2 This file is part of systemd.
4 Copyright 2013 Tom Gundersen <teg@jklm.no>
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include "alloc-util.h"
24 #include "conf-files.h"
25 #include "conf-parser.h"
26 #include "dns-domain.h"
28 #include "hostname-util.h"
29 #include "network-internal.h"
30 #include "networkd-network.h"
32 #include "parse-util.h"
34 #include "stat-util.h"
35 #include "string-table.h"
36 #include "string-util.h"
39 static int network_load_one(Manager
*manager
, const char *filename
) {
40 _cleanup_network_free_ Network
*network
= NULL
;
41 _cleanup_fclose_
FILE *file
= NULL
;
50 file
= fopen(filename
, "re");
58 if (null_or_empty_fd(fileno(file
))) {
59 log_debug("Skipping empty file: %s", filename
);
63 network
= new0(Network
, 1);
67 network
->manager
= manager
;
69 LIST_HEAD_INIT(network
->static_addresses
);
70 LIST_HEAD_INIT(network
->static_routes
);
71 LIST_HEAD_INIT(network
->static_fdb_entries
);
73 network
->stacked_netdevs
= hashmap_new(&string_hash_ops
);
74 if (!network
->stacked_netdevs
)
77 network
->addresses_by_section
= hashmap_new(NULL
);
78 if (!network
->addresses_by_section
)
81 network
->routes_by_section
= hashmap_new(NULL
);
82 if (!network
->routes_by_section
)
85 network
->fdb_entries_by_section
= hashmap_new(NULL
);
86 if (!network
->fdb_entries_by_section
)
89 network
->filename
= strdup(filename
);
90 if (!network
->filename
)
93 network
->name
= strdup(basename(filename
));
97 d
= strrchr(network
->name
, '.');
101 assert(streq(d
, ".network"));
105 network
->dhcp
= ADDRESS_FAMILY_NO
;
106 network
->dhcp_use_ntp
= true;
107 network
->dhcp_use_dns
= true;
108 network
->dhcp_use_hostname
= true;
109 network
->dhcp_use_routes
= true;
110 network
->dhcp_send_hostname
= true;
111 network
->dhcp_route_metric
= DHCP_ROUTE_METRIC
;
112 network
->dhcp_client_identifier
= DHCP_CLIENT_ID_DUID
;
114 network
->dhcp_server_emit_dns
= true;
115 network
->dhcp_server_emit_ntp
= true;
116 network
->dhcp_server_emit_router
= true;
117 network
->dhcp_server_emit_timezone
= true;
119 network
->use_bpdu
= true;
120 network
->allow_port_to_be_root
= true;
121 network
->unicast_flood
= true;
123 network
->lldp_mode
= LLDP_MODE_ROUTERS_ONLY
;
125 network
->llmnr
= RESOLVE_SUPPORT_YES
;
126 network
->mdns
= RESOLVE_SUPPORT_NO
;
127 network
->dnssec_mode
= _DNSSEC_MODE_INVALID
;
129 network
->link_local
= ADDRESS_FAMILY_IPV6
;
131 network
->ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_NO
;
132 network
->ipv6_accept_ra
= -1;
133 network
->ipv6_dad_transmits
= -1;
134 network
->ipv6_hop_limit
= -1;
135 network
->duid
.type
= _DUID_TYPE_INVALID
;
136 network
->proxy_arp
= -1;
137 network
->ipv6_accept_ra_use_dns
= true;
139 r
= config_parse(NULL
, filename
, file
,
146 "DHCPv4\0" /* compat */
150 config_item_perf_lookup
, network_network_gperf_lookup
,
151 false, false, true, network
);
155 /* IPMasquerade=yes implies IPForward=yes */
156 if (network
->ip_masquerade
)
157 network
->ip_forward
|= ADDRESS_FAMILY_IPV4
;
159 LIST_PREPEND(networks
, manager
->networks
, network
);
161 r
= hashmap_ensure_allocated(&manager
->networks_by_name
, &string_hash_ops
);
165 r
= hashmap_put(manager
->networks_by_name
, network
->name
, network
);
169 LIST_FOREACH(routes
, route
, network
->static_routes
) {
170 if (!route
->family
) {
171 log_warning("Route section without Gateway field configured in %s. "
172 "Ignoring", filename
);
177 LIST_FOREACH(addresses
, address
, network
->static_addresses
) {
178 if (!address
->family
) {
179 log_warning("Address section without Address field configured in %s. "
180 "Ignoring", filename
);
190 int network_load(Manager
*manager
) {
192 _cleanup_strv_free_
char **files
= NULL
;
198 while ((network
= manager
->networks
))
199 network_free(network
