2 This file is part of systemd.
4 Copyright 2013 Tom Gundersen <teg@jklm.no>
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include "alloc-util.h"
24 #include "conf-files.h"
25 #include "conf-parser.h"
26 #include "dns-domain.h"
28 #include "hostname-util.h"
29 #include "network-internal.h"
30 #include "networkd-network.h"
32 #include "parse-util.h"
34 #include "stat-util.h"
35 #include "string-table.h"
36 #include "string-util.h"
39 static int network_load_one(Manager
*manager
, const char *filename
) {
40 _cleanup_network_free_ Network
*network
= NULL
;
41 _cleanup_fclose_
FILE *file
= NULL
;
50 file
= fopen(filename
, "re");
58 if (null_or_empty_fd(fileno(file
))) {
59 log_debug("Skipping empty file: %s", filename
);
63 network
= new0(Network
, 1);
67 network
->manager
= manager
;
69 LIST_HEAD_INIT(network
->static_addresses
);
70 LIST_HEAD_INIT(network
->static_routes
);
71 LIST_HEAD_INIT(network
->static_fdb_entries
);
73 network
->stacked_netdevs
= hashmap_new(&string_hash_ops
);
74 if (!network
->stacked_netdevs
)
77 network
->addresses_by_section
= hashmap_new(NULL
);
78 if (!network
->addresses_by_section
)
81 network
->routes_by_section
= hashmap_new(NULL
);
82 if (!network
->routes_by_section
)
85 network
->fdb_entries_by_section
= hashmap_new(NULL
);
86 if (!network
->fdb_entries_by_section
)
89 network
->filename
= strdup(filename
);
90 if (!network
->filename
)
93 network
->name
= strdup(basename(filename
));
97 d
= strrchr(network
->name
, '.');
101 assert(streq(d
, ".network"));
105 network
->dhcp
= ADDRESS_FAMILY_NO
;
106 network
->dhcp_use_ntp
= true;
107 network
->dhcp_use_dns
= true;
108 network
->dhcp_use_hostname
= true;
109 network
->dhcp_use_routes
= true;
110 network
->dhcp_send_hostname
= true;
111 network
->dhcp_route_metric
= DHCP_ROUTE_METRIC
;
112 network
->dhcp_client_identifier
= DHCP_CLIENT_ID_DUID
;
114 network
->dhcp_server_emit_dns
= true;
115 network
->dhcp_server_emit_ntp
= true;
116 network
->dhcp_server_emit_router
= true;
117 network
->dhcp_server_emit_timezone
= true;
119 network
->use_bpdu
= true;
120 network
->allow_port_to_be_root
= true;
121 network
->unicast_flood
= true;
123 network
->lldp_mode
= LLDP_MODE_ROUTERS_ONLY
;
125 network
->llmnr
= RESOLVE_SUPPORT_YES
;
126 network
->mdns
= RESOLVE_SUPPORT_NO
;
127 network
->dnssec_mode
= _DNSSEC_MODE_INVALID
;
129 network
->link_local
= ADDRESS_FAMILY_IPV6
;
131 network
->ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_NO
;
132 network
->ipv6_accept_ra
= -1;
133 network
->ipv6_dad_transmits
= -1;
134 network
->ipv6_hop_limit
= -1;
135 network
->duid
.type
= _DUID_TYPE_INVALID
;
136 network
->proxy_arp
= -1;
138 network
->ipv6_accept_ra_use_dns
= true;
140 r
= config_parse(NULL
, filename
, file
,
147 "DHCPv4\0" /* compat */
153 config_item_perf_lookup
, network_network_gperf_lookup
,
154 false, false, true, network
);
158 /* IPMasquerade=yes implies IPForward=yes */
159 if (network
->ip_masquerade
)
160 network
->ip_forward
|= ADDRESS_FAMILY_IPV4
;
162 LIST_PREPEND(networks
, manager
->networks
, network
);
164 r
= hashmap_ensure_allocated(&manager
->networks_by_name
, &string_hash_ops
);
168 r
= hashmap_put(manager
->networks_by_name
, network
->name
, network
);
172 LIST_FOREACH(routes
, route
, network
->static_routes
) {
173 if (!route
->family
) {
174 log_warning("Route section without Gateway field configured in %s. "
175 "Ignoring", filename
);
180 LIST_FOREACH(addresses
, address
, network
->static_addresses
) {
181 if (!address
->family
) {
182 log_warning("Address section without Address field configured in %s. "
183 "Ignoring", filename
);
193 int network_load(Manager
*manager
) {
195 _cleanup_strv_free_
char **files
= NULL
;
201 while ((network
= manager
->networks
))
202 network_free(network
);
204 r
