colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

device: don't reset "net.ipv6.conf.$IFACE.forwarding"

Browse Source 
According to systemd, IPv6 forwarding is special anyway, and they only
enable forwarding for "net.ipv6.conf.all.forwarding" ([1]).

Since commit 46e63e03af ('device: announce the managed IPv6
configuration with ipv6.method=shared') we support "ipv6.method=shared"
and enable forwarding for IPv6, on the interface. Whether that makes
sense is questionable, given [1] and the claim that setting it
per-interface is not useful.

Anyway, since that change we always reset the "forwarding" sysctl to
zero, when we don't enable shared mode. That is not right, because the
user didn't explicitly ask for that (and there is no configuration
option like systemd-networkd's "IPForward=" setting to control that).

What we instead should do, not touch/reset the sysctl, unless we really
want to.

No longer set "forwarding" to zero by default. And only restore the
previous value (_dev_sysctl_save_ip6_properties()) if we actually
changed the value to "1".

[1] b8fba0cded/src/network/networkd-sysctl.c (L79)

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/923

Fixes: 46e63e03af ('device: announce the managed IPv6 configuration with ipv6.method=shared')

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1616
This commit is contained in:
Thomas Haller
2023-05-02 14:41:05 +02:00
parent 89edca4628
commit 4c48301594
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/core/devices/nm-device.c
View File

@@ -11860,7 +11860,18 @@ _dev_ipac6_start(NMDevice *self)
} }
if (nm_ndisc_get_node_type(priv->ipac6_data.ndisc) == NM_NDISC_NODE_TYPE_ROUTER) { if (nm_ndisc_get_node_type(priv->ipac6_data.ndisc) == NM_NDISC_NODE_TYPE_ROUTER) {
nm_device_sysctl_ip_conf_set(self, AF_INET6, "forwarding", "1"); gs_free char *sysctl_value = NULL;
sysctl_value = nm_device_sysctl_ip_conf_get(self, AF_INET6, "forwarding");
if (!nm_streq0(sysctl_value, "1")) {
if (sysctl_value) {
g_hash_table_insert(priv->ip6_saved_properties,
"forwarding",
g_steal_pointer(&sysctl_value));
}
nm_device_sysctl_ip_conf_set(self, AF_INET6, "forwarding", "1");
}
priv->needs_ip6_subnet = TRUE; priv->needs_ip6_subnet = TRUE;
g_signal_emit(self, signals[IP6_SUBNET_NEEDED], 0); g_signal_emit(self, signals[IP6_SUBNET_NEEDED], 0);
} }
@@ -11918,7 +11929,6 @@ _dev_sysctl_save_ip6_properties(NMDevice *self)
{ {
static const char *const ip6_properties_to_save[] = { static const char *const ip6_properties_to_save[] = {
"accept_ra", "accept_ra",
"forwarding",
"disable_ipv6", "disable_ipv6",
"hop_limit", "hop_limit",
"use_tempaddr", "use_tempaddr",
@@ -15838,7 +15848,6 @@ ip6_managed_setup(NMDevice *self)
_dev_sysctl_set_disable_ipv6(self, FALSE); _dev_sysctl_set_disable_ipv6(self, FALSE);
nm_device_sysctl_ip_conf_set(self, AF_INET6, "accept_ra", "0"); nm_device_sysctl_ip_conf_set(self, AF_INET6, "accept_ra", "0");
nm_device_sysctl_ip_conf_set(self, AF_INET6, "use_tempaddr", "0"); nm_device_sysctl_ip_conf_set(self, AF_INET6, "use_tempaddr", "0");
nm_device_sysctl_ip_conf_set(self, AF_INET6, "forwarding", "0");
} }
static void static void