);
201 r
= conf_files_list_strv(&files
, ".network", NULL
, network_dirs
);
203 return log_error_errno(r
, "Failed to enumerate network files: %m");
205 STRV_FOREACH_BACKWARDS(f
, files
) {
206 r
= network_load_one(manager
, *f
);
214 void network_free(Network
*network
) {
224 free(network
->filename
);
226 free(network
->match_mac
);
227 strv_free(network
->match_path
);
228 strv_free(network
->match_driver
);
229 strv_free(network
->match_type
);
230 strv_free(network
->match_name
);
232 free(network
->description
);
233 free(network
->dhcp_vendor_class_identifier
);
234 free(network
->dhcp_hostname
);
238 strv_free(network
->ntp
);
239 strv_free(network
->dns
);
240 strv_free(network
->search_domains
);
241 strv_free(network
->route_domains
);
242 strv_free(network
->bind_carrier
);
244 netdev_unref(network
->bridge
);
246 netdev_unref(network
->bond
);
248 HASHMAP_FOREACH(netdev
, network
->stacked_netdevs
, i
) {
249 hashmap_remove(network
->stacked_netdevs
, netdev
->ifname
);
250 netdev_unref(netdev
);
252 hashmap_free(network
->stacked_netdevs
);
254 while ((route
= network
->static_routes
))
257 while ((address
= network
->static_addresses
))
258 address_free(address
);
260 while ((fdb_entry
= network
->static_fdb_entries
))
261 fdb_entry_free(fdb_entry
);
263 hashmap_free(network
->addresses_by_section
);
264 hashmap_free(network
->routes_by_section
);
265 hashmap_free(network
->fdb_entries_by_section
);
267 if (network
->manager
) {
268 if (network
->manager
->networks
)
269 LIST_REMOVE(networks
, network
->manager
->networks
, network
);
271 if (network
->manager
->networks_by_name
)
272 hashmap_remove(network
->manager
->networks_by_name
, network
->name
);
277 condition_free_list(network
->match_host
);
278 condition_free_list(network
->match_virt
);
279 condition_free_list(network
->match_kernel
);
280 condition_free_list(network
->match_arch
);
282 free(network
->dhcp_server_timezone
);
283 free(network
->dhcp_server_dns
);
284 free(network
->dhcp_server_ntp
);
286 set_free_free(network
->dnssec_negative_trust_anchors
);
291 int network_get_by_name(Manager
*manager
, const char *name
, Network
**ret
) {
298 network
= hashmap_get(manager
->networks_by_name
, name
);
307 int network_get(Manager
*manager
, struct udev_device
*device
,
308 const char *ifname
, const struct ether_addr
*address
,
311 struct udev_device
*parent
;
312 const char *path
= NULL
, *parent_driver
= NULL
, *driver
= NULL
, *devtype
= NULL
;
318 path
= udev_device_get_property_value(device
, "ID_PATH");
320 parent
= udev_device_get_parent(device
);
322 parent_driver
= udev_device_get_driver(parent
);
324 driver
= udev_device_get_property_value(device
, "ID_NET_DRIVER");
326 devtype
= udev_device_get_devtype(device
);
329 LIST_FOREACH(networks
, network
, manager
->networks
) {
330 if (net_match_config(network
->match_mac
, network
->match_path
,
331 network
->match_driver
, network
->match_type
,
332 network
->match_name
, network
->match_host
,
333 network
->match_virt
, network
->match_kernel
,
335 address
, path
, parent_driver
, driver
,
337 if (network
->match_name
&& device
) {
339 uint8_t name_assign_type
= NET_NAME_UNKNOWN
;
341 attr
= udev_device_get_sysattr_value(device
, "name_assign_type");
343 (void) safe_atou8(attr
, &name_assign_type
);
345 if (name_assign_type
== NET_NAME_ENUM
)
346 log_warning("%s: found matching network '%s', based on potentially unpredictable ifname",
347 ifname
, network
->filename
);
349 log_debug("%s: found matching network '%s'", ifname
, network
->filename
);
351 log_debug("%s: found matching network '%s'", ifname
, network
->filename
);
363 int network_apply(Manager
*manager
, Network
*network
, Link
*link
) {
370 link
->network
= network
;
372 if (network
->ipv4ll_route