= conf_files_list_strv(&files
, ".network", NULL
, network_dirs
);
206 return log_error_errno(r
, "Failed to enumerate network files: %m");
208 STRV_FOREACH_BACKWARDS(f
, files
) {
209 r
= network_load_one(manager
, *f
);
217 void network_free(Network
*network
) {
227 free(network
->filename
);
229 free(network
->match_mac
);
230 strv_free(network
->match_path
);
231 strv_free(network
->match_driver
);
232 strv_free(network
->match_type
);
233 strv_free(network
->match_name
);
235 free(network
->description
);
236 free(network
->dhcp_vendor_class_identifier
);
237 free(network
->dhcp_hostname
);
241 strv_free(network
->ntp
);
242 strv_free(network
->dns
);
243 strv_free(network
->search_domains
);
244 strv_free(network
->route_domains
);
245 strv_free(network
->bind_carrier
);
247 netdev_unref(network
->bridge
);
248 netdev_unref(network
->bond
);
249 netdev_unref(network
->vrf
);
251 HASHMAP_FOREACH(netdev
, network
->stacked_netdevs
, i
) {
252 hashmap_remove(network
->stacked_netdevs
, netdev
->ifname
);
253 netdev_unref(netdev
);
255 hashmap_free(network
->stacked_netdevs
);
257 while ((route
= network
->static_routes
))
260 while ((address
= network
->static_addresses
))
261 address_free(address
);
263 while ((fdb_entry
= network
->static_fdb_entries
))
264 fdb_entry_free(fdb_entry
);
266 hashmap_free(network
->addresses_by_section
);
267 hashmap_free(network
->routes_by_section
);
268 hashmap_free(network
->fdb_entries_by_section
);
270 if (network
->manager
) {
271 if (network
->manager
->networks
)
272 LIST_REMOVE(networks
, network
->manager
->networks
, network
);
274 if (network
->manager
->networks_by_name
)
275 hashmap_remove(network
->manager
->networks_by_name
, network
->name
);
280 condition_free_list(network
->match_host
);
281 condition_free_list(network
->match_virt
);
282 condition_free_list(network
->match_kernel
);
283 condition_free_list(network
->match_arch
);
285 free(network
->dhcp_server_timezone
);
286 free(network
->dhcp_server_dns
);
287 free(network
->dhcp_server_ntp
);
289 set_free_free(network
->dnssec_negative_trust_anchors
);
294 int network_get_by_name(Manager
*manager
, const char *name
, Network
**ret
) {
301 network
= hashmap_get(manager
->networks_by_name
, name
);
310 int network_get(Manager
*manager
, struct udev_device
*device
,
311 const char *ifname
, const struct ether_addr
*address
,
314 struct udev_device
*parent
;
315 const char *path
= NULL
, *parent_driver
= NULL
, *driver
= NULL
, *devtype
= NULL
;
321 path
= udev_device_get_property_value(device
, "ID_PATH");
323 parent
= udev_device_get_parent(device
);
325 parent_driver
= udev_device_get_driver(parent
);
327 driver
= udev_device_get_property_value(device
, "ID_NET_DRIVER");
329 devtype
= udev_device_get_devtype(device
);
332 LIST_FOREACH(networks
, network
, manager
->networks
) {
333 if (net_match_config(network
->match_mac
, network
->match_path
,
334 network
->match_driver
, network
->match_type
,
335 network
->match_name
, network
->match_host
,
336 network
->match_virt
, network
->match_kernel
,
338 address
, path
, parent_driver
, driver
,
340 if (network
->match_name
&& device
) {
342 uint8_t name_assign_type
= NET_NAME_UNKNOWN
;
344 attr
= udev_device_get_sysattr_value(device
, "name_assign_type");
346 (void) safe_atou8(attr
, &name_assign_type
);
348 if (name_assign_type
== NET_NAME_ENUM
)
349 log_warning("%s: found matching network '%s', based on potentially unpredictable ifname",
350 ifname
, network
->filename
);
352 log_debug("%s: found matching network '%s'", ifname
, network
->filename
);
354 log_debug("%s: found matching network '%s'", ifname
, network
->filename
);
366 int network_apply(Manager
*manager
, Network
*network
, Link
*link
) {
373 link
->network
= network
;
375 if (network
->ipv4ll_route
) {
378 r
