3838#include "networkd-neighbor.h"
3939#include "networkd-nexthop.h"
4040#include "networkd-sriov.h"
41+ #include "networkd-sysctl.h"
4142#include "networkd-radv.h"
4243#include "networkd-routing-policy-rule.h"
4344#include "networkd-wifi.h"
@@ -106,7 +107,7 @@ bool link_ipv6ll_enabled(Link *link) {
106107 return link -> network -> link_local & ADDRESS_FAMILY_IPV6 ;
107108}
108109
109- static bool link_ipv6_enabled (Link * link ) {
110+ bool link_ipv6_enabled (Link * link ) {
110111 assert (link );
111112
112113 if (!socket_ipv6_is_supported ())
@@ -128,71 +129,6 @@ static bool link_ipv6_enabled(Link *link) {
128129 return false;
129130}
130131
131- bool link_ip_forward_enabled (Link * link , int family ) {
132- assert (link );
133- assert (IN_SET (family , AF_INET , AF_INET6 ));
134-
135- if (family == AF_INET6 && !socket_ipv6_is_supported ())
136- return false;
137-
138- if (link -> flags & IFF_LOOPBACK )
139- return false;
140-
141- if (!link -> network )
142- return false;
143-
144- return link -> network -> ip_forward & (family == AF_INET ? ADDRESS_FAMILY_IPV4 : ADDRESS_FAMILY_IPV6 );
145- }
146-
147- static bool link_proxy_arp_enabled (Link * link ) {
148- assert (link );
149-
150- if (link -> flags & IFF_LOOPBACK )
151- return false;
152-
153- if (!link -> network )
154- return false;
155-
156- if (link -> network -> proxy_arp < 0 )
157- return false;
158-
159- return true;
160- }
161-
162- static IPv6PrivacyExtensions link_ipv6_privacy_extensions (Link * link ) {
163- assert (link );
164-
165- if (!socket_ipv6_is_supported ())
166- return _IPV6_PRIVACY_EXTENSIONS_INVALID ;
167-
168- if (link -> flags & IFF_LOOPBACK )
169- return _IPV6_PRIVACY_EXTENSIONS_INVALID ;
170-
171- if (!link -> network )
172- return _IPV6_PRIVACY_EXTENSIONS_INVALID ;
173-
174- return link -> network -> ipv6_privacy_extensions ;
175- }
176-
177- static int link_update_ipv6_sysctl (Link * link ) {
178- bool enabled ;
179- int r ;
180-
181- if (link -> flags & IFF_LOOPBACK )
182- return 0 ;
183-
184- enabled = link_ipv6_enabled (link );
185- if (enabled ) {
186- r = sysctl_write_ip_property_boolean (AF_INET6 , link -> ifname , "disable_ipv6" , false);
187- if (r < 0 )
188- return log_link_warning_errno (link , r , "Cannot enable IPv6: %m" );
189-
190- log_link_info (link , "IPv6 successfully enabled" );
191- }
192-
193- return 0 ;
194- }
195-
196132static bool link_is_enslaved (Link * link ) {
197133 if (link -> flags & IFF_SLAVE )
198134 /* Even if the link is not managed by networkd, honor IFF_SLAVE flag. */
@@ -947,19 +883,6 @@ static int link_set_static_configs(Link *link) {
947883 return 0 ;
948884}
949885
950- static int link_set_proxy_arp (Link * link ) {
951- int r ;
952-
953- if (!link_proxy_arp_enabled (link ))
954- return 0 ;
955-
956- r = sysctl_write_ip_property_boolean (AF_INET , link -> ifname , "proxy_arp" , link -> network -> proxy_arp > 0 );
957- if (r < 0 )
958- log_link_warning_errno (link , r , "Cannot configure proxy ARP for interface: %m" );
959-
960- return 0 ;
961- }
962-
963886static int link_configure_continue (Link * link );
964887
965888static int set_mtu_handler (sd_netlink * rtnl , sd_netlink_message * m , Link * link ) {
@@ -1983,179 +1906,6 @@ static int link_enter_join_netdev(Link *link) {
19831906 return 0 ;
19841907}
19851908
1986- static int link_set_ipv4_forward (Link * link ) {
1987- int r ;
1988-
1989- if (!link_ipv4_forward_enabled (link ))
1990- return 0 ;
1991-
1992- /* We propagate the forwarding flag from one interface to the
1993- * global setting one way. This means: as long as at least one
1994- * interface was configured at any time that had IP forwarding
