2008-10-10 Dan Williams <dcbw@redhat.com>
Rework default route handling to consolidate decisions in the policy,
and to take active VPN connections into account when changing the default
route (bgo #545912)
* src/NetworkManager.c
- (main): pass the vpn_manager to the policy so it knows about active
VPN connections; clean up the named manager which wasn't done before
* src/NetworkManagerPolicy.c
src/NetworkManagerPolicy.h
- (nm_policy_new): get a clue about the vpn_manager
- (update_default_route): remove, fold into update_routing_and_dns()
- (update_routing_and_dns): handle active VPN connections too; an
active VPN connection becomes the default route if it does not have
server-specified or user-specified custom routes. Otherwise, the
best active device gets the default route
- (vpn_connection_activated, vpn_connection_deactivated, nm_policy_new,
nm_policy_destroy): track VPN connection activation and deactivation
and update the default route when appropriate
* src/NetworkManagerSystem.c
src/NetworkManagerSystem.h
- (nm_system_vpn_device_unset_from_ip4_config): remove, put functionality
in the VPN connection itself
- (nm_system_vpn_device_set_from_ip4_config,
nm_system_device_set_from_ip4_config): merge together to make
nm_system_apply_ip4_config()
- (add_vpn_gateway_route): add a route to the VPN's external gateway
via the parent device
- (nm_system_apply_ip4_config): simplify
- (add_ip4_route_to_gateway): new function; add a direct route to the
gateway if needed
- (nm_system_device_replace_default_ip4_route): simplify, break gateway
route stuff out into add_ip4_route_to_gateway() for clarity
* src/nm-device.c
- (nm_device_set_ip4_config): update for nm_system_apply_ip4_config()
* src/vpn-manager/nm-vpn-connection.c
src/vpn-manager/nm-vpn-connection.h
- (nm_vpn_connection_get_ip4_config, nm_vpn_connection_get_ip_iface,
nm_vpn_connection_get_parent_device): add
- (nm_vpn_connection_ip4_config_get): make the requirement of a tunnel
device explicit
- (connection_state_changed): update the named manager now that
nm_system_vpn_device_unset_from_ip4_config() is gone; do something
useful on errors
* src/vpn-manager/nm-vpn-manager.c
src/vpn-manager/nm-vpn-manager.h
- Add a 'connection-activated' signal
- (nm_vpn_manager_get_active_connections): new function; mainly for the
policy to find out about active VPN connections
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4167 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
2008-10-10 23:05:45 +00:00
|
|
|
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: t; c-basic-offset: 4 -*- */
|
2004-08-24 00:31:47 +00:00
|
|
|
/* NetworkManager -- Network link manager
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
2008-06-26 18:31:52 +00:00
|
|
|
* You should have received a copy of the GNU General Public License along
|
|
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
2004-08-24 00:31:47 +00:00
|
|
|
*
|
2010-06-22 14:21:25 +02:00
|
|
|
* Copyright (C) 2004 - 2010 Red Hat, Inc.
|
2008-11-03 04:13:42 +00:00
|
|
|
* Copyright (C) 2005 - 2008 Novell, Inc.
