| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
After the call to interface_handle_config_change, the iface pointer will no
longer be valid if the interface has been deleted from the config
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
| |
Many protocol handlers support "zone" option independently and they pass
it in the "data". Then it's read e.g. by a firewall[34].
Add support for "zone" directly to the netifd so:
1. It works for all protocols
2. Handlers don't have to duplicate code
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
| |
Let per-container netifd instance handle the netns bringdown, it makes
everything easier and gets rid of the fork() when bringing down
container network interfaces.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
| |
As we got a persistent per-netns-jail instance of netifd now which
handles interface configuration we no longer need to fork() the host
netifd to bring up jail interfaces.
The follow-up commit will deal with stopping jail interfaces.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
| |
Instead of explicitly preventing free in specific code sections using
device_lock/device_unlock, defer all device free handling via uloop timeout
This avoids an entire class of lurking use-after-free bugs triggered
by device event processing and simplifies the code
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
| |
This is useful for a dynamic VLAN setup, where extra tags need to be created
on the trunking port on demand
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Interfaces need to be assigned to devices. For that purpose a "device"
option should be more accurate than "ifname" one.
For backward compatibility old option remains supported too.
Config example:
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
config interface 'lan'
option device 'br-lan'
option proto 'static'
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
| |
This can be used to support 802.1x on wired devices.
In order to use this, the device section for each port needing authentication
needs to contain the option auth 1
When set, this option prevents devices from being added to bridges or configured
with IP settings by default, until the set_state ubus call on network.device
sets "auth_status" to true for the device.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
On wireless interfaces, hostapd can sometimes defer the bringup of secondary
virtual interfaces until autochannel or coex scan completes.
Do not force the present state in that case in order to avoid attempting
to bring up the device before it is ready
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
Use struct device pointer as parameter instead of bare ifname allows
for some simplication and again removing system_ifname_resolve()
function introduced in commit d93126d.
Fixes: d93126d ("interface: allow renaming interface when moving to jail netns")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
| |
Fixes: d93126d ("interface: allow renaming interface when moving to jail netns")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
| |
Introduce jail_ifname option to define the name of a Linux network
interface when moved into a jail's network namespace.
This is useful for containers which expect the network interface to
have a specific name (eg. 'host0' in case of systemd).
While at it, clean-up and fix bugs in jail interface up/down routines.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
| |
Memory returned by blogmsg_get_string() is volatile, hence use strdup()
to have a permanent copy of the returned string and free it when no
longer needed.
Fixes: 1321c1b ("add basic support for jail network namespaces")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prepare netifd for handling procd service jails having their own
network namespace.
Intefaces having the jail attribute will only be brought inside the
jail's network namespace by procd calling the newly introduced ubus
method 'netns_updown'.
Currently proto 'static' is supported and configuration changes are
not yet being handled (ie. you'll have to restart the jailed service
for changes to take effect).
Example /etc/config/network snippet:
config device 'veth0'
option type 'veth'
option name 'vhost0'
option peer_name 'virt0'
config interface 'virt'
option type 'bridge'
list ifname 'vhost0'
option proto 'static'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
config interface 'virt0'
option ifname 'virt0'
option proto 'static'
option ipaddr '10.0.0.2'
option netmask '255.255.255.0'
option gateway '10.0.0.1'
option dns '10.0.0.1'
option jail 'transmission'
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
| |
This reverts commit e45b1408284c05984b38a910a1f0a07d6c761397.
Reverting the commit as the submitters Signed-off-by has been mistakingly
added without the authors consent.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
| |
When for example a /60 is assigned to a network the last 4 bits of the
ip6hint are unused. Emit a warning if any of these unused bits is set as
it indicates that someone didn't understand how the hint is used. (As I
did earlier today resulting in spending some time understanding the
code.)
Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
| |
blobmsg_check_attr() takes as second argument a bool; fix it where needed
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
| |
commit a97297d83e42 ("interface: set interface in TEARDOWN state when checking link state")
broke the if-down hotplug event handling, as the iface->state is now IFS_TEARDOWN when
calling the mark_interface_down() function from the IFPEV_DOWN event.
Fixes: a97297d83e42 ("interface: set interface in TEARDOWN state when checking link state")
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When launching PROTO_CMD_TEARDOWN in interface_check_state() the interface
was set in IFS_DOWN state. In case an interface is now brought into IFS_SETUP
state in __interface_set_up() it will launch PROTO_CMD_SETUP trying to
bring the proto shell handler in S_SETUP state which will fail as the proto
shell handler is still in the S_TEARDOWN state.