) {
375 r
= route_new_static(network
, 0, &route
);
379 r
= inet_pton(AF_INET
, "169.254.0.0", &route
->dst
.in
);
385 route
->family
= AF_INET
;
386 route
->dst_prefixlen
= 16;
387 route
->scope
= RT_SCOPE_LINK
;
388 route
->priority
= IPV4LL_ROUTE_METRIC
;
389 route
->protocol
= RTPROT_STATIC
;
392 if (!strv_isempty(network
->dns
) ||
393 !strv_isempty(network
->ntp
) ||
394 !strv_isempty(network
->search_domains
) ||
395 !strv_isempty(network
->route_domains
)) {
396 manager_dirty(manager
);
403 bool network_has_static_ipv6_addresses(Network
*network
) {
408 LIST_FOREACH(addresses
, address
, network
->static_addresses
) {
409 if (address
->family
== AF_INET6
)
416 int config_parse_netdev(const char *unit
,
417 const char *filename
,
420 unsigned section_line
,
426 Network
*network
= userdata
;
427 _cleanup_free_
char *kind_string
= NULL
;
438 kind_string
= strdup(lvalue
);
442 /* the keys are CamelCase versions of the kind */
443 for (p
= kind_string
; *p
; p
++)
446 kind
= netdev_kind_from_string(kind_string
);
447 if (kind
== _NETDEV_KIND_INVALID
) {
448 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid NetDev kind: %s", lvalue
);
452 r
= netdev_get(network
->manager
, rvalue
, &netdev
);
454 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "%s could not be found, ignoring assignment: %s", lvalue
, rvalue
);
458 if (netdev
->kind
!= kind
) {
459 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "NetDev is not a %s, ignoring assignment: %s", lvalue
, rvalue
);
464 case NETDEV_KIND_BRIDGE
:
465 network
->bridge
= netdev
;
468 case NETDEV_KIND_BOND
:
469 network
->bond
= netdev
;
472 case NETDEV_KIND_VLAN
:
473 case NETDEV_KIND_MACVLAN
:
474 case NETDEV_KIND_MACVTAP
:
475 case NETDEV_KIND_IPVLAN
:
476 case NETDEV_KIND_VXLAN
:
477 r
= hashmap_put(network
->stacked_netdevs
, netdev
->ifname
, netdev
);
479 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Can not add VLAN '%s' to network: %m", rvalue
);
485 assert_not_reached("Can not parse NetDev");
493 int config_parse_domains(
495 const char *filename
,
498 unsigned section_line
,
513 if (isempty(rvalue
)) {
514 n
->search_domains
= strv_free(n
->search_domains
);
515 n
->route_domains
= strv_free(n
->route_domains
);
521 _cleanup_free_
char *w
= NULL
, *normalized
= NULL
;
525 r
= extract_first_word(&p
, &w
, NULL
, 0);
527 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract search or route domain, ignoring: %s", rvalue
);
533 is_route
= w
[0] == '~';
534 domain
= is_route
? w
+ 1 : w
;
536 if (dns_name_is_root(domain
) || streq(domain
, "*")) {
537 /* If the root domain appears as is, or the special token "*" is found, we'll consider this as
538 * routing domain, unconditionally. */
540 domain
= "."; /* make sure we don't allow empty strings, thus write the root domain as "." */
543 r
= dns_name_normalize(domain
, &normalized
);
545 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "'%s' is not a valid domain name, ignoring.", domain
);
551 if (is_localhost(domain
)) {
552 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "'localhost' domain names may not be configure as search or route domains, ignoring assignment: %s", domain
);
558 r
= strv_extend(&n
->route_domains
, domain
);
563 r
= strv_extend(&n
->search_domains
, domain
);
569 strv_uniq(n
->route_domains
);
570 strv_uniq(n
->search_domains
);
575 int config_parse_tunnel(const char *unit
,
576 const char *filename
,
579 unsigned section_line
,
585 Network
*network
= userdata
;
594 r
= netdev_get(network
->manager
, rvalue
, &netdev
);
596 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Tunnel is invalid, ignoring assignment: %s", rvalue
);
600 if (netdev
->kind
!= NETDEV_KIND_IPIP
&&
601 netdev
->kind
!= NETDEV_KIND_SIT
&&
602 netdev
->kind
!= NETDEV_KIND_GRE
