2 This file is part of systemd.
4 Copyright 2013 Tom Gundersen <teg@jklm.no>
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include "alloc-util.h"
24 #include "conf-files.h"
25 #include "conf-parser.h"
26 #include "dns-domain.h"
28 #include "hostname-util.h"
29 #include "network-internal.h"
30 #include "networkd-network.h"
32 #include "parse-util.h"
34 #include "stat-util.h"
35 #include "string-table.h"
36 #include "string-util.h"
39 static int network_load_one(Manager
*manager
, const char *filename
) {
40 _cleanup_network_free_ Network
*network
= NULL
;
41 _cleanup_fclose_
FILE *file
= NULL
;
50 file
= fopen(filename
, "re");
58 if (null_or_empty_fd(fileno(file
))) {
59 log_debug("Skipping empty file: %s", filename
);
63 network
= new0(Network
, 1);
67 network
->manager
= manager
;
69 LIST_HEAD_INIT(network
->static_addresses
);
70 LIST_HEAD_INIT(network
->static_routes
);
71 LIST_HEAD_INIT(network
->static_fdb_entries
);
73 network
->stacked_netdevs
= hashmap_new(&string_hash_ops
);
74 if (!network
->stacked_netdevs
)
77 network
->addresses_by_section
= hashmap_new(NULL
);
78 if (!network
->addresses_by_section
)
81 network
->routes_by_section
= hashmap_new(NULL
);
82 if (!network
->routes_by_section
)
85 network
->fdb_entries_by_section
= hashmap_new(NULL
);
86 if (!network
->fdb_entries_by_section
)
89 network
->filename
= strdup(filename
);
90 if (!network
->filename
)
93 network
->name
= strdup(basename(filename
));
97 d
= strrchr(network
->name
, '.');
101 assert(streq(d
, ".network"));
105 network
->dhcp
= ADDRESS_FAMILY_NO
;
106 network
->dhcp_use_ntp
= true;
107 network
->dhcp_use_dns
= true;
108 network
->dhcp_use_hostname
= true;
109 network
->dhcp_use_routes
= true;
110 network
->dhcp_send_hostname
= true;
111 network
->dhcp_route_metric
= DHCP_ROUTE_METRIC
;
112 network
->dhcp_client_identifier
= DHCP_CLIENT_ID_DUID
;
114 network
->dhcp_server_emit_dns
= true;
115 network
->dhcp_server_emit_ntp
= true;
116 network
->dhcp_server_emit_router
= true;
117 network
->dhcp_server_emit_timezone
= true;
119 network
->use_bpdu
= true;
120 network
->allow_port_to_be_root
= true;
121 network
->unicast_flood
= true;
123 network
->lldp_mode
= LLDP_MODE_ROUTERS_ONLY
;
125 network
->llmnr
= RESOLVE_SUPPORT_YES
;
126 network
->mdns
= RESOLVE_SUPPORT_NO
;
127 network
->dnssec_mode
= _DNSSEC_MODE_INVALID
;
129 network
->link_local
= ADDRESS_FAMILY_IPV6
;
131 network
->ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_NO
;
132 network
->ipv6_accept_ra
= -1;
133 network
->ipv6_dad_transmits
= -1;
134 network
->ipv6_hop_limit
= -1;
135 network
->duid
.type
= _DUID_TYPE_INVALID
;
136 network
->proxy_arp
= -1;
137 network
->ipv6_accept_ra_use_dns
= true;
139 r
= config_parse(NULL
, filename
, file
,
146 "DHCPv4\0" /* compat */
152 config_item_perf_lookup
, network_network_gperf_lookup
,
153 false, false, true, network
);
157 /* IPMasquerade=yes implies IPForward=yes */
158 if (network
->ip_masquerade
)
159 network
->ip_forward
|= ADDRESS_FAMILY_IPV4
;
161 LIST_PREPEND(networks
, manager
->networks
, network
);
163 r
= hashmap_ensure_allocated(&manager
->networks_by_name
, &string_hash_ops
);
167 r
= hashmap_put(manager
->networks_by_name
, network
->name
, network
);
171 LIST_FOREACH(routes
, route
, network
->static_routes
) {
172 if (!route
->family
) {
173 log_warning("Route section without Gateway field configured in %s. "
174 "Ignoring", filename
);
179 LIST_FOREACH(addresses
, address
, network
->static_addresses
) {
180 if (!address
->family
) {
181 log_warning("Address section without Address field configured in %s. "
182 "Ignoring", filename
);
192 int network_load(Manager
*manager
) {
194 _cleanup_strv_free_
char **files
= NULL
;
200 while ((network
= manager
->networks
))
201 network_free(network
