You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
227 lines
7.0 KiB
227 lines
7.0 KiB
From 687b84414f8ecee51785e600ba58f7e2cfd40767 Mon Sep 17 00:00:00 2001 |
|
From: Lubomir Rintel <lkundrak@v3.sk> |
|
Date: Fri, 2 Feb 2018 17:07:06 +0100 |
|
Subject: [PATCH] Revert "device: apply a loose IPv4 rp_filter when it would |
|
interfere with multihoming" |
|
|
|
Don't touch it until we're sure we're doing the right thing. |
|
https://bugzilla.redhat.com/show_bug.cgi?id=1492472 |
|
|
|
This reverts commit cae3cef60fe6b37929e69d103663882274ad46bc. |
|
--- |
|
src/devices/nm-device.c | 172 ------------------------------------------------ |
|
1 file changed, 172 deletions(-) |
|
|
|
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c |
|
index b3b31ea..fe280df 100644 |
|
--- a/src/devices/nm-device.c |
|
+++ b/src/devices/nm-device.c |
|
@@ -379,9 +379,6 @@ typedef struct _NMDevicePrivate { |
|
NMIP4Config * wwan_ip4_config; /* WWAN configuration */ |
|
GSList * vpn4_configs; /* VPNs which use this device */ |
|
|
|
- bool v4_has_shadowed_routes; |
|
- const char *ip4_rp_filter; |
|
- |
|
/* DHCPv4 tracking */ |
|
struct { |
|
NMDhcpClient * client; |
|
@@ -851,47 +848,6 @@ init_ip6_config_dns_priority (NMDevice *self, NMIP6Config *config) |
|
|
|
/*****************************************************************************/ |
|
|
|
-static gboolean |
|
-nm_device_ipv4_sysctl_set (NMDevice *self, const char *property, const char *value) |
|
-{ |
|
- NMPlatform *platform = nm_device_get_platform (self); |
|
- gs_free char *value_to_free = NULL; |
|
- const char *value_to_set; |
|
- char buf[NM_UTILS_SYSCTL_IP_CONF_PATH_BUFSIZE]; |
|
- |
|
- if (!nm_device_get_ip_ifindex (self)) |
|
- return FALSE; |
|
- |
|
- if (value) { |
|
- value_to_set = value; |
|
- } else { |
|
- /* Set to a default value when we've got a NULL @value. */ |
|
- value_to_free = nm_platform_sysctl_get (platform, |
|
- NMP_SYSCTL_PATHID_ABSOLUTE (nm_utils_sysctl_ip_conf_path (AF_INET, buf, "default", property))); |
|
- value_to_set = value_to_free; |
|
- } |
|
- |
|
- return nm_platform_sysctl_set (platform, |
|
- NMP_SYSCTL_PATHID_ABSOLUTE (nm_utils_sysctl_ip_conf_path (AF_INET, buf, nm_device_get_ip_iface (self), property)), |
|
- value_to_set); |
|
-} |
|
- |
|
-static guint32 |
|
-nm_device_ipv4_sysctl_get_uint32 (NMDevice *self, const char *property, guint32 fallback) |
|
-{ |
|
- char buf[NM_UTILS_SYSCTL_IP_CONF_PATH_BUFSIZE]; |
|
- |
|
- if (!nm_device_get_ip_ifindex (self)) |
|
- return fallback; |
|
- |
|
- return nm_platform_sysctl_get_int_checked (nm_device_get_platform (self), |
|
- NMP_SYSCTL_PATHID_ABSOLUTE (nm_utils_sysctl_ip_conf_path (AF_INET, buf, nm_device_get_ip_iface (self), property)), |
|
- 10, |
|
- 0, |
|
- G_MAXUINT32, |
|
- fallback); |
|
-} |
|
- |
|
gboolean |
|
nm_device_ipv6_sysctl_set (NMDevice *self, const char *property, const char *value) |
|
{ |
|
@@ -2876,126 +2832,6 @@ link_changed_cb (NMPlatform *platform, |
|
|
|
/*****************************************************************************/ |
|
|
|
-typedef struct { |
|
- in_addr_t network; |
|
- guint8 plen; |
|
-} IP4RPFilterData; |
|
- |
|
-static guint |
|
-_v4_has_shadowed_routes_detect_hash (const IP4RPFilterData *d) |
|
-{ |
|
- NMHashState h; |
|
- |
|
- nm_hash_init (&h, 1105201169u); |
|
- nm_hash_update_vals (&h, |
|
- d->network, |
|
- d->plen); |
|
- return nm_hash_complete (&h); |
|
-} |
|
- |
|
-static gboolean |
|
-_v4_has_shadowed_routes_detect_equal (const IP4RPFilterData *d1, const IP4RPFilterData *d2) |
|
-{ |
|
- return d1->network == d2->network && d1->plen == d2->plen; |
|
-} |
|
- |
|
-static gboolean |
|
-_v4_has_shadowed_routes_detect (NMDevice *self) |
|
-{ |
|
- NMPlatform *platform; |