|
2004-08-24 00:31:47 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef NETWORK_MANAGER_SYSTEM_H
|
|
|
|
|
#define NETWORK_MANAGER_SYSTEM_H
|
|
|
|
|
|
2008-11-07 13:57:39 +00:00
|
|
|
#include <netlink/route/rtnl.h>
|
|
|
|
|
#include <netlink/route/route.h>
|
|
|
|
|
|
2010-06-22 14:21:25 +02:00
|
|
|
#include <net/ethernet.h>
|
|
|
|
|
|
2004-08-24 00:31:47 +00:00
|
|
|
#include <glib.h>
|
2005-12-31 08:21:24 +00:00
|
|
|
#include "nm-device.h"
|
|
|
|
|
#include "nm-ip4-config.h"
|
2011-10-18 13:48:44 +02:00
|
|
|
#include "nm-setting-bond.h"
|
2011-12-12 22:20:57 -05:00
|
|
|
#include "nm-setting-vlan.h"
|
2004-08-24 00:31:47 +00:00
|
|
|
|
2011-07-22 13:37:29 -05:00
|
|
|
gboolean nm_system_iface_flush_routes (int ifindex, int family);
|
2005-04-15 15:43:42 +00:00
|
|
|
|
2011-07-22 14:24:18 -05:00
|
|
|
gboolean nm_system_replace_default_ip4_route (int ifindex,
|
2008-10-11 14:26:41 +00:00
|
|
|
guint32 gw,
|
|
|
|
|
guint32 mss);
|
|
|
|
|
|
2011-07-22 14:24:18 -05:00
|
|
|
gboolean nm_system_replace_default_ip6_route (int ifindex,
|
2010-04-23 22:11:22 -07:00
|
|
|
const struct in6_addr *gw);
|
|
|
|
|
|
2011-07-22 14:24:18 -05:00
|
|
|
gboolean nm_system_replace_default_ip4_route_vpn (int ifindex,
|
2008-10-11 14:26:41 +00:00
|
|
|
guint32 ext_gw,
|
|
|
|
|
guint32 int_gw,
|
|
|
|
|
guint32 mss,
|
2011-07-22 14:24:18 -05:00
|
|
|
int parent_ifindex,
|
2008-10-11 14:26:41 +00:00
|
|
|
guint32 parent_mss);
|
2005-04-15 15:43:42 +00:00
|
|
|
|
vpn: support IPv6 over VPNs
Add new API to allow passing both IPv4 and IPv6 configuration
information from VPN plugins to the backend.
Now instead of a single Ip4Config, a plugin has Config, Ip4Config, and
Ip6Config. "Config" contains information which is neither IPv4 nor
IPv6 specific, and also indicates which of Ip4Config and Ip6Config are
present. Ip4Config now only contains the IPv4-specific bits of
configuration.
There is backward compatibility in both directions: if the daemon is
new and the VPN plugin is old, then NM will notice that the plugin
emitted the Ip4Config signal without having emitted the Config signal
first, and so will assume that it is IPv4-only, and that the generic
bits of configuration have been included with the Ip4Config. If the
daemon is old and the plugin is new, then NMVPNPlugin will copy the
values from the generic config into the IPv4 config as well. (In fact,
NMVPNPlugin *always* does this, because it's harmless, and it's easier
than actually checking the daemon version.)
Currently the VPN is still configured all-at-once, after both IPv4 and
IPv6 information has been received, but the APIs allow for the
possibility of configuring them one at a time in the future.
2012-05-04 15:50:07 -04:00
|
|
|
gboolean nm_system_replace_default_ip6_route_vpn (int ifindex,
|
|
|
|
|
const struct in6_addr *ext_gw,
|
|
|
|
|
const struct in6_addr *int_gw,
|
|
|
|
|
guint32 mss,
|
|
|
|
|
int parent_ifindex,
|
|
|
|
|
guint32 parent_mss);
|
|
|
|
|
|
2012-05-23 10:50:17 -04:00
|
|
|
struct rtnl_route *nm_system_add_ip4_vpn_gateway_route (NMDevice *parent_device,
|
|
|
|
|
guint32 vpn_gw);
|
2012-05-23 12:04:17 -04:00
|
|
|
struct rtnl_route *nm_system_add_ip6_vpn_gateway_route (NMDevice *parent_device,
|
|
|
|
|
const struct in6_addr *vpn_gw);
|