1995- * enabled the setting will stay on for good. We do this
1996- * primarily to keep IPv4 and IPv6 packet forwarding behaviour
1997- * somewhat in sync (see below). */
1998-
1999- r = sysctl_write_ip_property (AF_INET , NULL , "ip_forward" , "1" );
2000- if (r < 0 )
2001- log_link_warning_errno (link , r , "Cannot turn on IPv4 packet forwarding, ignoring: %m" );
2002-
2003- return 0 ;
2004- }
2005-
2006- static int link_set_ipv6_forward (Link * link ) {
2007- int r ;
2008-
2009- if (!link_ipv6_forward_enabled (link ))
2010- return 0 ;
2011-
2012- /* On Linux, the IPv6 stack does not know a per-interface
2013- * packet forwarding setting: either packet forwarding is on
2014- * for all, or off for all. We hence don't bother with a
2015- * per-interface setting, but simply propagate the interface
2016- * flag, if it is set, to the global flag, one-way. Note that
2017- * while IPv4 would allow a per-interface flag, we expose the
2018- * same behaviour there and also propagate the setting from
2019- * one to all, to keep things simple (see above). */
2020-
2021- r = sysctl_write_ip_property (AF_INET6 , "all" , "forwarding" , "1" );
2022- if (r < 0 )
2023- log_link_warning_errno (link , r , "Cannot configure IPv6 packet forwarding, ignoring: %m" );
2024-
2025- return 0 ;
2026- }
2027-
2028- static int link_set_ipv6_privacy_extensions (Link * link ) {
2029- IPv6PrivacyExtensions s ;
2030- int r ;
2031-
2032- s = link_ipv6_privacy_extensions (link );
2033- if (s < 0 )
2034- return 0 ;
2035-
2036- r = sysctl_write_ip_property_int (AF_INET6 , link -> ifname , "use_tempaddr" , (int ) link -> network -> ipv6_privacy_extensions );
2037- if (r < 0 )
2038- log_link_warning_errno (link , r , "Cannot configure IPv6 privacy extension for interface: %m" );
2039-
2040- return 0 ;
2041- }
2042-
2043- static int link_set_ipv6_accept_ra (Link * link ) {
2044- int r ;
2045-
2046- /* Make this a NOP if IPv6 is not available */
2047- if (!socket_ipv6_is_supported ())
2048- return 0 ;
2049-
2050- if (link -> flags & IFF_LOOPBACK )
2051- return 0 ;
2052-
2053- if (!link -> network )
2054- return 0 ;
2055-
2056- r = sysctl_write_ip_property (AF_INET6 , link -> ifname , "accept_ra" , "0" );
2057- if (r < 0 )
2058- log_link_warning_errno (link , r , "Cannot disable kernel IPv6 accept_ra for interface: %m" );
2059-
2060- return 0 ;
2061- }
2062-
2063- static int link_set_ipv6_dad_transmits (Link * link ) {
2064- int r ;
2065-
2066- /* Make this a NOP if IPv6 is not available */
2067- if (!socket_ipv6_is_supported ())
2068- return 0 ;
2069-
2070- if (link -> flags & IFF_LOOPBACK )
2071- return 0 ;
2072-
2073- if (!link -> network )
2074- return 0 ;
2075-
2076- if (link -> network -> ipv6_dad_transmits < 0 )
2077- return 0 ;
2078-
2079- r = sysctl_write_ip_property_int (AF_INET6 , link -> ifname , "dad_transmits" , link -> network -> ipv6_dad_transmits );
2080- if (r < 0 )
2081- log_link_warning_errno (link , r , "Cannot set IPv6 dad transmits for interface: %m" );
2082-
2083- return 0 ;
2084- }
2085-
2086- static int link_set_ipv6_hop_limit (Link * link ) {
2087- int r ;
2088-
2089- /* Make this a NOP if IPv6 is not available */
2090- if (!socket_ipv6_is_supported ())
2091- return 0 ;
2092-
2093- if (link -> flags & IFF_LOOPBACK )
2094- return 0 ;
2095-
2096- if (!link -> network )
2097- return 0 ;
2098-
2099- if (link -> network -> ipv6_hop_limit < 0 )
2100- return 0 ;
2101-
2102- r = sysctl_write_ip_property_int (AF_INET6 , link -> ifname , "hop_limit" , link -> network -> ipv6_hop_limit );
2103- if (r < 0 )
2104- log_link_warning_errno (link , r , "Cannot set IPv6 hop limit for interface: %m" );
2105-
