libnm: support VTI properties in the ip-tunnel setting
Add the fwmark property and allow setting input and output key for VTI tunnels.
This commit is contained in:
Beniamino Galvani
@@ -1896,6 +1896,7 @@ global:
|
||||
nm_range_unref;
|
||||
nm_setting_ip_config_get_dhcp_iaid;
|
||||
nm_setting_ip_config_get_dhcp_iaid;
|
||||
nm_setting_ip_tunnel_get_fwmark;
|
||||
nm_setting_loopback_get_mtu;
|
||||
nm_setting_loopback_get_type;
|
||||
nm_setting_loopback_new;
|
||||
|
||||
@@ -1422,6 +1422,10 @@
|
||||
dbus-type="u"
|
||||
gprop-type="guint"
|
||||
/>
|
||||
<property name="fwmark"
|
||||
dbus-type="u"
|
||||
gprop-type="guint"
|
||||
/>
|
||||
<property name="input-key"
|
||||
dbus-type="s"
|
||||
gprop-type="gchararray"
|
||||
|
||||
@@ -28,6 +28,7 @@ NM_GOBJECT_PROPERTIES_DEFINE_BASE(PROP_PARENT,
|
||||
PROP_OUTPUT_KEY,
|
||||
PROP_ENCAPSULATION_LIMIT,
|
||||
PROP_FLOW_LABEL,
|
||||
PROP_FWMARK,
|
||||
PROP_MTU,
|
||||
PROP_FLAGS, );
|
||||
|
||||
@@ -41,6 +42,7 @@ typedef struct {
|
||||
guint32 tos;
|
||||
guint32 encapsulation_limit;
|
||||
guint32 flow_label;
|
||||
guint32 fwmark;
|
||||
guint32 mode;
|
||||
guint32 mtu;
|
||||
guint32 flags;
|
||||
@@ -268,6 +270,24 @@ nm_setting_ip_tunnel_get_flow_label(NMSettingIPTunnel *setting)
|
||||
return NM_SETTING_IP_TUNNEL_GET_PRIVATE(setting)->flow_label;
|
||||
}
|
||||
|
||||
/**
|
||||
* nm_setting_ip_tunnel_get_fwmark:
|
||||
* @setting: the #NMSettingIPTunnel
|
||||
*
|
||||
* Returns the #NMSettingIPTunnel:fwmark property of the setting.
|
||||
*
|
||||
* Returns: the fwmark value
|
||||
*
|
||||
* Since: 1.42
|
||||
**/
|
||||
guint32
|
||||
nm_setting_ip_tunnel_get_fwmark(NMSettingIPTunnel *setting)
|
||||
{
|
||||
g_return_val_if_fail(NM_IS_SETTING_IP_TUNNEL(setting), 0);
|
||||
|
||||
return NM_SETTING_IP_TUNNEL_GET_PRIVATE(setting)->fwmark;
|
||||
}
|
||||
|
||||
/**
|
||||
* nm_setting_ip_tunnel_get_mtu:
|
||||
* @setting: the #NMSettingIPTunnel
|
||||
@@ -411,11 +431,13 @@ verify(NMSetting *setting, NMConnection *connection, GError **error)
|
||||
NM_IP_TUNNEL_MODE_GRE,
|
||||
NM_IP_TUNNEL_MODE_GRETAP,
|
||||
NM_IP_TUNNEL_MODE_IP6GRE,
|
||||
NM_IP_TUNNEL_MODE_IP6GRETAP)) {
|
||||
NM_IP_TUNNEL_MODE_IP6GRETAP,
|
||||
NM_IP_TUNNEL_MODE_VTI,
|
||||
NM_IP_TUNNEL_MODE_VTI6)) {
|
||||
g_set_error_literal(error,
|
||||
NM_CONNECTION_ERROR,
|
||||
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||
_("tunnel keys can only be specified for GRE tunnels"));
|
||||
_("tunnel keys can only be specified for GRE and VTI tunnels"));
|
||||
return FALSE;
|
||||
}
|
||||
}
|
||||
@@ -484,6 +506,18 @@ verify(NMSetting *setting, NMConnection *connection, GError **error)
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (priv->fwmark && !NM_IN_SET(priv->mode, NM_IP_TUNNEL_MODE_VTI, NM_IP_TUNNEL_MODE_VTI6)) {
|
||||
g_set_error_literal(error,
|
||||
NM_CONNECTION_ERROR,
|
||||
NM_CONNECTION_ERROR_INVALID_PROPERTY,
|
||||
_("can be set only on VTI tunnels"));
|
||||
g_prefix_error(error,
|
||||
"%s.%s: ",
|
||||
NM_SETTING_IP_TUNNEL_SETTING_NAME,
|
||||
NM_SETTING_IP_TUNNEL_FWMARK);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
if (nm_connection_get_setting_wired(connection) && !_nm_ip_tunnel_mode_is_layer2(priv->mode)) {
|
||||
g_set_error(error,
|
||||
NM_CONNECTION_ERROR,
|
||||
@@ -727,6 +761,25 @@ nm_setting_ip_tunnel_class_init(NMSettingIPTunnelClass *klass)
|
||||
NMSettingIPTunnelPrivate,
|
||||
flow_label);
|
||||
|
||||
/**
|
||||
* NMSettingIPTunnel:fwmark:
|
||||
*
|
||||
* The fwmark value to assign to tunnel packets. This property can be set
|
||||
* to a non zero value only on VTI and VTI6 tunnels.