|
- int ifindex; |
|
- NMPLookup lookup; |
|
- const NMDedupMultiHeadEntry *head_entry; |
|
- NMDedupMultiIter iter; |
|
- const NMPObject *o; |
|
- guint data_len; |
|
- gs_unref_hashtable GHashTable *data_hash = NULL; |
|
- gs_free IP4RPFilterData *data_arr = NULL; |
|
- |
|
- ifindex = nm_device_get_ip_ifindex (self); |
|
- if (ifindex <= 0) |
|
- return FALSE; |
|
- |
|
- platform = nm_device_get_platform (self); |
|
- |
|
- head_entry = nm_platform_lookup (platform, |
|
- nmp_lookup_init_object (&lookup, |
|
- NMP_OBJECT_TYPE_IP4_ROUTE, |
|
- ifindex)); |
|
- if (!head_entry) |
|
- return FALSE; |
|
- |
|
- /* first, create a lookup index @data_hash for all network/plen pairs. */ |
|
- data_len = 0; |
|
- data_arr = g_new (IP4RPFilterData, head_entry->len); |
|
- data_hash = g_hash_table_new ((GHashFunc) _v4_has_shadowed_routes_detect_hash, |
|
- (GEqualFunc) _v4_has_shadowed_routes_detect_equal); |
|
- |
|
- nmp_cache_iter_for_each (&iter, head_entry, &o) { |
|
- const NMPlatformIP4Route *r = NMP_OBJECT_CAST_IP4_ROUTE (o); |
|
- IP4RPFilterData *d; |
|
- |
|
- nm_assert (r->ifindex == ifindex); |
|
- |
|
- if ( NM_PLATFORM_IP_ROUTE_IS_DEFAULT (r) |
|
- || r->table_coerced) |
|
- continue; |
|
- |
|
- d = &data_arr[data_len++]; |
|
- d->network = nm_utils_ip4_address_clear_host_address (r->network, r->plen); |
|
- d->plen = r->plen; |
|
- g_hash_table_add (data_hash, d); |
|
- } |
|
- |
|
- /* then, search if there is any route on another interface with the same |
|
- * network/plen destination. If yes, we consider this a multihoming |
|
- * setup. */ |
|
- head_entry = nm_platform_lookup (platform, |
|
- nmp_lookup_init_obj_type (&lookup, |
|
- NMP_OBJECT_TYPE_IP4_ROUTE)); |
|
- nmp_cache_iter_for_each (&iter, head_entry, &o) { |
|
- const NMPlatformIP4Route *r = NMP_OBJECT_CAST_IP4_ROUTE (o); |
|
- IP4RPFilterData d; |
|
- |
|
- if ( r->ifindex == ifindex |
|
- || NM_PLATFORM_IP_ROUTE_IS_DEFAULT (r) |
|
- || r->table_coerced) |
|
- continue; |
|
- |
|
- d.network = nm_utils_ip4_address_clear_host_address (r->network, r->plen); |
|
- d.plen = r->plen; |
|
- if (g_hash_table_contains (data_hash, &d)) |
|
- return TRUE; |
|
- } |
|
- |
|
- return FALSE; |
|
-} |
|
- |
|
-static void |
|
-ip4_rp_filter_update (NMDevice *self) |
|
-{ |
|
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE (self); |
|
- const char *ip4_rp_filter; |
|
- |
|
- if ( priv->v4_has_shadowed_routes |
|
- || nm_device_get_best_default_route (self, AF_INET)) { |
|
- if (nm_device_ipv4_sysctl_get_uint32 (self, "rp_filter", 0) != 1) { |
|
- /* Don't touch the rp_filter if it's not strict. */ |
|
- return; |
|
- } |
|
- /* Loose rp_filter */ |
|
- ip4_rp_filter = "2"; |
|
- } else { |
|
- /* Default rp_filter */ |
|
- ip4_rp_filter = NULL; |
|
- } |
|
- |
|
- if (ip4_rp_filter != priv->ip4_rp_filter) { |
|
- nm_device_ipv4_sysctl_set (self, "rp_filter", ip4_rp_filter); |
|
- priv->ip4_rp_filter = ip4_rp_filter; |
|
- } |
|
-} |
|
- |
|
static void |
|
link_changed (NMDevice *self, const NMPlatformLink *pllink) |
|
{ |
|
@@ -10259,9 +10095,6 @@ nm_device_set_ip4_config (NMDevice *self, |
|
|
|
concheck_periodic_update (self); |
|
|
|
- if (!nm_device_sys_iface_state_is_external_or_assume (self)) |
|
- ip4_rp_filter_update (self); |
|
- |
|
if (has_changes) { |
|
NMSettingsConnection *settings_connection; |
|
|
|
@@ -11284,11 +11117,6 @@ queued_ip4_config_change (gpointer user_data) |
|
|
|
set_unmanaged_external_down (self, TRUE); |
|
|
|
- if (!nm_device_sys_iface_state_is_external_or_assume (self)) { |
|
- priv->v4_has_shadowed_routes = _v4_has_shadowed_routes_detect (self);; |
|
- ip4_rp_filter_update (self); |
|
- } |
|
- |
|
return FALSE; |
|
} |
|
|
|
-- |
|
2.14.3
|
|
|