2106- return 0 ;
2107- }
2108-
2109- static int link_set_ipv6_mtu (Link * link ) {
2110- int r ;
2111-
2112- /* Make this a NOP if IPv6 is not available */
2113- if (!socket_ipv6_is_supported ())
2114- return 0 ;
2115-
2116- if (link -> flags & IFF_LOOPBACK )
2117- return 0 ;
2118-
2119- if (link -> network -> ipv6_mtu == 0 )
2120- return 0 ;
2121-
2122- /* IPv6 protocol requires a minimum MTU of IPV6_MTU_MIN(1280) bytes
2123- * on the interface. Bump up IPv6 MTU bytes to IPV6_MTU_MIN. */
2124- if (link -> network -> ipv6_mtu < IPV6_MIN_MTU ) {
2125- log_link_notice (link , "Bumping IPv6 MTU to " STRINGIFY (IPV6_MIN_MTU )" byte minimum required" );
2126- link -> network -> ipv6_mtu = IPV6_MIN_MTU ;
2127- }
2128-
2129- r = sysctl_write_ip_property_uint32 (AF_INET6 , link -> ifname , "mtu" , link -> network -> ipv6_mtu );
2130- if (r < 0 ) {
2131- if (link -> mtu < link -> network -> ipv6_mtu )
2132- log_link_warning (link , "Cannot set IPv6 MTU %" PRIu32 " higher than device MTU %" PRIu32 ,
2133- link -> network -> ipv6_mtu , link -> mtu );
2134- else
2135- log_link_warning_errno (link , r , "Cannot set IPv6 MTU for interface: %m" );
2136- }
2137-
2138- link -> ipv6_mtu_set = true;
2139-
2140- return 0 ;
2141- }
2142-
2143- static int link_set_ipv4_accept_local (Link * link ) {
2144- int r ;
2145-
2146- if (link -> flags & IFF_LOOPBACK )
2147- return 0 ;
2148-
2149- if (link -> network -> ipv4_accept_local < 0 )
2150- return 0 ;
2151-
2152- r = sysctl_write_ip_property_boolean (AF_INET , link -> ifname , "accept_local" , link -> network -> ipv4_accept_local );
2153- if (r < 0 )
2154- log_link_warning_errno (link , r , "Cannot set IPv4 accept_local flag for interface: %m" );
2155-
2156- return 0 ;
2157- }
2158-
21591909static int link_enumerate_ipv6_tentative_addresses (Link * link ) {
21601910 _cleanup_ (sd_netlink_message_unrefp ) sd_netlink_message * req = NULL , * reply = NULL ;
21611911 sd_netlink_message * addr ;
@@ -2258,43 +2008,11 @@ int link_configure(Link *link) {
22582008 if (link -> iftype == ARPHRD_CAN )
22592009 return link_configure_can (link );
22602010
2261- /* If IPv6 configured that is static IPv6 address and IPv6LL autoconfiguration is enabled
2262- * for this interface, then enable IPv6 */
2263- (void ) link_update_ipv6_sysctl (link );
2264-
2265- r = link_set_proxy_arp (link );
2266- if (r < 0 )
2267- return r ;
2268-
2269- r = link_set_ipv6_proxy_ndp_addresses (link );
2270- if (r < 0 )
2271- return r ;
2272-
2273- r = link_set_ipv4_forward (link );
2274- if (r < 0 )
2275- return r ;
2276-
2277- r = link_set_ipv6_forward (link );
2278- if (r < 0 )
2279- return r ;
2280-
2281- r = link_set_ipv6_privacy_extensions (link );
2282- if (r < 0 )
2283- return r ;
2284-
2285- r = link_set_ipv6_accept_ra (link );
2286- if (r < 0 )
2287- return r ;
2288-
2289- r = link_set_ipv6_dad_transmits (link );
2290- if (r < 0 )
2291- return r ;
2292-
2293- r = link_set_ipv6_hop_limit (link );
2011+ r = link_set_sysctl (link );
22942012 if (r < 0 )
22952013 return r ;
22962014
2297- r = link_set_ipv4_accept_local (link );
2015+ r = link_set_ipv6_proxy_ndp_addresses (link );
22982016 if (r < 0 )
22992017 return r ;
23002018
@@ -2395,7 +2113,7 @@ static int link_configure_continue(Link *link) {
23952113 * we must set this here, after we've set device mtu */
23962114 r = link_set_ipv6_mtu (link );
23972115 if (r < 0 )
2398- return r ;
2116+ log_link_warning_errno ( link , r , "Cannot set IPv6 MTU for interface, ignoring: %m" ) ;
23992117
24002118 if (link_has_carrier (link ) || link -> network -> configure_without_carrier ) {
24012119 r = link_acquire_conf (link );
0 commit comments