|
||||
*
|
||||
* Since: 1.42
|
||||
**/
|
||||
_nm_setting_property_define_direct_uint32(properties_override,
|
||||
obj_properties,
|
||||
NM_SETTING_IP_TUNNEL_FWMARK,
|
||||
PROP_FWMARK,
|
||||
0,
|
||||
G_MAXUINT32,
|
||||
0,
|
||||
NM_SETTING_PARAM_INFERRABLE,
|
||||
NMSettingIPTunnelPrivate,
|
||||
fwmark);
|
||||
|
||||
/**
|
||||
* NMSettingIPTunnel:mtu:
|
||||
*
|
||||
|
||||
@@ -38,6 +38,7 @@ G_BEGIN_DECLS
|
||||
#define NM_SETTING_IP_TUNNEL_OUTPUT_KEY "output-key"
|
||||
#define NM_SETTING_IP_TUNNEL_ENCAPSULATION_LIMIT "encapsulation-limit"
|
||||
#define NM_SETTING_IP_TUNNEL_FLOW_LABEL "flow-label"
|
||||
#define NM_SETTING_IP_TUNNEL_FWMARK "fwmark"
|
||||
#define NM_SETTING_IP_TUNNEL_MTU "mtu"
|
||||
#define NM_SETTING_IP_TUNNEL_FLAGS "flags"
|
||||
|
||||
@@ -98,6 +99,8 @@ NM_AVAILABLE_IN_1_42
|
||||
guint nm_setting_ip_tunnel_get_encapsulation_limit(NMSettingIPTunnel *setting);
|
||||
NM_AVAILABLE_IN_1_42
|
||||
guint nm_setting_ip_tunnel_get_flow_label(NMSettingIPTunnel *setting);
|
||||
NM_AVAILABLE_IN_1_42
|
||||
guint32 nm_setting_ip_tunnel_get_fwmark(NMSettingIPTunnel *setting);
|
||||
NM_AVAILABLE_IN_1_2
|
||||
guint nm_setting_ip_tunnel_get_mtu(NMSettingIPTunnel *setting);
|
||||
NM_AVAILABLE_IN_1_12
|
||||
|
||||
@@ -6592,6 +6592,12 @@ static const NMMetaPropertyInfo *const property_infos_IP_TUNNEL[] = {
|
||||
PROPERTY_INFO_WITH_DESC (NM_SETTING_IP_TUNNEL_FLOW_LABEL,
|
||||
.property_type = &_pt_gobject_int,
|
||||
),
|
||||
PROPERTY_INFO_WITH_DESC (NM_SETTING_IP_TUNNEL_FWMARK,
|
||||
.property_type = &_pt_gobject_int,
|
||||
.property_typ_data = DEFINE_PROPERTY_TYP_DATA_SUBTYPE (gobject_int,
|
||||
.base = 16,
|
||||
),
|
||||
),
|
||||
PROPERTY_INFO_WITH_DESC (NM_SETTING_IP_TUNNEL_MTU,
|
||||
.property_type = &_pt_gobject_mtu,
|
||||
),
|
||||
|
||||
@@ -215,6 +215,7 @@
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_ENCAPSULATION_LIMIT N_("How many additional levels of encapsulation are permitted to be prepended to packets. This property applies only to IPv6 tunnels.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FLAGS N_("Tunnel flags. Currently, the following values are supported: NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT (0x1), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_TCLASS (0x2), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FLOWLABEL (0x4), NM_IP_TUNNEL_FLAG_IP6_MIP6_DEV (0x8), NM_IP_TUNNEL_FLAG_IP6_RCV_DSCP_COPY (0x10), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FWMARK (0x20). They are valid only for IPv6 tunnels.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FLOW_LABEL N_("The flow label to assign to tunnel packets. This property applies only to IPv6 tunnels.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FWMARK N_("The fwmark value to assign to tunnel packets. This property can be set to a non zero value only on VTI and VTI6 tunnels.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_INPUT_KEY N_("The key used for tunnel input packets; the property is valid only for certain tunnel modes (GRE, IP6GRE). If empty, no key is used.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_LOCAL N_("The local endpoint of the tunnel; the value can be empty, otherwise it must contain an IPv4 or IPv6 address.")
|
||||
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_MODE N_("The tunneling mode, for example NM_IP_TUNNEL_MODE_IPIP (1) or NM_IP_TUNNEL_MODE_GRE (2).")
|
||||
|
||||
@@ -643,6 +643,8 @@
|
||||
description="How many additional levels of encapsulation are permitted to be prepended to packets. This property applies only to IPv6 tunnels." />
|
||||
<property name="flow-label"
|
||||
description="The flow label to assign to tunnel packets. This property applies only to IPv6 tunnels." />
|
||||
<property name="fwmark"
|
||||
description="The fwmark value to assign to tunnel packets. This property can be set to a non zero value only on VTI and VTI6 tunnels." />
|
||||
<property name="mtu"
|
||||
description="If non-zero, only transmit packets of the specified size or smaller, breaking larger packets up into multiple fragments." />
|
||||
<property name="flags"
|
||||
|
||||
Reference in New Issue
Block a user