]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/network/netdev/tunnel.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #7411 from joergsteffens/tapechanger
[thirdparty/systemd.git] / src / network / netdev / tunnel.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <arpa/inet.h>
4 #include <net/if.h>
5 #include <linux/ip.h>
6 #include <linux/if_tunnel.h>
7 #include <linux/ip6_tunnel.h>
8
9 #if HAVE_LINUX_FOU_H
10 #include <linux/fou.h>
11 #endif
12
13 #include "sd-netlink.h"
14
15 #include "conf-parser.h"
16 #include "missing.h"
17 #include "networkd-link.h"
18 #include "netdev/tunnel.h"
19 #include "parse-util.h"
20 #include "string-table.h"
21 #include "string-util.h"
22 #include "util.h"
23
24 #define DEFAULT_TNL_HOP_LIMIT 64
25 #define IP6_FLOWINFO_FLOWLABEL htobe32(0x000FFFFF)
26 #define IP6_TNL_F_ALLOW_LOCAL_REMOTE 0x40
27
28 static const char* const ip6tnl_mode_table[_NETDEV_IP6_TNL_MODE_MAX] = {
29 [NETDEV_IP6_TNL_MODE_IP6IP6] = "ip6ip6",
30 [NETDEV_IP6_TNL_MODE_IPIP6] = "ipip6",
31 [NETDEV_IP6_TNL_MODE_ANYIP6] = "any",
32 };
33
34 DEFINE_STRING_TABLE_LOOKUP(ip6tnl_mode, Ip6TnlMode);
35 DEFINE_CONFIG_PARSE_ENUM(config_parse_ip6tnl_mode, ip6tnl_mode, Ip6TnlMode, "Failed to parse ip6 tunnel Mode");
36
37 static int netdev_ipip_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
38 Tunnel *t = IPIP(netdev);
39 int r;
40
41 assert(netdev);
42 assert(m);
43 assert(t);
44 assert(IN_SET(t->family, AF_INET, AF_UNSPEC));
45
46 if (link) {
47 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
48 if (r < 0)
49 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
50 }
51
52 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_LOCAL, &t->local.in);
53 if (r < 0)
54 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
55
56 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_REMOTE, &t->remote.in);
57 if (r < 0)
58 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
59
60 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_TTL, t->ttl);
61 if (r < 0)
62 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_TTL attribute: %m");
63
64 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_PMTUDISC, t->pmtudisc);
65 if (r < 0)
66 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_PMTUDISC attribute: %m");
67
68 if (t->fou_tunnel) {
69
70 r = sd_netlink_message_append_u16(m, IFLA_IPTUN_ENCAP_TYPE, t->fou_encap_type);
71 if (r < 0)
72 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_TYPE attribute: %m");
73
74 r = sd_netlink_message_append_u16(m, IFLA_IPTUN_ENCAP_SPORT, htobe16(t->encap_src_port));
75 if (r < 0)
76 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_SPORT attribute: %m");
77
78 r = sd_netlink_message_append_u16(m, IFLA_IPTUN_ENCAP_DPORT, htobe16(t->fou_destination_port));
79 if (r < 0)
80 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_DPORT attribute: %m");
81 }
82
83 return r;
84 }
85
86 static int netdev_sit_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
87 Tunnel *t = SIT(netdev);
88 int r;
89
90 assert(netdev);
91 assert(m);
92 assert(t);
93 assert(IN_SET(t->family, AF_INET, AF_UNSPEC));
94
95 if (link) {
96 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
97 if (r < 0)
98 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
99 }
100
101 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_LOCAL, &t->local.in);
102 if (r < 0)
103 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
104
105 r = sd_netlink_message_append_in_addr(m, IFLA_IPTUN_REMOTE, &t->remote.in);
106 if (r < 0)
107 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
108