= route_new_static(network
, 0, &route
);
382 r
= inet_pton(AF_INET
, "169.254.0.0", &route
->dst
.in
);
388 route
->family
= AF_INET
;
389 route
->dst_prefixlen
= 16;
390 route
->scope
= RT_SCOPE_LINK
;
391 route
->priority
= IPV4LL_ROUTE_METRIC
;
392 route
->protocol
= RTPROT_STATIC
;
395 if (!strv_isempty(network
->dns
) ||
396 !strv_isempty(network
->ntp
) ||
397 !strv_isempty(network
->search_domains
) ||
398 !strv_isempty(network
->route_domains
))
404 bool network_has_static_ipv6_addresses(Network
*network
) {
409 LIST_FOREACH(addresses
, address
, network
->static_addresses
) {
410 if (address
->family
== AF_INET6
)
417 int config_parse_netdev(const char *unit
,
418 const char *filename
,
421 unsigned section_line
,
427 Network
*network
= userdata
;
428 _cleanup_free_
char *kind_string
= NULL
;
439 kind_string
= strdup(lvalue
);
443 /* the keys are CamelCase versions of the kind */
444 for (p
= kind_string
; *p
; p
++)
447 kind
= netdev_kind_from_string(kind_string
);
448 if (kind
== _NETDEV_KIND_INVALID
) {
449 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid NetDev kind: %s", lvalue
);
453 r
= netdev_get(network
->manager
, rvalue
, &netdev
);
455 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "%s could not be found, ignoring assignment: %s", lvalue
, rvalue
);
459 if (netdev
->kind
!= kind
) {
460 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "NetDev is not a %s, ignoring assignment: %s", lvalue
, rvalue
);
465 case NETDEV_KIND_BRIDGE
:
466 network
->bridge
= netdev
;
469 case NETDEV_KIND_BOND
:
470 network
->bond
= netdev
;
473 case NETDEV_KIND_VRF
:
474 network
->vrf
= netdev
;
477 case NETDEV_KIND_VLAN
:
478 case NETDEV_KIND_MACVLAN
:
479 case NETDEV_KIND_MACVTAP
:
480 case NETDEV_KIND_IPVLAN
:
481 case NETDEV_KIND_VXLAN
:
482 case NETDEV_KIND_VCAN
:
483 r
= hashmap_put(network
->stacked_netdevs
, netdev
->ifname
, netdev
);
485 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Can not add VLAN '%s' to network: %m", rvalue
);
491 assert_not_reached("Can not parse NetDev");
499 int config_parse_domains(
501 const char *filename
,
504 unsigned section_line
,
519 if (isempty(rvalue
)) {
520 n
->search_domains
= strv_free(n
->search_domains
);
521 n
->route_domains
= strv_free(n
->route_domains
);
527 _cleanup_free_
char *w
= NULL
, *normalized
= NULL
;
531 r
= extract_first_word(&p
, &w
, NULL
, 0);
533 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract search or route domain, ignoring: %s", rvalue
);
539 is_route
= w
[0] == '~';
540 domain
= is_route
? w
+ 1 : w
;
542 if (dns_name_is_root(domain
) || streq(domain
, "*")) {
543 /* If the root domain appears as is, or the special token "*" is found, we'll consider this as
544 * routing domain, unconditionally. */
546 domain
= "."; /* make sure we don't allow empty strings, thus write the root domain as "." */
549 r
= dns_name_normalize(domain
, &normalized
);
551 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "'%s' is not a valid domain name, ignoring.", domain
);
557 if (is_localhost(domain
)) {
558 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "'localhost' domain names may not be configure as search or route domains, ignoring assignment: %s", domain
);
564 r
= strv_extend(&n
->route_domains
, domain
);
569 r
= strv_extend(&n
->search_domains
, domain
);
575 strv_uniq(n
->route_domains
);
576 strv_uniq(n
->search_domains
);
581 int config_parse_tunnel(const char *unit
,
582 const char *filename
,
585 unsigned section_line
,
591 Network
*network
= userdata
;
600 r
= netdev_get(network
->manager
, rvalue
, &netdev
);
602 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Tunnel is invalid, ignoring assignment: %s", rvalue
);
606 if (netdev
->kind
!= NETDEV_KIND_IPIP
&&
607 netdev
->kind
!= NETDEV_KIND_SIT
&&
608 netdev
->kind
