networkd: Add IPv4SrcValidMark= support

author ssahani <ssahani@gmail.com>

Fri, 27 Mar 2026 03:49:44 +0000 (09:19 +0530)

committer Susant Sahani <ssahani@redhat.com>

Fri, 27 Mar 2026 03:52:06 +0000 (09:22 +0530)
author ssahani <ssahani@gmail.com>
Fri, 27 Mar 2026 03:49:44 +0000 (09:19 +0530)
committer Susant Sahani <ssahani@redhat.com>
Fri, 27 Mar 2026 03:52:06 +0000 (09:22 +0530)
diff --git a/src/network/networkd-network-gperf.gperf b/src/network/networkd-network-gperf.gperf

index f1049cc7cc260f75aa942d70b396bdf261e0049e..aaf974e312d677e8cffc867cd16e63f2ab90bf68 100644 (file)
--- a/src/network/networkd-network-gperf.gperf
+++ b/src/network/networkd-network-gperf.gperf
@@ -168,6 +168,7 @@ Network.IPv6ProxyNDP,                            config_parse_tristate,
  Network.IPv6MTUBytes,                            config_parse_mtu,                               AF_INET6,                               offsetof(Network, ipv6_mtu)
  Network.IPv4AcceptLocal,                         config_parse_tristate,                          0,                                      offsetof(Network, ipv4_accept_local)
  Network.IPv4RouteLocalnet,                       config_parse_tristate,                          0,                                      offsetof(Network, ipv4_route_localnet)
+Network.IPv4SrcValidMark,                        config_parse_tristate,                          0,                                      offsetof(Network, ipv4_src_valid_mark)
  Network.ActiveSlave,                             config_parse_bool,                              0,                                      offsetof(Network, active_slave)
  Network.PrimarySlave,                            config_parse_bool,                              0,                                      offsetof(Network, primary_slave)
  Network.IPv4ProxyARP,                            config_parse_tristate,                          0,                                      offsetof(Network, proxy_arp)
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c

index 1e159fa31027d1ba08f48ec09524fb519256a492..3ffe1640e767bbb7e42f74191c836d3597d373b5 100644 (file)
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -479,6 +479,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
                  .ip_forwarding = { -1, -1, },
                  .ipv4_accept_local = -1,
                  .ipv4_route_localnet = -1,
+                .ipv4_src_valid_mark = -1,
                  .ipv6_privacy_extensions = _IPV6_PRIVACY_EXTENSIONS_INVALID,
                  .ipv6_dad_transmits = -1,
                  .ipv6_proxy_ndp = -1,
diff --git a/src/network/networkd-network.h b/src/network/networkd-network.h

index 923828b2ea1e9b1a69ccb4f92c3b394b2475581f..9a36c312f89200db14dcde29e01764b70d3e87c1 100644 (file)
--- a/src/network/networkd-network.h
+++ b/src/network/networkd-network.h
@@ -332,6 +332,7 @@ typedef struct Network {
          int ip_forwarding[2];
          int ipv4_accept_local;
          int ipv4_route_localnet;
+        int ipv4_src_valid_mark;
          int ipv6_dad_transmits;
          uint8_t ipv6_hop_limit;
          usec_t ipv6_retransmission_time;
diff --git a/src/network/networkd-sysctl.c b/src/network/networkd-sysctl.c

index 914fbccd09bf9840f7d4ead748e9e0ced377eb76..8946f369607051cfb795baf9d0ff5be288bee097 100644 (file)
--- a/src/network/networkd-sysctl.c
+++ b/src/network/networkd-sysctl.c
@@ -662,6 +662,19 @@ static int link_set_ipv4_route_localnet(Link *link) {
          return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "route_localnet", link->network->ipv4_route_localnet > 0, manager_get_sysctl_shadow(link->manager));
  }
  
+static int link_set_ipv4_src_valid_mark(Link *link) {
+        assert(link);
+        assert(link->manager);
+
+        if (!link_is_configured_for_family(link, AF_INET))
+                return 0;
+
+        if (link->network->ipv4_src_valid_mark < 0)
+                return 0;
+
+        return sysctl_write_ip_property_boolean(AF_INET, link->ifname, "src_valid_mark", link->network->ipv4_src_valid_mark > 0, manager_get_sysctl_shadow(link->manager));
+}
+
  static int link_set_ipv4_promote_secondaries(Link *link) {
          assert(link);
          assert(link->manager);
@@ -750,6 +763,10 @@ int link_set_sysctl(Link *link) {
          if (r < 0)
                  log_link_warning_errno(link, r, "Cannot set IPv4 route_localnet flag for interface, ignoring: %m");
  
+        r = link_set_ipv4_src_valid_mark(link);
+        if (r < 0)
+                log_link_warning_errno(link, r, "Cannot set IPv4 src_valid_mark flag for interface, ignoring: %m");
+
          r = link_set_ipv4_rp_filter(link);
          if (r < 0)
                  log_link_warning_errno(link, r, "Cannot set IPv4 reverse path filtering for interface, ignoring: %m");
author	ssahani <ssahani@gmail.com>
	Fri, 27 Mar 2026 03:49:44 +0000 (09:19 +0530)
committer	Susant Sahani <ssahani@redhat.com>
	Fri, 27 Mar 2026 03:52:06 +0000 (09:22 +0530)
src/network/networkd-network-gperf.gperf		patch \| blob \| blame \| history
src/network/networkd-network.c		patch \| blob \| blame \| history
src/network/networkd-network.h		patch \| blob \| blame \| history
src/network/networkd-sysctl.c		patch \| blob \| blame \| history