109 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_TTL, t->ttl);
110 if (r < 0)
111 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_TTL attribute: %m");
112
113 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_PMTUDISC, t->pmtudisc);
114 if (r < 0)
115 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_PMTUDISC attribute: %m");
116
117 return r;
118 }
119
120 static int netdev_gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
121 Tunnel *t;
122 int r;
123
124 assert(netdev);
125
126 if (netdev->kind == NETDEV_KIND_GRE)
127 t = GRE(netdev);
128 else
129 t = GRETAP(netdev);
130
131 assert(t);
132 assert(IN_SET(t->family, AF_INET, AF_UNSPEC));
133 assert(m);
134
135 if (link) {
136 r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex);
137 if (r < 0)
138 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m");
139 }
140
141 r = sd_netlink_message_append_in_addr(m, IFLA_GRE_LOCAL, &t->local.in);
142 if (r < 0)
143 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m");
144
145 r = sd_netlink_message_append_in_addr(m, IFLA_GRE_REMOTE, &t->remote.in);
146 if (r < 0)
147 log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m");
148
149 r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl);
150 if (r < 0)
151 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m");
152
153 r = sd_netlink_message_append_u8(m, IFLA_GRE_TOS, t->tos);
154 if (r < 0)
155 log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TOS attribute: %m");
156
157 r = sd_netlink_message_append_u8(m, IFLA_GRE_PMTUDISC, t->pmtudisc);
158 if (r < 0)
159 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_PMTUDISC attribute: %m");
160
161 return r;
162 }
163
164 static int netdev_ip6gre_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
165 Tunnel *t;
166 int r;
167
168 assert(netdev);
169
170 if (netdev->kind == NETDEV_KIND_IP6GRE)
171 t = IP6GRE(netdev);
172 else
173 t = IP6GRETAP(netdev);
174
175 assert(t);
176 assert(t->family == AF_INET6);
177 assert(m);
178
179 if (link) {
180 r = sd_netlink_message_append_u32(m, IFLA_GRE_LINK, link->ifindex);
181 if (r < 0)
182 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LINK attribute: %m");
183 }
184
185 r = sd_netlink_message_append_in6_addr(m, IFLA_GRE_LOCAL, &t->local.in6);
186 if (r < 0)
187 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_LOCAL attribute: %m");
188
189 r = sd_netlink_message_append_in6_addr(m, IFLA_GRE_REMOTE, &t->remote.in6);
190 if (r < 0)
191 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_REMOTE attribute: %m");
192
193 r = sd_netlink_message_append_u8(m, IFLA_GRE_TTL, t->ttl);
194 if (r < 0)
195 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_TTL attribute: %m");
196
197 if (t->ipv6_flowlabel != _NETDEV_IPV6_FLOWLABEL_INVALID) {
198 r = sd_netlink_message_append_u32(m, IFLA_GRE_FLOWINFO, t->ipv6_flowlabel);
199 if (r < 0)
200 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_FLOWINFO attribute: %m");
201 }
202
203 r = sd_netlink_message_append_u32(m, IFLA_GRE_FLAGS, t->flags);
204 if (r < 0)
205 return log_netdev_error_errno(netdev, r, "Could not append IFLA_GRE_FLAGS attribute: %m");
206
207 return r;
208 }
209
210 static int netdev_vti_fill_message_key(NetDev *netdev, Link *link, sd_netlink_message *m) {
211 uint32_t ikey, okey;
212 Tunnel *t;
213 int r;
214
215 assert(m);
216
217 if (netdev->kind == NETDEV_KIND_VTI)
218 t = VTI(netdev);
219 else
220 t = VTI6(netdev);
221
222 assert(t);
223
224 if (t->key != 0)
225 ikey = okey = htobe32(t->key);
226 else {
227 ikey = htobe32(t->ikey);
228 okey = htobe32(t->okey);
229 }
230
231 r = sd_netlink_message_append_u32(m, IFLA_VTI_IKEY, ikey);