2008-11-07 13:57:39 +00:00
|
|
|
|
2011-07-22 13:37:29 -05:00
|
|
|
gboolean nm_system_iface_flush_addresses (int ifindex, int family);
|
2005-04-15 15:43:42 +00:00
|
|
|
|
2011-07-22 14:09:16 -05:00
|
|
|
gboolean nm_system_apply_ip4_config (int ifindex,
|
2008-10-10 Dan Williams <dcbw@redhat.com>
Rework default route handling to consolidate decisions in the policy,
and to take active VPN connections into account when changing the default
route (bgo #545912)
* src/NetworkManager.c
- (main): pass the vpn_manager to the policy so it knows about active
VPN connections; clean up the named manager which wasn't done before
* src/NetworkManagerPolicy.c
src/NetworkManagerPolicy.h
- (nm_policy_new): get a clue about the vpn_manager
- (update_default_route): remove, fold into update_routing_and_dns()
- (update_routing_and_dns): handle active VPN connections too; an
active VPN connection becomes the default route if it does not have
server-specified or user-specified custom routes. Otherwise, the
best active device gets the default route
- (vpn_connection_activated, vpn_connection_deactivated, nm_policy_new,
nm_policy_destroy): track VPN connection activation and deactivation
and update the default route when appropriate
* src/NetworkManagerSystem.c
src/NetworkManagerSystem.h
- (nm_system_vpn_device_unset_from_ip4_config): remove, put functionality
in the VPN connection itself
- (nm_system_vpn_device_set_from_ip4_config,
nm_system_device_set_from_ip4_config): merge together to make
nm_system_apply_ip4_config()
- (add_vpn_gateway_route): add a route to the VPN's external gateway
via the parent device
- (nm_system_apply_ip4_config): simplify
- (add_ip4_route_to_gateway): new function; add a direct route to the
gateway if needed
- (nm_system_device_replace_default_ip4_route): simplify, break gateway
route stuff out into add_ip4_route_to_gateway() for clarity
* src/nm-device.c
- (nm_device_set_ip4_config): update for nm_system_apply_ip4_config()
* src/vpn-manager/nm-vpn-connection.c
src/vpn-manager/nm-vpn-connection.h
- (nm_vpn_connection_get_ip4_config, nm_vpn_connection_get_ip_iface,
nm_vpn_connection_get_parent_device): add
- (nm_vpn_connection_ip4_config_get): make the requirement of a tunnel
device explicit
- (connection_state_changed): update the named manager now that
nm_system_vpn_device_unset_from_ip4_config() is gone; do something
useful on errors
* src/vpn-manager/nm-vpn-manager.c
src/vpn-manager/nm-vpn-manager.h
- Add a 'connection-activated' signal
- (nm_vpn_manager_get_active_connections): new function; mainly for the
policy to find out about active VPN connections
git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@4167 4912f4e0-d625-0410-9fb7-b9a5a253dbdc
2008-10-10 23:05:45 +00:00
|
|
|
NMIP4Config *config,
|
|
|
|
|
int priority,
|
2008-11-07 13:57:39 +00:00
|
|
|
NMIP4ConfigCompareFlags flags);
|
2005-04-15 15:43:42 +00:00
|
|
|
|
2010-08-10 21:32:20 -05:00
|
|
|
int nm_system_set_ip6_route (int ifindex,
|
|
|
|
|
const struct in6_addr *ip6_dest,
|
|
|
|
|
guint32 ip6_prefix,
|
|
|
|
|
const struct in6_addr *ip6_gateway,
|
|
|
|
|
guint32 metric,
|
|
|
|
|
int mss,
|
|
|
|
|
int protocol,
|
|
|
|
|
int table,
|
|
|
|
|
struct rtnl_route **out_route);
|
|
|
|
|
|
2011-07-22 14:24:18 -05:00
|
|
|