!= NETDEV_KIND_GRE
&&
609 netdev
->kind
!= NETDEV_KIND_GRETAP
&&
610 netdev
->kind
!= NETDEV_KIND_IP6GRE
&&
611 netdev
->kind
!= NETDEV_KIND_IP6GRETAP
&&
612 netdev
->kind
!= NETDEV_KIND_VTI
&&
613 netdev
->kind
!= NETDEV_KIND_VTI6
&&
614 netdev
->kind
!= NETDEV_KIND_IP6TNL
616 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
617 "NetDev is not a tunnel, ignoring assignment: %s", rvalue
);
621 r
= hashmap_put(network
->stacked_netdevs
, netdev
->ifname
, netdev
);
623 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Cannot add VLAN '%s' to network, ignoring: %m", rvalue
);
632 int config_parse_ipv4ll(
634 const char *filename
,
637 unsigned section_line
,
644 AddressFamilyBoolean
*link_local
= data
;
651 /* Note that this is mostly like
652 * config_parse_address_family_boolean(), except that it
653 * applies only to IPv4 */
655 SET_FLAG(*link_local
, ADDRESS_FAMILY_IPV4
, parse_boolean(rvalue
));
660 int config_parse_dhcp(
662 const char *filename
,
665 unsigned section_line
,
672 AddressFamilyBoolean
*dhcp
= data
, s
;
679 /* Note that this is mostly like
680 * config_parse_address_family_boolean(), except that it
681 * understands some old names for the enum values */
683 s
= address_family_boolean_from_string(rvalue
);
686 /* Previously, we had a slightly different enum here,
687 * support its values for compatbility. */
689 if (streq(rvalue
, "none"))
690 s
= ADDRESS_FAMILY_NO
;
691 else if (streq(rvalue
, "v4"))
692 s
= ADDRESS_FAMILY_IPV4
;
693 else if (streq(rvalue
, "v6"))
694 s
= ADDRESS_FAMILY_IPV6
;
695 else if (streq(rvalue
, "both"))
696 s
= ADDRESS_FAMILY_YES
;
698 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse DHCP option, ignoring: %s", rvalue
);
707 static const char* const dhcp_client_identifier_table
[_DHCP_CLIENT_ID_MAX
] = {
708 [DHCP_CLIENT_ID_MAC
] = "mac",
709 [DHCP_CLIENT_ID_DUID
] = "duid"
712 DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING(dhcp_client_identifier
, DCHPClientIdentifier
);
713 DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_client_identifier
, dhcp_client_identifier
, DCHPClientIdentifier
, "Failed to parse client identifier type");
715 int config_parse_ipv6token(
717 const char *filename
,
720 unsigned section_line
,
727 union in_addr_union buffer
;
728 struct in6_addr
*token
= data
;
736 r
= in_addr_from_string(AF_INET6
, rvalue
, &buffer
);
738 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse IPv6 token, ignoring: %s", rvalue
);
742 r
= in_addr_is_null(AF_INET6
, &buffer
);
744 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "IPv6 token can not be the ANY address, ignoring: %s", rvalue
);
748 if ((buffer
.in6
.s6_addr32
[0] | buffer
.in6
.s6_addr32
[1]) != 0) {
749 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "IPv6 token can not be longer than 64 bits, ignoring: %s", rvalue
);
758 static const char* const ipv6_privacy_extensions_table
[_IPV6_PRIVACY_EXTENSIONS_MAX
] = {
759 [IPV6_PRIVACY_EXTENSIONS_NO
] = "no",
760 [IPV6_PRIVACY_EXTENSIONS_PREFER_PUBLIC
] = "prefer-public",
761 [IPV6_PRIVACY_EXTENSIONS_YES
] = "yes",
764 DEFINE_STRING_TABLE_LOOKUP(ipv6_privacy_extensions
, IPv6PrivacyExtensions
);
766 int config_parse_ipv6_privacy_extensions(
768 const char *filename
,
771 unsigned section_line
,
778 IPv6PrivacyExtensions
*ipv6_privacy_extensions
= data
;
784 assert(ipv6_privacy_extensions
);
786 /* Our enum shall be a superset of booleans, hence first try
787 * to parse as boolean, and then as enum */
789 k
= parse_boolean(rvalue
);
791 *ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_YES
;
793 *ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_NO
;
795 IPv6PrivacyExtensions s
;
797 s
= ipv6_privacy_extensions_from_string(rvalue
);
800 if (streq(rvalue
, "kernel"))
801 s
= _IPV6_PRIVACY_EXTENSIONS_INVALID
;