);
203 r
= conf_files_list_strv(&files
, ".network", NULL
, network_dirs
);
205 return log_error_errno(r
, "Failed to enumerate network files: %m");
207 STRV_FOREACH_BACKWARDS(f
, files
) {
208 r
= network_load_one(manager
, *f
);
216 void network_free(Network
*network
) {
226 free(network
->filename
);
228 free(network
->match_mac
);
229 strv_free(network
->match_path
);
230 strv_free(network
->match_driver
);
231 strv_free(network
->match_type
);
232 strv_free(network
->match_name
);
234 free(network
->description
);
235 free(network
->dhcp_vendor_class_identifier
);
236 free(network
->dhcp_hostname
);
240 strv_free(network
->ntp
);
241 strv_free(network
->dns
);
242 strv_free(network
->search_domains
);
243 strv_free(network
->route_domains
);
244 strv_free(network
->bind_carrier
);
246 netdev_unref(network
->bridge
);
248 netdev_unref(network
->bond
);
250 HASHMAP_FOREACH(netdev
, network
->stacked_netdevs
, i
) {
251 hashmap_remove(network
->stacked_netdevs
, netdev
->ifname
);
252 netdev_unref(netdev
);
254 hashmap_free(network
->stacked_netdevs
);
256 while ((route
= network
->static_routes
))
259 while ((address
= network
->static_addresses
))
260 address_free(address
);
262 while ((fdb_entry
= network
->static_fdb_entries
))
263 fdb_entry_free(fdb_entry
);
265 hashmap_free(network
->addresses_by_section
);
266 hashmap_free(network
->routes_by_section
);
267 hashmap_free(network
->fdb_entries_by_section
);
269 if (network
->manager
) {
270 if (network
->manager
->networks
)
271 LIST_REMOVE(networks
, network
->manager
->networks
, network
);
273 if (network
->manager
->networks_by_name
)
274 hashmap_remove(network
->manager
->networks_by_name
, network
->name
);
279 condition_free_list(network
->match_host
);
280 condition_free_list(network
->match_virt
);
281 condition_free_list(network
->match_kernel
);
282 condition_free_list(network
->match_arch
);
284 free(network
->dhcp_server_timezone
);
285 free(network
->dhcp_server_dns
);
286 free(network
->dhcp_server_ntp
);
288 set_free_free(network
->dnssec_negative_trust_anchors
);
293 int network_get_by_name(Manager
*manager
, const char *name
, Network
**ret
) {
300 network
= hashmap_get(manager
->networks_by_name
, name
);
309 int network_get(Manager
*manager
, struct udev_device
*device
,
310 const char *ifname
, const struct ether_addr
*address
,
313 struct udev_device
*parent
;
314 const char *path
= NULL
, *parent_driver
= NULL
, *driver
= NULL
, *devtype
= NULL
;
320 path
= udev_device_get_property_value(device
, "ID_PATH");
322 parent
= udev_device_get_parent(device
);
324 parent_driver
= udev_device_get_driver(parent
);
326 driver
= udev_device_get_property_value(device
, "ID_NET_DRIVER");
328 devtype
= udev_device_get_devtype(device
);
331 LIST_FOREACH(networks
, network
, manager
->networks
) {
332 if (net_match_config(network
->match_mac
, network
->match_path
,
333 network
->match_driver
, network
->match_type
,
334 network
->match_name
, network
->match_host
,
335 network
->match_virt
, network
->match_kernel
,
337 address
, path
, parent_driver
, driver
,
339 if (network
->match_name
&& device
) {
341 uint8_t name_assign_type
= NET_NAME_UNKNOWN
;
343 attr
= udev_device_get_sysattr_value(device
, "name_assign_type");
345 (void) safe_atou8(attr
, &name_assign_type
);
347 if (name_assign_type
== NET_NAME_ENUM
)
348 log_warning("%s: found matching network '%s', based on potentially unpredictable ifname",
349 ifname
, network
->filename
);
351 log_debug("%s: found matching network '%s'", ifname
, network
->filename
);
353 log_debug("%s: found matching network '%s'", ifname
, network
->filename
);
365 int network_apply(Manager
*manager
, Network
*network
, Link
*link
) {
372 link
->network
= network
;
374 if (network
->ipv4ll_route
) {
377 r
