BOOLEAN_INVALID;
+
r = config_parse(NULL, filename, file,
"Match\0"
"Link\0"
--
2.3.6
More information about the systemd-devel
mailing list