mirrors/systemd
0
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-23 18:23:32 +08:00
Code Issues Packages Projects Releases Wiki Activity
40,730 Commits 4 Branches 393 Tags 503 MiB
f34635bcda
Commit Graph

163 Commits

Author SHA1 Message Date
Yu Watanabe
488d0ba10a man: re-indent systemd.netdev.xml 2019-05-29 17:17:08 +09:00
Franz Pletz
b8d88b26f3 man: add vrf section 2019-05-29 17:06:29 +09:00
Yu Watanabe
d61e4c5b6e network: add nlmon support 
nlmon is a Netlink monitor device.
 2019-05-28 22:47:15 +09:00
Yu Watanabe
3543304057 network: deprecate OneQueue= for tun or tap devices 
IFF_ONE_QUEUE has no effect since kernel-3.8. See kernel's commit
5d097109257c03a71845729f8db6b5770c4bbedc.
 2019-05-22 17:58:46 +09:00
Yu Watanabe
75eed300a9 network: Allow IFF_VNET_HDR to also be set for tun devices 
f5f07dbf06 adds VnetHeader= for tap
devices, but the flag is also used for tun devices.
This adds VnetHeader= setting in [Tun] section.
 2019-05-22 17:58:46 +09:00
Susant Sahani
8f02c9b085 networkd: FOU netdev add support to configure peer port 2019-05-18 10:25:36 +09:00
Yu Watanabe
db439337f9
Merge pull request #12576 from ssahani/fou 
networkd: FOU tunnel support Local and Peer tunnel addresses
 2019-05-16 05:10:35 +02:00
Susant Sahani
4502a61c8a networkd: FOU tunnel support Local and Peer tunnel addresses 2019-05-16 10:24:48 +09:00
Susant Sahani
69c317a07f networkd: introduce netdev ipvtap 
This patch adds netdev ipvtap that is based on the
IP-VLAN network interface, called ipvtap. An ipvtap device can be created
in the same way as an ipvlan device, using 'kind ipvtap', and then accessed
using the tap user space interface.
 2019-05-16 09:48:53 +09:00
Susant Sahani
d70c9bbd6c networkd: Geneve add support for inherit for TTL 2019-05-12 00:39:13 +02:00
Susant Sahani
f4a8ca329a networkd: VXLAN support keyword 'inherit' for TTL 2019-05-10 20:41:04 +02:00
Susant Sahani
328184d1fc networkd: Geneve Allow TTL to be zero. 
Also verify VNI is set
 2019-05-10 22:45:26 +09:00
Susant Sahani
aac350192b networkd: Geneve add support configure IP don't fragment 2019-05-10 22:45:26 +09:00
Susant Sahani
1189c00a3c networkd: VXLAN add support to configure IP Don't fragment. 
Allow users to set the IPv4 DF bit in outgoing packets, or to inherit its
value from the IPv4 inner header. If the encapsulated protocol is IPv6 and
DF is configured to be inherited, always set it.
 2019-05-09 06:40:33 +02:00
Susant Sahani
1c8b0eccc7 networkd: Assign VXLAN destination port to when GPE is set 
When VXLAN destination port is unset and GPE is set
then assign 4790 to destination port. Kernel does the same as
well as iproute.

IANA VXLAN-GPE port is 4790
 2019-05-09 06:40:33 +02:00
Susant Sahani
4cc0fd7531 networkd: VXLAN add support to configure Generic Protocol Extension 
See https://tools.ietf.org/html/draft-ietf-nvo3-vxlan-gpe-07
 2019-05-08 06:52:42 +05:30
Susant Sahani
83cb24ac20 networkd: VXLan Make group and remote variable separate 
VXLAN Document Group=
 2019-05-07 20:34:27 +02:00
Susant Sahani
6f213e4a34 networkd: VXLAN rename Id to VNI 
It makes more sense to call VXLAN ID as

1. the VXLAN Network Identifier (VNI) (or VXLAN Segment ID)
2. test-network: rename VXLAN Id to VNI
3. fuzzer: Add VXLAN VNI directive to fuzzer
 2019-05-07 20:52:11 +05:30
Susant Sahani
ca49c7f9aa networkd: VXLAN ID define range in the man 2019-05-07 20:51:54 +05:30
Yu Watanabe
1c30b174ed network: rename WireGuard.FwMark -> FirewallMark 
For the consistency with FirewallMark= in [RoutingPolicyRule] section.
 2019-05-04 17:20:23 +02:00
Ben Boeckel
5238e95759 codespell: fix spelling errors 2019-04-29 16:47:18 +02:00
Yu Watanabe
b0e13c3122 network: add MACsecTransmitAssociation.UseForEncoding= setting 2019-04-12 10:12:42 +09:00
Yu Watanabe
a7b9c52f1f network: add MACsec*Association.Activate= setting 2019-04-12 10:12:42 +09:00
Yu Watanabe
eb4705fb36 network: add MACsec*Association.KeyFile= setting 2019-04-12 10:12:42 +09:00
Susant Sahani
81962db798 network: Introduce MACsec 
Media Access Control Security (MACsec) is an 802.1AE IEEE
industry-standard security technology that provides secure
communication for all traffic on Ethernet links.
MACsec provides point-to-point security on Ethernet links between
directly connected nodes and is capable of identifying and preventing
most security threats, including denial of service, intrusion,
man-in-the-middle, masquerading, passive wiretapping, and playback attacks.