= route_new_static(network
, 0, &route
);
381 r
= inet_pton(AF_INET
, "169.254.0.0", &route
->dst
.in
);
387 route
->family
= AF_INET
;
388 route
->dst_prefixlen
= 16;
389 route
->scope
= RT_SCOPE_LINK
;
390 route
->priority
= IPV4LL_ROUTE_METRIC
;
391 route
->protocol
= RTPROT_STATIC
;
394 if (!strv_isempty(network
->dns
) ||
395 !strv_isempty(network
->ntp
) ||
396 !strv_isempty(network
->search_domains
) ||
397 !strv_isempty(network
->route_domains
)) {
398 manager_dirty(manager
);
405 bool network_has_static_ipv6_addresses(Network
*network
) {
410 LIST_FOREACH(addresses
, address
, network
->static_addresses
) {
411 if (address
->family
== AF_INET6
)
418 int config_parse_netdev(const char *unit
,
419 const char *filename
,
422 unsigned section_line
,
428 Network
*network
= userdata
;
429 _cleanup_free_
char *kind_string
= NULL
;
440 kind_string
= strdup(lvalue
);
444 /* the keys are CamelCase versions of the kind */
445 for (p
= kind_string
; *p
; p
++)
448 kind
= netdev_kind_from_string(kind_string
);
449 if (kind
== _NETDEV_KIND_INVALID
) {
450 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid NetDev kind: %s", lvalue
);
454 r
= netdev_get(network
->manager
, rvalue
, &netdev
);
456 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "%s could not be found, ignoring assignment: %s", lvalue
, rvalue
);
460 if (netdev
->kind
!= kind
) {
461 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "NetDev is not a %s, ignoring assignment: %s", lvalue
, rvalue
);
466 case NETDEV_KIND_BRIDGE
:
467 network
->bridge
= netdev
;
470 case NETDEV_KIND_BOND
:
471 network
->bond
= netdev
;
474 case NETDEV_KIND_VLAN
:
475 case NETDEV_KIND_MACVLAN
:
476 case NETDEV_KIND_MACVTAP
:
477 case NETDEV_KIND_IPVLAN
:
478 case NETDEV_KIND_VXLAN
:
479 r
= hashmap_put(network
->stacked_netdevs
, netdev
->ifname
, netdev
);
481 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Can not add VLAN '%s' to network: %m", rvalue
);
487 assert_not_reached("Can not parse NetDev");
495 int config_parse_domains(
497 const char *filename
,
500 unsigned section_line
,
515 if (isempty(rvalue
)) {
516 n
->search_domains
= strv_free(n
->search_domains
);
517 n
->route_domains
= strv_free(n
->route_domains
);
523 _cleanup_free_
char *w
= NULL
, *normalized
= NULL
;
527 r
= extract_first_word(&p
, &w
, NULL
, 0);
529 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract search or route domain, ignoring: %s", rvalue
);
535 is_route
= w
[0] == '~';
536 domain
= is_route
? w
+ 1 : w
;
538 if (dns_name_is_root(domain
) || streq(domain
, "*")) {
539 /* If the root domain appears as is, or the special token "*" is found, we'll consider this as
540 * routing domain, unconditionally. */
542 domain
= "."; /* make sure we don't allow empty strings, thus write the root domain as "." */
545 r
= dns_name_normalize(domain
, &normalized
);
547 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "'%s' is not a valid domain name, ignoring.", domain
);
553 if (is_localhost(domain
)) {
554 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "'localhost' domain names may not be configure as search or route domains, ignoring assignment: %s", domain
);
560 r
= strv_extend(&n
->route_domains
, domain
);
565 r
= strv_extend(&n
->search_domains
, domain
);
571 strv_uniq(n
->route_domains
);
572 strv_uniq(n
->search_domains
);
577 int config_parse_tunnel(const char *unit
,
578 const char *filename
,
581 unsigned section_line
,
587 Network
*network
= userdata
;
596 r
= netdev_get(network
->manager
, rvalue
, &netdev
);
598 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Tunnel is invalid, ignoring assignment: %s", rvalue
);
602 if (netdev
->kind
!= NETDEV_KIND_IPIP
&&
603 netdev
->kind
!= NETDEV_KIND_SIT
&&
604 netdev
->kind
!= NETDEV_KIND_GRE
&&
605 netdev