&&
603 netdev
->kind
!= NETDEV_KIND_GRETAP
&&
604 netdev
->kind
!= NETDEV_KIND_IP6GRE
&&
605 netdev
->kind
!= NETDEV_KIND_IP6GRETAP
&&
606 netdev
->kind
!= NETDEV_KIND_VTI
&&
607 netdev
->kind
!= NETDEV_KIND_VTI6
&&
608 netdev
->kind
!= NETDEV_KIND_IP6TNL
610 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
611 "NetDev is not a tunnel, ignoring assignment: %s", rvalue
);
615 r
= hashmap_put(network
->stacked_netdevs
, netdev
->ifname
, netdev
);
617 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Cannot add VLAN '%s' to network, ignoring: %m", rvalue
);
626 int config_parse_ipv4ll(
628 const char *filename
,
631 unsigned section_line
,
638 AddressFamilyBoolean
*link_local
= data
;
645 /* Note that this is mostly like
646 * config_parse_address_family_boolean(), except that it
647 * applies only to IPv4 */
649 SET_FLAG(*link_local
, ADDRESS_FAMILY_IPV4
, parse_boolean(rvalue
));
654 int config_parse_dhcp(
656 const char *filename
,
659 unsigned section_line
,
666 AddressFamilyBoolean
*dhcp
= data
, s
;
673 /* Note that this is mostly like
674 * config_parse_address_family_boolean(), except that it
675 * understands some old names for the enum values */
677 s
= address_family_boolean_from_string(rvalue
);
680 /* Previously, we had a slightly different enum here,
681 * support its values for compatbility. */
683 if (streq(rvalue
, "none"))
684 s
= ADDRESS_FAMILY_NO
;
685 else if (streq(rvalue
, "v4"))
686 s
= ADDRESS_FAMILY_IPV4
;
687 else if (streq(rvalue
, "v6"))
688 s
= ADDRESS_FAMILY_IPV6
;
689 else if (streq(rvalue
, "both"))
690 s
= ADDRESS_FAMILY_YES
;
692 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse DHCP option, ignoring: %s", rvalue
);
701 static const char* const dhcp_client_identifier_table
[_DHCP_CLIENT_ID_MAX
] = {
702 [DHCP_CLIENT_ID_MAC
] = "mac",
703 [DHCP_CLIENT_ID_DUID
] = "duid"
706 DEFINE_PRIVATE_STRING_TABLE_LOOKUP_FROM_STRING(dhcp_client_identifier
, DCHPClientIdentifier
);
707 DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_client_identifier
, dhcp_client_identifier
, DCHPClientIdentifier
, "Failed to parse client identifier type");
709 int config_parse_ipv6token(
711 const char *filename
,
714 unsigned section_line
,
721 union in_addr_union buffer
;
722 struct in6_addr
*token
= data
;
730 r
= in_addr_from_string(AF_INET6
, rvalue
, &buffer
);
732 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse IPv6 token, ignoring: %s", rvalue
);
736 r
= in_addr_is_null(AF_INET6
, &buffer
);
738 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "IPv6 token can not be the ANY address, ignoring: %s", rvalue
);
742 if ((buffer
.in6
.s6_addr32
[0] | buffer
.in6
.s6_addr32
[1]) != 0) {
743 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "IPv6 token can not be longer than 64 bits, ignoring: %s", rvalue
);
752 static const char* const ipv6_privacy_extensions_table
[_IPV6_PRIVACY_EXTENSIONS_MAX
] = {
753 [IPV6_PRIVACY_EXTENSIONS_NO
] = "no",
754 [IPV6_PRIVACY_EXTENSIONS_PREFER_PUBLIC
] = "prefer-public",
755 [IPV6_PRIVACY_EXTENSIONS_YES
] = "yes",
758 DEFINE_STRING_TABLE_LOOKUP(ipv6_privacy_extensions
, IPv6PrivacyExtensions
);
760 int config_parse_ipv6_privacy_extensions(
762 const char *filename
,
765 unsigned section_line
,
772 IPv6PrivacyExtensions
*ipv6_privacy_extensions
= data
;
778 assert(ipv6_privacy_extensions
);
780 /* Our enum shall be a superset of booleans, hence first try
781 * to parse as boolean, and then as enum */
783 k
= parse_boolean(rvalue
);
785 *ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_YES
;
787 *ipv6_privacy_extensions
= IPV6_PRIVACY_EXTENSIONS_NO
;
789 IPv6PrivacyExtensions s
;
791 s
= ipv6_privacy_extensions_from_string(rvalue
);
794 if (streq(rvalue
, "kernel"))
795 s
= _IPV6_PRIVACY_EXTENSIONS_INVALID
;