Closes #5754
 2019-04-12 10:12:41 +09:00
Yu Watanabe
a3945c6361 network: add WireGuardPeer.PresharedKeyFile= setting 2019-04-09 15:50:22 +09:00
Yu Watanabe
cb31e7c861 network: make reading PrivateKeyFile= failure always fatal 
This also refactor wireguard_read_key_file().
 2019-04-09 15:50:22 +09:00
Yu Watanabe
0b145817ff man: update FooOverUDP= 2019-04-02 03:29:46 +09:00
Yu Watanabe
c65c01c41a man: update Tunnel.Key= and friends 2019-03-30 21:17:48 +09:00
Yu Watanabe
3f4c9bc04c
Merge pull request #12066 from yuwata/fix-network-tunnel-12041 
network: fix netdev_tunnel_verify()
 2019-03-22 05:57:38 +09:00
Yu Watanabe
8643885f58 man: mention that Tunnel.Local= and Tunnel.Remote= can take 'any' 2019-03-22 03:31:55 +09:00
Yu Watanabe
d653a35919 man: do not wrap line in the table 2019-03-22 03:31:55 +09:00
Yu Watanabe
d689bbcaa3 man: mention that conditions in [Match] section support negation 2019-03-21 23:38:51 +09:00
Zbigniew Jędrzejewski-Szmek
3a54a15760 man: use same header for all files 
The "include" files had type "book" for some raeason. I don't think this
is meaningful. Let's just use the same everywhere.

$ perl -i -0pe 's^..DOCTYPE (book|refentry) PUBLIC "-//OASIS//DTD DocBook XML V4.[25]//EN"\s+"http^<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"\n  "http^gms' man/*.xml
 2019-03-14 14:42:05 +01:00
Zbigniew Jędrzejewski-Szmek
0307f79171 man: standarize on one-line license header 
No need to waste space, and uniformity is good.

$ perl -i -0pe 's|\n+<!--\s*SPDX-License-Identifier: LGPL-2.1..\s*-->|\n<!-- SPDX-License-Identifier: LGPL-2.1+ -->|gms' man/*.xml
 2019-03-14 14:29:37 +01:00
Yu Watanabe
d053d08a37 network: automatically pick an address on link when L2TP.Local= is not specified 
This makes L2TP.Local= support an empty string, 'auto', 'static', and
'dynamic'. When one of the values are specified, a local address is
automatically picked from the local interface of the tunnel.
 2019-03-14 10:57:41 +09:00
Susant Sahani
3a56e697c8 networkd: Introduce l2tp tunnel 
This works allows networkd to configure l2tp tunnel.
See http://man7.org/linux/man-pages/man8/ip-l2tp.8.html
 2019-03-14 10:57:41 +09:00
Yu Watanabe
76df77794a wireguard: add PrivateKeyFile= option 
Closes #11878.
 2019-03-13 12:02:03 +09:00
Lennart Poettering
8e6b3f49fe
Merge pull request #11636 from yuwata/network-in-addr-is-null 
network, sd-netlink: unify several functions and fixes coding style
 2019-02-15 11:40:34 +01:00
Zbigniew Jędrzejewski-Szmek
6f520e7437 man: fix markup and grammar for FOU{Source,Destination}Port= 2019-02-13 11:17:41 +01:00
Yu Watanabe
af555aa33e man: add missing netdev kind in Tunnel section 2019-02-11 01:29:56 +09:00
Yu Watanabe
a61b550c50 man: mention vlan devices inherit the MAC address of the physical interface 
Follow-up for bc48c51f72.

Closes #4783.

[zj: tweak grammar a bit.]
 2019-02-09 17:41:07 +01:00
Susant Sahani
fde60a424e netdev bond: add support to configure tlb_dynamic_lb 
Closes https://github.com/systemd/systemd/issues/11135

Add test for bond : tlb_dynamic_lb
 2018-12-15 18:15:16 +05:30
Susant Sahani
918049ad53 networkd: Add support to configure ISATAP tunnel 
Let's just reuse the code of sit tunnel to create a ISATAP tunnel.
Matter of turning a flag

Please see https://elixir.bootlin.com/linux/v4.19.6/source/net/ipv6/sit.c#L208
 2018-12-03 09:15:24 +05:30
Yu Watanabe
9b6ffef372 man: update explanation for boolean options 2018-11-27 15:07:58 +09:00
Yu Watanabe
025314d97d man: improve the explanation of "Defaults to unset" 2018-11-27 14:40:25 +09:00
Susant Sahani
2266864b04 networkd: Add support for ERSPAN tunnel 
Please see: https://patchwork.ozlabs.org/patch/800327/
```
[NetDev]
Name=erspan-test
Kind=erspan

[Tunnel]
Independent=true
ERSPANIndex=123
Local = 172.16.1.200
Remote = 172.16.1.100
Key=101
SerializeTunneledPackets=true
```
 2018-11-27 11:04:42 +09:00
David Anderson
d067cab35c networkd: support 6rd tunnel netdev setup. 2018-11-09 17:56:33 -08:00
Tobias Jungel
db688b7e55 networkd: cleanup for #10542 
fixes: 53b1f7d
 2018-11-06 16:42:12 +03:00
Yu Watanabe
a6306c3176 man: drop duplicated line in systemd.netdev(5) 2018-11-04 00:31:46 +09:00