macvlan: add 'passthru' mode

In setup where we want to sniff with an IDS from inside a container
we can use the 'passthru' mode of macvlan. This was not accessible
from the config and this patch fixes the issue.

Signed-off-by: Eric Leblond <eric@regit.org>

diff --git a/src/lxc/conf.h b/src/lxc/conf.h
index 48f7fa25303c6f74c3bdc2114a9763464f2d6d0f..aca882c3cb673d92a7fa404f99e97189be01cc83 100644 (file)
--- a/src/lxc/conf.h
+++ b/src/lxc/conf.h
@@ -100,7 +100,7 @@ struct ifla_vlan {
 };
 
 struct ifla_macvlan {
-       int mode; /* private, vepa, bridge */
+       int mode; /* private, vepa, bridge, passthru */
 };
 
 union netdev_p {

diff --git a/src/lxc/confile.c b/src/lxc/confile.c
index 7e8b6a2d7984908acf89f1d2b75724b3d2904899..57347351e531cac441d46a06b74ac84ea0e7838b 100644 (file)
--- a/src/lxc/confile.c
+++ b/src/lxc/confile.c
@@ -517,6 +517,10 @@ static int network_ifname(char **valuep, const char *value)
 #  define MACVLAN_MODE_BRIDGE 4
 #endif
 
+#ifndef MACVLAN_MODE_PASSTHRU
+#  define MACVLAN_MODE_PASSTHRU 8
+#endif
+
 static int macvlan_mode(int *valuep, const char *value)
 {
        struct mc_mode {
@@ -526,6 +530,7 @@ static int macvlan_mode(int *valuep, const char *value)
                { "private", MACVLAN_MODE_PRIVATE },
                { "vepa", MACVLAN_MODE_VEPA },
                { "bridge", MACVLAN_MODE_BRIDGE },
+               { "passthru", MACVLAN_MODE_PASSTHRU },
        };
 
        int i;
@@ -2286,6 +2291,7 @@ static int lxc_get_item_nic(struct lxc_conf *c, char *retv, int inlen,
                        case MACVLAN_MODE_PRIVATE: mode = "private"; break;
                        case MACVLAN_MODE_VEPA: mode = "vepa"; break;
                        case MACVLAN_MODE_BRIDGE: mode = "bridge"; break;
+                       case MACVLAN_MODE_PASSTHRU: mode = "passthru"; break;
                        default: mode = "(invalid)"; break;
                        }
                        strprint(retv, inlen, "%s", mode);