232 if (r < 0)
233 return log_netdev_error_errno(netdev, r, "Could not append IFLA_VTI_IKEY attribute: %m");
234
235 r = sd_netlink_message_append_u32(m, IFLA_VTI_OKEY, okey);
236 if (r < 0)
237 return log_netdev_error_errno(netdev, r, "Could not append IFLA_VTI_OKEY attribute: %m");
238
239 return 0;
240 }
241
242 static int netdev_vti_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
243 Tunnel *t = VTI(netdev);
244 int r;
245
246 assert(netdev);
247 assert(m);
248 assert(t);
249 assert(t->family == AF_INET);
250
251 if (link) {
252 r = sd_netlink_message_append_u32(m, IFLA_VTI_LINK, link->ifindex);
253 if (r < 0)
254 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
255 }
256
257 r = netdev_vti_fill_message_key(netdev, link, m);
258 if (r < 0)
259 return r;
260
261 r = sd_netlink_message_append_in_addr(m, IFLA_VTI_LOCAL, &t->local.in);
262 if (r < 0)
263 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
264
265 r = sd_netlink_message_append_in_addr(m, IFLA_VTI_REMOTE, &t->remote.in);
266 if (r < 0)
267 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
268
269 return r;
270 }
271
272 static int netdev_vti6_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
273 Tunnel *t = VTI6(netdev);
274 int r;
275
276 assert(netdev);
277 assert(m);
278 assert(t);
279 assert(t->family == AF_INET6);
280
281 if (link) {
282 r = sd_netlink_message_append_u32(m, IFLA_VTI_LINK, link->ifindex);
283 if (r < 0)
284 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
285 }
286
287 r = netdev_vti_fill_message_key(netdev, link, m);
288 if (r < 0)
289 return r;
290
291 r = sd_netlink_message_append_in6_addr(m, IFLA_VTI_LOCAL, &t->local.in6);
292 if (r < 0)
293 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
294
295 r = sd_netlink_message_append_in6_addr(m, IFLA_VTI_REMOTE, &t->remote.in6);
296 if (r < 0)
297 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
298
299 return r;
300 }
301
302 static int netdev_ip6tnl_fill_message_create(NetDev *netdev, Link *link, sd_netlink_message *m) {
303 Tunnel *t = IP6TNL(netdev);
304 uint8_t proto;
305 int r;
306
307 assert(netdev);
308 assert(m);
309 assert(t);
310 assert(t->family == AF_INET6);
311
312 if (link) {
313 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_LINK, link->ifindex);
314 if (r < 0)
315 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LINK attribute: %m");
316 }
317
318 r = sd_netlink_message_append_in6_addr(m, IFLA_IPTUN_LOCAL, &t->local.in6);
319 if (r < 0)
320 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_LOCAL attribute: %m");
321
322 r = sd_netlink_message_append_in6_addr(m, IFLA_IPTUN_REMOTE, &t->remote.in6);
323 if (r < 0)
324 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_REMOTE attribute: %m");
325
326 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_TTL, t->ttl);
327 if (r < 0)
328 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_TTL attribute: %m");
329
330 if (t->ipv6_flowlabel != _NETDEV_IPV6_FLOWLABEL_INVALID) {
331 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_FLOWINFO, t->ipv6_flowlabel);
332 if (r < 0)
333 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_FLOWINFO attribute: %m");
334 }
335
336 if (t->copy_dscp)
337 t->flags |= IP6_TNL_F_RCV_DSCP_COPY;
338
339 if (t->allow_localremote != -1)
340 SET_FLAG(t->flags, IP6_TNL_F_ALLOW_LOCAL_REMOTE, t->allow_localremote);
341
342 if (t->encap_limit != IPV6_DEFAULT_TNL_ENCAP_LIMIT) {
343 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_ENCAP_LIMIT, t->encap_limit);
344 if (r < 0)
345 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_ENCAP_LIMIT attribute: %m");