Fix this by setting the interface in IFS_TEARDOWN state when the PROTO_CMD_TEARDOWN
event is launched which will prevent the interface being brought into IFS_SETUP state
as long as it's not in the IFS_DOWN state.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
| |
Update the no_delegation parameter on a config reload; in case prefixes
are present update the prefix assignments as well according to the
no_delegation status
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
| |
For dynamic interfaces don't return false if vlist_find returns NULL as
the calling function will try to free iface in case of an error which has
already been freed in interface_change_config()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
| |
Detected by Coverity in cid 1441495
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set config state to remove for dynamic interfaces in the following cases :
-interface is set as not available
-interface is set as down
-interface is set as having no link state
This will trigger an interface delete upon the next call of interface_handle_config_change
Before this change you could end up with lingering inactive dynamic
interfaces in case the aliased interface went down as before a dynamic
interface was only removed when set down via ubus
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
| |
Integrate dynamic interface creation code into interface_alloc and
__interface_add so we can get rid of interface_set_dynamic
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
| |
Let interface_set_down() return void as no usefull error code
is returned by __interface_set_down()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
| |
Don't return an error code in interface_set_up as it's ignored anyway by the
calling functions; but rather add more interface error messages so the actual
problem is visible for the user by doing ifstatus <interface>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Remove interface available checks in the functions interface_start_pending
and interface_handle_config_change so the NO_DEVICE error is reported in
ifstatus <interface> making it clear to the user the configured device in
ifname is not found
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
| |
fall throughs are usually error-prone, especially when someone else extend
it.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
| |
"create" will be called before the proto handlers initialised.
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
|
|
|
|
|
|
|
|
|
|
| |
The ifup-failed event should only be triggered when the former
interface state is IFS_SETUP.
Otherwise, there will also be an ifup-failed event in the
IFS_TEARDOWN stateif you do an manual ifdown <IFC>.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
|
|
|
|
|
|
|
|
|
|
|
| |
This hook makes it possible to do some helper work in hotplug scripts
when a connection is not established successfully.
example: try several username/passwords from a pool to establish a
pppoe or wwan connection by replacing the configured values of the
connection in a hotplug script.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
|
|
|
|
|
|
|
|
|
| |
Not all topology or connectivity changes may be detected by netifd,
depending on the underlying technology (e.g. VPN software); this adds a way
to explicitly trigger a renew.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case of prefix delegation prefixes are assigned to one or more
configured downstream interfaces. The delegated prefix length in
combination with the assignment length of the downstream interfaces
determines the number of subnets which can be allocated from the
delegated prefix.
The interface ip6weight parameter allows to prioritize the allocation
of subnets to interfaces in case of multiple configured downstream
interfaces.
The order of interface prefix assignment from a delegated prefix is
based on the following parameters:
- Primary key is prefix assignment based on the configured interface ip6hint
- Secondary key is the requested downstream interface prefix length,
interfaces configured with the smallest ip6hint will be assigned first
- Third key is the assigned interface ip6weight in case of equal prefix
assignment length; interfaces having the highest ip6weight will be
assigned first
- Finally the alphabetical order of the interfaces in case of equal
ip6weight
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case the keep flag is set in proto_shell_update_link no interface
update event is triggered when IPv4/6 addresses/routes/... are updated
as the proto_event callback is not called due to keep being set.
Unconditionally call the proto_event callback handler in proto_shell_update_link
but let the proto_event callback handler; in this case interface_proto_event_cb,
decide which actions need to be taken dependant on the interface state.
In case the interface is already in the up state trigger an update event
only if the interface updated flag actually indicates either an IP address/
route/data change; before interface update events were actually sent wihtout
any parameter change.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Interface name servers when being written to resolv.conf.auto are sorted
based on the following parameters:
-Primary sorting key is interface dns_metric; name servers having lowest
interface dns_metric are listed first
-Secondary sorting key is interface metric; in case of equal interface
dns_metric name servers having lowest interface metric are listed first
-Finally alphabetical order of the interface names in case of equal
interface dns_metric and metric
In case the resolver queries the multiple servers in the order
listed; sorting is usefull in the following scenarios :
-Name resolving over a main and backup interface
-Assign priority to IPv6 name servers over IPv4 or vice versa
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
interface_set_device_config can trigger a device free (for example
if the device is here only present in a bridge), which renders dev
invalid and leads to segfault. Add a lock to prevent this and
clean-up the code for readability.
Signed-off-by: Gino Peeters <peeters.gino@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit c6858766 added interface teardown support on layer 3 device link loss
mainly for shell protocols who have no proto task like xl2tp. However for
shell protocols having a proto task it is not always the correct action to
teardown the interface; as an example the PPP daemon can be put into
persist state trying to re-establish the link via a hold-off mechanism
if layer 3 link loss is detected.
Therefore shell handlers can enable via TEARDOWN_ON_L3_LINK_DOWN a proto
flag which will teardown the interface when layer 3 link loss is detected
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
| |
ubus
Interface update event will trigger an interface hotplug event and an ubus notify event
which will inform subscribers about the updated interface data field
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
| |
routes/rules added dynamically
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
|
|
|
|
| |
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
| |
Also remove obsolete "del_dynamic" call (use "down" instead)
Signed-off-by: Steven Barth <steven@midlink.org>
|
|
|
|
|
|
|
|
|
|
| |
This is mainly for shell protocols that has no_proto_task so that we can
still teardown and setup the interface on l3_dev link lost instead of
depending on running state of proto_task.
Also rename related callbacks for better clarification.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|