system_set_dev_sysctl("/proc/sys/net/ipv6/conf/%s/disable_ipv6", dev->ifname, val);
}
+static void system_set_rpfilter(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/rp_filter", dev->ifname, val);
+}
+
static int system_get_sysctl(const char *path, char *buf, const size_t buf_sz)
{
int fd = -1, ret = -1;
dev->ifname, buf, buf_sz);
}
+static int system_get_rpfilter(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/rp_filter",
+ dev->ifname, buf, buf_sz);
+}
+
// Evaluate netlink messages
static int cb_rtnl_event(struct nl_msg *msg, void *arg)
{
struct nl_msg *msg;
struct nlattr *linkinfo, *data;
struct ifinfomsg iim = { .ifi_family = AF_UNSPEC, };
- int ifindex = system_if_resolve(dev);
int i, rv;
static const struct {
const char *name;
{ "passthru", MACVLAN_MODE_PASSTHRU },
};
- if (ifindex == 0)
- return -ENOENT;
-
msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL);
if (!msg)
if (cfg->flags & MACVLAN_OPT_MACADDR)
nla_put(msg, IFLA_ADDRESS, sizeof(cfg->macaddr), cfg->macaddr);
nla_put_string(msg, IFLA_IFNAME, macvlan->ifname);
- nla_put_u32(msg, IFLA_LINK, ifindex);
+ nla_put_u32(msg, IFLA_LINK, dev->ifindex);
if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO)))
goto nla_put_failure;
struct nl_msg *msg;
struct nlattr *linkinfo, *data;
struct ifinfomsg iim = { .ifi_family = AF_UNSPEC };
- int ifindex = system_if_resolve(dev);
int rv;
- if (ifindex == 0)
- return -ENOENT;
-
msg = nlmsg_alloc_simple(RTM_NEWLINK, NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL);
if (!msg)
nlmsg_append(msg, &iim, sizeof(iim), 0);
nla_put_string(msg, IFLA_IFNAME, vlandev->ifname);
- nla_put_u32(msg, IFLA_LINK, ifindex);
+ nla_put_u32(msg, IFLA_LINK, dev->ifindex);
if (!(linkinfo = nla_nest_start(msg, IFLA_LINKINFO)))
goto nla_put_failure;
s->promisc = ifr.ifr_flags & IFF_PROMISC;
s->flags |= DEV_OPT_PROMISC;
}
+
+ if (!system_get_rpfilter(dev, buf, sizeof(buf))) {
+ s->rpfilter = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_RPFILTER;
+ }
}
void
!s->promisc ? IFF_PROMISC : 0) < 0)
s->flags &= ~DEV_OPT_PROMISC;
}
+ if (s->flags & DEV_OPT_RPFILTER & apply_mask) {
+ char buf[2];
+
+ snprintf(buf, sizeof(buf), "%d", s->rpfilter);
+ system_set_rpfilter(dev, buf);
+ }
}
int system_if_up(struct device *dev)
return (id == RT_TABLE_MAIN);
}
+bool system_resolve_rpfilter(const char *filter, unsigned int *id)
+{
+ char *e;
+ unsigned int n;
+
+ if (!strcmp(filter, "strict"))
+ n = 1;
+ else if (!strcmp(filter, "loose"))
+ n = 2;
+ else {
+ n = strtoul(filter, &e, 0);
+ if (*e || e == filter || n > 2)
+ return false;
+ }
+
+ *id = n;
+ return true;
+}
+
static int system_iprule(struct iprule *rule, int cmd)
{
int alen = ((rule->flags & IPRULE_FAMILY) == IPRULE_INET4) ? 4 : 16;
projects / project / netifd.git / blobdiff