346 }
347
348 r = sd_netlink_message_append_u32(m, IFLA_IPTUN_FLAGS, t->flags);
349 if (r < 0)
350 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_FLAGS attribute: %m");
351
352 switch (t->ip6tnl_mode) {
353 case NETDEV_IP6_TNL_MODE_IP6IP6:
354 proto = IPPROTO_IPV6;
355 break;
356 case NETDEV_IP6_TNL_MODE_IPIP6:
357 proto = IPPROTO_IPIP;
358 break;
359 case NETDEV_IP6_TNL_MODE_ANYIP6:
360 default:
361 proto = 0;
362 break;
363 }
364
365 r = sd_netlink_message_append_u8(m, IFLA_IPTUN_PROTO, proto);
366 if (r < 0)
367 return log_netdev_error_errno(netdev, r, "Could not append IFLA_IPTUN_MODE attribute: %m");
368
369 return r;
370 }
371
372 static int netdev_tunnel_verify(NetDev *netdev, const char *filename) {
373 Tunnel *t = NULL;
374
375 assert(netdev);
376 assert(filename);
377
378 switch (netdev->kind) {
379 case NETDEV_KIND_IPIP:
380 t = IPIP(netdev);
381 break;
382 case NETDEV_KIND_SIT:
383 t = SIT(netdev);
384 break;
385 case NETDEV_KIND_GRE:
386 t = GRE(netdev);
387 break;
388 case NETDEV_KIND_GRETAP:
389 t = GRETAP(netdev);
390 break;
391 case NETDEV_KIND_IP6GRE:
392 t = IP6GRE(netdev);
393 break;
394 case NETDEV_KIND_IP6GRETAP:
395 t = IP6GRETAP(netdev);
396 break;
397 case NETDEV_KIND_VTI:
398 t = VTI(netdev);
399 break;
400 case NETDEV_KIND_VTI6:
401 t = VTI6(netdev);
402 break;
403 case NETDEV_KIND_IP6TNL:
404 t = IP6TNL(netdev);
405 break;
406 default:
407 assert_not_reached("Invalid tunnel kind");
408 }
409
410 assert(t);
411
412 if (!IN_SET(t->family, AF_INET, AF_INET6, AF_UNSPEC)) {
413 log_netdev_error(netdev,
414 "Tunnel with invalid address family configured in %s. Ignoring", filename);
415 return -EINVAL;
416 }
417
418 if (IN_SET(netdev->kind, NETDEV_KIND_VTI, NETDEV_KIND_IPIP, NETDEV_KIND_GRE, NETDEV_KIND_GRETAP) &&
419 (t->family != AF_INET || in_addr_is_null(t->family, &t->local))) {
420 log_netdev_error(netdev,
421 "vti/ipip/gre/gretap tunnel without a local IPv4 address configured in %s. Ignoring", filename);
422 return -EINVAL;
423 }
424
425 if (IN_SET(netdev->kind, NETDEV_KIND_VTI6, NETDEV_KIND_IP6TNL, NETDEV_KIND_IP6GRE) &&
426 (t->family != AF_INET6 || in_addr_is_null(t->family, &t->local))) {
427 log_netdev_error(netdev,
428 "vti6/ip6tnl/ip6gre tunnel without a local IPv6 address configured in %s. Ignoring", filename);
429 return -EINVAL;
430 }
431
432 if (netdev->kind == NETDEV_KIND_IP6TNL &&
433 t->ip6tnl_mode == _NETDEV_IP6_TNL_MODE_INVALID) {
434 log_netdev_error(netdev,
435 "ip6tnl without mode configured in %s. Ignoring", filename);
436 return -EINVAL;
437 }
438
439 if (t->fou_tunnel && t->fou_destination_port <= 0) {
440 log_netdev_error(netdev, "FooOverUDP missing port configured in %s. Ignoring", filename);
441 return -EINVAL;
442 }
443
444 return 0;
445 }
446
447 int config_parse_tunnel_address(const char *unit,
448 const char *filename,
449 unsigned line,
450 const char *section,
451 unsigned section_line,
452 const char *lvalue,
453 int ltype,
454 const char *rvalue,
455 void *data,
456 void *userdata) {
457 Tunnel *t = userdata;
458 union in_addr_union *addr = data, buffer;
459 int r, f;
460
461 assert(filename);
462 assert(lvalue);
463 assert(rvalue);
464 assert(data);
465
466 /* This is used to parse addresses on both local and remote ends of the tunnel.
467 * Address families must match.
468 *
469 * "any" is a special value which means that the address is unspecified.
470 */
471
472 if (streq(rvalue, "any")) {
473 *addr = IN_ADDR_NULL;
474
475 /* As a special case, if both the local and remote addresses are
476 * unspecified, also clear the address family.