->kind
!= NETDEV_KIND_GRETAP
&&
606 netdev
->kind
!= NETDEV_KIND_IP6GRE
&&
607 netdev
->kind
!= NETDEV_KIND_IP6GRETAP
&&
608 netdev
->kind
!= NETDEV_KIND_VTI
&&
609 netdev
->kind
!= NETDEV_KIND_VTI6
&&
610 netdev
->kind
!= NETDEV_KIND_IP6TNL
612 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
613 "NetDev is not a tunnel, ignoring assignment: %s", rvalue
);
617 r
= hashmap_put(network
->stacked_netdevs
, netdev
->ifname
, netdev
);
619 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Cannot add VLAN '%s' to network, ignoring: %m", rvalue
);
628 int config_parse_ipv4ll(
630 const char *filename
,
633 unsigned section_line
,
640 AddressFamilyBoolean
*link_local
= data
;
647 /* Note that this is mostly like
648 * config_parse_address_family_boolean(), except that it
649 * applies only to IPv4 */
651 SET_FLAG(*link_local
, ADDRESS_FAMILY_IPV4
, parse_boolean(rvalue
));
656 int config_parse_dhcp(
658 const char *filename
,
661 unsigned section_line
,
668 AddressFamilyBoolean
*dhcp
= data
, s
;
675 /* Note that this is mostly like
676 * config_parse_address_family_boolean(), except that it
677 * understands some old names for the enum values */
679 s
= address_family_boolean_from_string(rvalue
);
682 /* Previously, we had a slightly different enum here,
683 * support its values for compatbility. */
685 if (streq(rvalue
, "none"))
686 s
= ADDRESS_FAMILY_NO
;
687 else if (streq(rvalue
, "v4"))
688 s
= ADDRESS_FAMILY_IPV4
;
689 else if (streq(rvalue
, "v6"))
690 s
= ADDRESS_FAMILY_IPV6
;
691 else if (streq(rvalue
, "both"))
692 s
= ADDRESS_FAMILY_YES
;
694 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse DHCP option, ignoring: %s", rvalue
);
703 static const char* const dhcp_client_identifier_table
[_DHCP_CLIENT_ID_MAX
] = {
704 [DHCP_CLIENT_ID_MAC
] = "mac",
705 [DHCP_CLIENT_ID_DUID
] = "duid"
708 DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING(dhcp_client_identifier
, DCHPClientIdentifier
);
709 DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_client_identifier
, dhcp_client_identifier
, DCHPClientIdentifier
, "Failed to parse client identifier type");
711 int config_parse_ipv6token(
713 const char *filename
,
716 unsigned section_line
,
723 union in_addr_union buffer
;
724 struct in6_addr
*token
= data
;
732 r
= in_addr_from_string(AF_INET6
, rvalue
, &buffer
);
734 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse IPv6 token, ignoring: %s", rvalue
);
738 r
= in_addr_is_null(AF_INET6
, &buffer
);
740 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "IPv6 token can not be the ANY address, ignoring: %s", rvalue
);
744 if ((buffer
.in6
.s6_addr32
[0] | buffer
.in6
.s6_addr32
[1]) != 0) {
745 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "IPv6 token can not be longer than 64 bits, ignoring: %s", rvalue
);
754 static const char* const ipv6_privacy_extensions_table
[_IPV6_PRIVACY_EXTENSIONS_MAX
] = {
755 [IPV6_PRIVACY_EXTENSIONS_NO
] = "no",
756 [IPV6_PRIVACY_EXTENSIONS_PREFER_PUBLIC
] = "prefer-public",
757 [IPV6_PRIVACY_EXTENSIONS_YES
] = "yes",
760 DEFINE_STRING_TABLE_LOOKUP(ipv6_privacy_extensions
, IPv6PrivacyExtensions
);
762 int config_parse_ipv6_privacy_extensions(
764 const char *filename
,
767 unsigned section_line
,
774 IPv6PrivacyExtensions
*ipv6_privacy_extensions
= data
;
780 assert(ipv6_privacy_extensions
);
782 /* Our enum shall be a superset of booleans, hence first try
783 * to parse as boolean, and then as enum */
785 k
= parse_boolean(rvalue
);
787 *ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_YES
;
789 *ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_NO
;
791 IPv6PrivacyExtensions s
;
793 s
= ipv6_privacy_extensions_from_string(rvalue
);
796 if (streq(rvalue
, "kernel"))
797 s
= _IPV6_PRIVACY_EXTENSIONS_INVALID
;