803 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse IPv6 privacy extensions option, ignoring: %s", rvalue
);
808 *ipv6_privacy_extensions
= s
;
814 int config_parse_hostname(
816 const char *filename
,
819 unsigned section_line
,
826 char **hostname
= data
, *hn
= NULL
;
833 r
= config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, &hn
, userdata
);
837 if (!hostname_is_valid(hn
, false)) {
838 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Hostname is not valid, ignoring assignment: %s", rvalue
);
844 *hostname
= hostname_cleanup(hn
);
848 int config_parse_timezone(
850 const char *filename
,
853 unsigned section_line
,
860 char **datap
= data
, *tz
= NULL
;
867 r
= config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, &tz
, userdata
);
871 if (!timezone_is_valid(tz
)) {
872 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Timezone is not valid, ignoring assignment: %s", rvalue
);
883 int config_parse_dhcp_server_dns(
885 const char *filename
,
888 unsigned section_line
,
896 const char *p
= rvalue
;
904 _cleanup_free_
char *w
= NULL
;
905 struct in_addr a
, *m
;
907 r
= extract_first_word(&p
, &w
, NULL
, 0);
909 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract word, ignoring: %s", rvalue
);
916 if (inet_pton(AF_INET
, w
, &a
) <= 0) {
917 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse DNS server address, ignoring: %s", w
);
921 m
= realloc(n
->dhcp_server_dns
, (n
->n_dhcp_server_dns
+ 1) * sizeof(struct in_addr
));
925 m
[n
->n_dhcp_server_dns
++] = a
;
926 n
->dhcp_server_dns
= m
;
930 int config_parse_dhcp_server_ntp(
932 const char *filename
,
935 unsigned section_line
,
943 const char *p
= rvalue
;
951 _cleanup_free_
char *w
= NULL
;
952 struct in_addr a
, *m
;
954 r
= extract_first_word(&p
, &w
, NULL
, 0);
956 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract word, ignoring: %s", rvalue
);
963 if (inet_pton(AF_INET
, w
, &a
) <= 0) {
964 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse NTP server address, ignoring: %s", w
);
968 m
= realloc(n
->dhcp_server_ntp
, (n
->n_dhcp_server_ntp
+ 1) * sizeof(struct in_addr
));
972 m
[n
->n_dhcp_server_ntp
++] = a
;
973 n
->dhcp_server_ntp
= m
;
977 int config_parse_dnssec_negative_trust_anchors(
979 const char *filename
,
982 unsigned section_line
,
989 const char *p
= rvalue
;
997 if (isempty(rvalue
)) {
998 n
->dnssec_negative_trust_anchors
= set_free_free(n
->dnssec_negative_trust_anchors
);
1003 _cleanup_free_
char *w
= NULL
;
1005 r
= extract_first_word(&p
, &w
, NULL
, 0);
1007 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract negative trust anchor domain, ignoring: %s", rvalue
);
1013 r
= dns_name_is_valid(w
);
1015 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "%s is not a valid domain name, ignoring.", w
);
1019 r
= set_ensure_allocated(&n
->dnssec_negative_trust_anchors
, &dns_name_hash_ops
);
1023 r
= set_put(n
->dnssec_negative_trust_anchors
, w
);
1033 DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_use_domains
, dhcp_use_domains
, DHCPUseDomains
, "Failed to parse DHCP use domains setting");
1035 static const char* const dhcp_use_domains_table
[_DHCP_USE_DOMAINS_MAX
] = {
1036 [DHCP_USE_DOMAINS_NO
] = "no",
1037 [DHCP_USE_DOMAINS_ROUTE
] = "route",
1038 [DHCP_USE_DOMAINS_YES
] = "yes",
1041 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dhcp_use_domains
, DHCPUseDomains
, DHCP_USE_DOMAINS_YES
);
1043 DEFINE_CONFIG_PARSE_ENUM(config_parse_lldp_mode
, lldp_mode
, LLDPMode
, "Failed to parse LLDP= setting.");
1045 static const char* const lldp_mode_table
[_LLDP_MODE_MAX
] = {
1046 [LLDP_MODE_NO
] = "no",
1047 [LLDP_MODE_YES
] = "yes",
1048 [LLDP_MODE_ROUTERS_ONLY
] = "routers-only",
1051 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(lldp_mode
, LLDPMode
, LLDP_MODE_YES
);