797 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse IPv6 privacy extensions option, ignoring: %s", rvalue
);
802 *ipv6_privacy_extensions
= s
;
808 int config_parse_hostname(
810 const char *filename
,
813 unsigned section_line
,
820 char **hostname
= data
, *hn
= NULL
;
827 r
= config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, &hn
, userdata
);
831 if (!hostname_is_valid(hn
, false)) {
832 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Hostname is not valid, ignoring assignment: %s", rvalue
);
838 *hostname
= hostname_cleanup(hn
);
842 int config_parse_timezone(
844 const char *filename
,
847 unsigned section_line
,
854 char **datap
= data
, *tz
= NULL
;
861 r
= config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, &tz
, userdata
);
865 if (!timezone_is_valid(tz
)) {
866 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Timezone is not valid, ignoring assignment: %s", rvalue
);
877 int config_parse_dhcp_server_dns(
879 const char *filename
,
882 unsigned section_line
,
890 const char *p
= rvalue
;
898 _cleanup_free_
char *w
= NULL
;
899 struct in_addr a
, *m
;
901 r
= extract_first_word(&p
, &w
, NULL
, 0);
903 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract word, ignoring: %s", rvalue
);
910 if (inet_pton(AF_INET
, w
, &a
) <= 0) {
911 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse DNS server address, ignoring: %s", w
);
915 m
= realloc(n
->dhcp_server_dns
, (n
->n_dhcp_server_dns
+ 1) * sizeof(struct in_addr
));
919 m
[n
->n_dhcp_server_dns
++] = a
;
920 n
->dhcp_server_dns
= m
;
924 int config_parse_dhcp_server_ntp(
926 const char *filename
,
929 unsigned section_line
,
937 const char *p
= rvalue
;
945 _cleanup_free_
char *w
= NULL
;
946 struct in_addr a
, *m
;
948 r
= extract_first_word(&p
, &w
, NULL
, 0);
950 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract word, ignoring: %s", rvalue
);
957 if (inet_pton(AF_INET
, w
, &a
) <= 0) {
958 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse NTP server address, ignoring: %s", w
);
962 m
= realloc(n
->dhcp_server_ntp
, (n
->n_dhcp_server_ntp
+ 1) * sizeof(struct in_addr
));
966 m
[n
->n_dhcp_server_ntp
++] = a
;
967 n
->dhcp_server_ntp
= m
;
971 int config_parse_dnssec_negative_trust_anchors(
973 const char *filename
,
976 unsigned section_line
,
983 const char *p
= rvalue
;
991 if (isempty(rvalue
)) {
992 n
->dnssec_negative_trust_anchors
= set_free_free(n
->dnssec_negative_trust_anchors
);
997 _cleanup_free_
char *w
= NULL
;
999 r
= extract_first_word(&p
, &w
, NULL
, 0);
1001 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract negative trust anchor domain, ignoring: %s", rvalue
);
1007 r
= dns_name_is_valid(w
);
1009 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "%s is not a valid domain name, ignoring.", w
);
1013 r
= set_ensure_allocated(&n
->dnssec_negative_trust_anchors
, &dns_name_hash_ops
);
1017 r
= set_put(n
->dnssec_negative_trust_anchors
, w
);
1027 DEFINE_CONFIG_PARSE_ENUM(config_parse_dhcp_use_domains
, dhcp_use_domains
, DHCPUseDomains
, "Failed to parse DHCP use domains setting");
1029 static const char* const dhcp_use_domains_table
[_DHCP_USE_DOMAINS_MAX
] = {
1030 [DHCP_USE_DOMAINS_NO
] = "no",
1031 [DHCP_USE_DOMAINS_ROUTE
] = "route",
1032 [DHCP_USE_DOMAINS_YES
] = "yes",
1035 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(dhcp_use_domains
, DHCPUseDomains
, DHCP_USE_DOMAINS_YES
);
1037 DEFINE_CONFIG_PARSE_ENUM(config_parse_lldp_mode
, lldp_mode
, LLDPMode
, "Failed to parse LLDP= setting.");
1039 static const char* const lldp_mode_table
[_LLDP_MODE_MAX
] = {
1040 [LLDP_MODE_NO
] = "no",
1041 [LLDP_MODE_YES
] = "yes",
1042 [LLDP_MODE_ROUTERS_ONLY
] = "routers-only",
1045 DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN(lldp_mode
, LLDPMode
, LLDP_MODE_YES
);