799 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse IPv6 privacy extensions option, ignoring: %s", rvalue
);
804 *ipv6_privacy_extensions
= s
;
810 int config_parse_hostname(
812 const char *filename
,
815 unsigned section_line
,
822 char **hostname
= data
, *hn
= NULL
;
829 r
= config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, &hn
, userdata
);
833 if (!hostname_is_valid(hn
, false)) {
834 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Hostname is not valid, ignoring assignment: %s", rvalue
);
840 *hostname
= hostname_cleanup(hn
);
844 int config_parse_timezone(
846 const char *filename
,
849 unsigned section_line
,
856 char **datap
= data
, *tz
= NULL
;
863 r
= config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, &tz
, userdata
);
867 if (!timezone_is_valid(tz
)) {
868 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Timezone is not valid, ignoring assignment: %s", rvalue
);
879 int config_parse_dhcp_server_dns(
881 const char *filename
,
884 unsigned section_line
,
892 const char *p
= rvalue
;
900 _cleanup_free_
char *w
= NULL
;
901 struct in_addr a
, *m
;
903 r
= extract_first_word(&p
, &w
, NULL
, 0);
905 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract word, ignoring: %s", rvalue
);
912 if (inet_pton(AF_INET
, w
, &a
) <= 0) {
913 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse DNS server address, ignoring: %s", w
);
917 m
= realloc(n
->dhcp_server_dns
, (n
->n_dhcp_server_dns
+ 1) * sizeof(struct in_addr
));
921 m
[n
->n_dhcp_server_dns
++] = a
;
922 n
->dhcp_server_dns
= m
;
926 int config_parse_dhcp_server_ntp(
928 const char *filename
,
931 unsigned section_line
,
939 const char *p
= rvalue
;
947 _cleanup_free_
char *w
= NULL
;
948 struct in_addr a
, *m
;
950 r
= extract_first_word(&p
, &w
, NULL
, 0);
952 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract word, ignoring: %s", rvalue
);
959 if (inet_pton(AF_INET
, w
, &a
) <= 0) {
960 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse NTP server address, ignoring: %s", w
);
964 m
= realloc(n
->dhcp_server_ntp
, (n
->n_dhcp_server_ntp
+ 1) * sizeof(struct in_addr
));
968 m
[n
->n_dhcp_server_ntp
++] = a
;
969 n
->dhcp_server_ntp
= m
;
973 int config_parse_dnssec_negative_trust_anchors(
975 const char *filename
,
978 unsigned section_line
,
985 const char *p
= rvalue
;
993 if (isempty(rvalue
)) {
994 n
->dnssec_negative_trust_anchors
= set_free_free(n
->dnssec_negative_trust_anchors
);
999 _cleanup_free_
char *w
= NULL
;
1001 r
= extract_first_word(&p
, &w
, NULL
, 0);
1003 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract negative trust anchor domain, ignoring: %s", rvalue
);
1009 r
= dns_name_is_valid(w
);
1011 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "%s is not a valid domain name, ignoring.", w
);
1015 r
= set_ensure_allocated(&n
->dnssec_negative_trust_anchors
, &dns_name_hash_ops
);
1019 r
= set_put(n
->dnssec_negative_trust_anchors
, w
);
1029 DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_use_domains
, dhcp_use_domains
, DHCPUseDomains
, "Failed to parse DHCP use domains setting");
1031 static const char* const dhcp_use_domains_table
[_DHCP_USE_DOMAINS_MAX
] = {
1032 [DHCP_USE_DOMAINS_NO
] = "no",
1033 [DHCP_USE_DOMAINS_ROUTE
] = "route",
1034 [DHCP_USE_DOMAINS_YES
] = "yes",
1037 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dhcp_use_domains
, DHCPUseDomains
, DHCP_USE_DOMAINS_YES
);
1039 DEFINE_CONFIG_PARSE_ENUM(config_parse_lldp_mode
, lldp_mode
, LLDPMode
, "Failed to parse LLDP= setting.");
1041 static const char* const lldp_mode_table
[_LLDP_MODE_MAX
] = {
1042 [LLDP_MODE_NO
] = "no",
1043 [LLDP_MODE_YES
] = "yes",
1044 [LLDP_MODE_ROUTERS_ONLY
] = "routers-only",
1047 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(lldp_mode
, LLDPMode
, LLDP_MODE_YES
);