477 */
478 if (t->family != AF_UNSPEC &&
479 in_addr_is_null(t->family, &t->local) &&
480 in_addr_is_null(t->family, &t->remote))
481 t->family = AF_UNSPEC;
482 return 0;
483 }
484
485 r = in_addr_from_string_auto(rvalue, &f, &buffer);
486 if (r < 0) {
487 log_syntax(unit, LOG_ERR, filename, line, r,
488 "Tunnel address \"%s\" invalid, ignoring assignment: %m", rvalue);
489 return 0;
490 }
491
492 if (t->family != AF_UNSPEC && t->family != f) {
493 log_syntax(unit, LOG_ERR, filename, line, 0,
494 "Tunnel addresses incompatible, ignoring assignment: %s", rvalue);
495 return 0;
496 }
497
498 t->family = f;
499 *addr = buffer;
500 return 0;
501 }
502
503 int config_parse_tunnel_key(const char *unit,
504 const char *filename,
505 unsigned line,
506 const char *section,
507 unsigned section_line,
508 const char *lvalue,
509 int ltype,
510 const char *rvalue,
511 void *data,
512 void *userdata) {
513 union in_addr_union buffer;
514 Tunnel *t = userdata;
515 uint32_t k;
516 int r;
517
518 assert(filename);
519 assert(lvalue);
520 assert(rvalue);
521 assert(data);
522
523 r = in_addr_from_string(AF_INET, rvalue, &buffer);
524 if (r < 0) {
525 r = safe_atou32(rvalue, &k);
526 if (r < 0) {
527 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse tunnel key ignoring assignment: %s", rvalue);
528 return 0;
529 }
530 } else
531 k = be32toh(buffer.in.s_addr);
532
533 if (streq(lvalue, "Key"))
534 t->key = k;
535 else if (streq(lvalue, "InputKey"))
536 t->ikey = k;
537 else
538 t->okey = k;
539
540 return 0;
541 }
542
543 int config_parse_ipv6_flowlabel(const char* unit,
544 const char *filename,
545 unsigned line,
546 const char *section,
547 unsigned section_line,
548 const char *lvalue,
549 int ltype,
550 const char *rvalue,
551 void *data,
552 void *userdata) {
553 IPv6FlowLabel *ipv6_flowlabel = data;
554 Tunnel *t = userdata;
555 int k = 0;
556 int r;
557
558 assert(filename);
559 assert(lvalue);
560 assert(rvalue);
561 assert(ipv6_flowlabel);
562
563 if (streq(rvalue, "inherit")) {
564 *ipv6_flowlabel = IP6_FLOWINFO_FLOWLABEL;
565 t->flags |= IP6_TNL_F_USE_ORIG_FLOWLABEL;
566 } else {
567 r = config_parse_int(unit, filename, line, section, section_line, lvalue, ltype, rvalue, &k, userdata);
568 if (r < 0)
569 return r;
570
571 if (k > 0xFFFFF)
572 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IPv6 flowlabel option, ignoring: %s", rvalue);
573 else {
574 *ipv6_flowlabel = htobe32(k) & IP6_FLOWINFO_FLOWLABEL;
575 t->flags &= ~IP6_TNL_F_USE_ORIG_FLOWLABEL;
576 }
577 }
578
579 return 0;
580 }
581
582 int config_parse_encap_limit(const char* unit,
583 const char *filename,
584 unsigned line,
585 const char *section,
586 unsigned section_line,
587 const char *lvalue,
588 int ltype,
589 const char *rvalue,
590 void *data,
591 void *userdata) {
592 Tunnel *t = userdata;
593 int k = 0;
594 int r;
595
596 assert(filename);
597 assert(lvalue);
598 assert(rvalue);
599
600 if (streq(rvalue, "none"))
601 t->flags |= IP6_TNL_F_IGN_ENCAP_LIMIT;
602 else {
603 r = safe_atoi(rvalue, &k);
604 if (r < 0) {
605 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse Tunnel Encapsulation Limit option, ignoring: %s", rvalue);
606 return 0;
607 }
608
609 if (k > 255 || k < 0)
610 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid Tunnel Encapsulation value, ignoring: %d", k);
611 else {
612 t->encap_limit = k;
613 t->flags &= ~IP6_TNL_F_IGN_ENCAP_LIMIT;
614 }
615 }
616
617 return 0;
618 }
619
620 static void ipip_init(NetDev *n) {
621 Tunnel *t = IPIP(n);
622
623 assert(n);
624 assert(t);
625
626 t->pmtudisc = true;
627 t->fou_encap_type = FOU_ENCAP_DIRECT;
628 }
629
630 static void sit_init(NetDev *n) {
631 Tunnel *t = SIT(n);
632
633 assert(n);
634 assert(t);
635
636 t->pmtudisc = true;
637 }
638
639 static void vti_init(NetDev *n) {
640 Tunnel *t;
641
642 assert(n);
643
644 if (n->kind == NETDEV_KIND_VTI)
645 t = VTI(n);
646 else
647 t = VTI6(n);
648
649 assert(t);
650
651 t->pmtudisc = true;
652 }
653
654 static void gre_init(NetDev *n) {
655 Tunnel *t;
656
657 assert(n);
658
659 if (n->kind == NETDEV_KIND_GRE)
660 t = GRE(n);
661 else
662 t = GRETAP(n);
663
664 assert(t);
665
666 t->pmtudisc = true;
667 }
668
669 static void ip6gre_init(NetDev *n) {
670 Tunnel *t;
671
672 assert(n);
673
674 if (n->kind == NETDEV_KIND_IP6GRE)
675 t = IP6GRE(n);
676 else
677 t = IP6GRETAP(n);
678
679 assert(t);
680
681 t->ttl = DEFAULT_TNL_HOP_LIMIT;
682 }
683
684 static void ip6tnl_init(NetDev *n) {
685 Tunnel *t = IP6TNL(n);
686
687 assert(n);
688 assert(t);
689
690 t->ttl = DEFAULT_TNL_HOP_LIMIT;
691 t->encap_limit = IPV6_DEFAULT_TNL_ENCAP_LIMIT;
692 t->ip6tnl_mode = _NETDEV_IP6_TNL_MODE_INVALID;
693 t->ipv6_flowlabel = _NETDEV_IPV6_FLOWLABEL_INVALID;
694 t->allow_localremote = -1;
695 }
696
697 const NetDevVTable ipip_vtable = {
698 .object_size = sizeof(Tunnel),
699 .init = ipip_init,
700 .sections = "Match\0NetDev\0Tunnel\0",
701 .fill_message_create = netdev_ipip_fill_message_create,
702 .create_type = NETDEV_CREATE_STACKED,
703 .config_verify = netdev_tunnel_verify,
704 };
705
706 const NetDevVTable sit_vtable = {
707 .object_size = sizeof(Tunnel),
708 .init = sit_init,
709 .sections = "Match\0NetDev\0Tunnel\0",
710 .fill_message_create = netdev_sit_fill_message_create,
711 .create_type = NETDEV_CREATE_STACKED,
712 .config_verify = netdev_tunnel_verify,
713 };
714
715 const NetDevVTable vti_vtable = {
716 .object_size = sizeof(Tunnel),
717 .init = vti_init,
718 .sections = "Match\0NetDev\0Tunnel\0",
719 .fill_message_create = netdev_vti_fill_message_create,
720 .create_type = NETDEV_CREATE_STACKED,
721 .config_verify = netdev_tunnel_verify,
722 };
723
724 const NetDevVTable vti6_vtable = {
725 .object_size = sizeof(Tunnel),
726 .init = vti_init,
727 .sections = "Match\0NetDev\0Tunnel\0",
728 .fill_message_create = netdev_vti6_fill_message_create,
729 .create_type = NETDEV_CREATE_STACKED,
730 .config_verify = netdev_tunnel_verify,
731 };
732
733 const NetDevVTable gre_vtable = {
734 .object_size = sizeof(Tunnel),
735 .init = gre_init,
736 .sections = "Match\0NetDev\0Tunnel\0",
737 .fill_message_create = netdev_gre_fill_message_create,
738 .create_type = NETDEV_CREATE_STACKED,
739 .config_verify = netdev_tunnel_verify,
740 };
741
742 const NetDevVTable gretap_vtable = {
743 .object_size = sizeof(Tunnel),
744 .init = gre_init,
745 .sections = "Match\0NetDev\0Tunnel\0",
746 .fill_message_create = netdev_gre_fill_message_create,
747 .create_type = NETDEV_CREATE_STACKED,
748 .config_verify = netdev_tunnel_verify,
749 };
750
751 const NetDevVTable ip6gre_vtable = {
752 .object_size = sizeof(Tunnel),
753 .init = ip6gre_init,
754 .sections = "Match\0NetDev\0Tunnel\0",
755 .fill_message_create = netdev_ip6gre_fill_message_create,
756 .create_type = NETDEV_CREATE_STACKED,
757 .config_verify = netdev_tunnel_verify,
758 };
759
760 const NetDevVTable ip6gretap_vtable = {
761 .object_size = sizeof(Tunnel),
762 .init = ip6gre_init,
763 .sections = "Match\0NetDev\0Tunnel\0",
764 .fill_message_create = netdev_ip6gre_fill_message_create,
765 .create_type = NETDEV_CREATE_STACKED,
766 .config_verify = netdev_tunnel_verify,
767 };
768
769 const NetDevVTable ip6tnl_vtable = {
770 .object_size = sizeof(Tunnel),
771 .init = ip6tnl_init,
772 .sections = "Match\0NetDev\0Tunnel\0",
773 .fill_message_create = netdev_ip6tnl_fill_message_create,
774 .create_type = NETDEV_CREATE_STACKED,
775 .config_verify = netdev_tunnel_verify,
776 };
Unnamed repository; edit this file 'description' to name the repository.