gboolean nm_system_apply_ip6_config (int ifindex,
|
2009-07-29 12:12:41 -04:00
|
|
|
NMIP6Config *config,
|
|
|
|
|
int priority,
|
|
|
|
|
NMIP6ConfigCompareFlags flags);
|
|
|
|
|
|
2011-07-22 13:37:29 -05:00
|
|
|
gboolean nm_system_iface_set_up (int ifindex,
|
|
|
|
|
gboolean up,
|
|
|
|
|
gboolean *no_firmware);
|
2005-04-15 15:43:42 +00:00
|
|
|
|
2011-10-18 13:48:48 +02:00
|
|
|
guint32 nm_system_iface_get_flags (int ifindex);
|
2011-07-22 13:49:49 -05:00
|
|
|
gboolean nm_system_iface_is_up (int ifindex);
|
2008-04-30 12:54:00 +00:00
|
|
|
|
2011-07-22 14:09:16 -05:00
|
|
|
gboolean nm_system_iface_set_mtu (int ifindex, guint32 mtu);
|
|
|
|
|
|
|
|
|
|
gboolean nm_system_iface_set_mac (int ifindex, const struct ether_addr *mac);
|
2006-03-21 17:57:01 +00:00
|
|
|
|
2012-11-20 17:54:04 -06:00
|
|
|
gboolean nm_system_iface_set_arp (int ifindex, gboolean arp);
|
|
|
|
|
|
2012-02-29 12:39:11 -06:00
|
|
|
gboolean nm_system_apply_bonding_config (const char *iface,
|
|
|
|
|
NMSettingBond *s_bond);
|
2012-02-10 13:25:39 -06:00
|
|
|
gboolean nm_system_add_bonding_master (const char *iface);
|
2012-02-28 18:35:30 -06:00
|
|
|
|
2012-11-14 14:24:34 -06:00
|
|
|
gboolean nm_system_bond_enslave (gint master_ifindex,
|
2012-02-28 18:35:30 -06:00
|
|
|
const char *master_iface,
|
|
|
|
|
gint slave_ifindex,
|
|
|
|
|
const char *slave_iface);
|
2012-11-14 14:24:34 -06:00
|
|
|
gboolean nm_system_bond_release (gint master_ifindex,
|
2012-02-28 18:35:30 -06:00
|
|
|
const char *master_iface,
|
|
|
|
|
gint slave_ifindex,
|
|
|
|
|
const char *slave_iface);
|
2011-10-18 13:48:44 +02:00
|
|
|
|
2011-11-09 11:22:39 +01:00
|
|
|
enum {
|
|
|
|
|
NM_IFACE_TYPE_UNSPEC = 0,
|
|
|
|
|
NM_IFACE_TYPE_BOND,
|
|
|
|
|
NM_IFACE_TYPE_VLAN,
|
2012-05-23 16:19:26 +02:00
|
|
|
NM_IFACE_TYPE_BRIDGE,
|
|
|
|
|
NM_IFACE_TYPE_DUMMY
|
2011-11-09 11:22:39 +01:00
|
|
|
};
|
|
|
|
|
|
2012-02-08 16:19:06 -06:00
|
|
|
int nm_system_get_iface_type (int ifindex, const char *name);
|
2011-10-18 13:48:45 +02:00
|
|
|
|
2012-02-05 23:56:15 -06:00
|
|
|
gboolean nm_system_get_iface_vlan_info (int ifindex,
|
2012-03-06 11:02:55 -06:00
|
|
|
int *out_parent_ifindex,
|
2012-02-05 23:56:15 -06:00
|
|
|
int *out_vlan_id);
|
|
|
|
|
|
2011-12-21 19:09:22 -06:00
|
|
|
gboolean nm_system_add_vlan_iface (NMConnection *connection,
|
|
|
|
|
const char *iface,
|
2012-02-22 23:40:18 -06:00
|
|
|
int parent_ifindex);
|
2011-12-21 19:09:22 -06:00
|
|
|
gboolean nm_system_del_vlan_iface (const char *iface);
|
2011-12-12 22:20:57 -05:00
|
|
|
|
core: only manage those bridges created by NetworkManager (rh #905035)
Until we handle bridges non-destructively, only manage bridges
created by NM. When quitting write out a file listing all
bridges created by NM and a timestamp, and when starting read
that file and if the timestamp is within 30 minutes, manage
any bridge that was listed in that file. This scheme, while
not foolproof (eg, if NM crashes), should ensure that NM can
recognize bridges it created if it's restarted. The file
is stored in /run or /var/run, which is cleaned each restart,
ensuring that the state does not persist across reboots.
If an automatic or user-initiated activation request for
a bridge NM does not manage is received, that request is
denied. Only if the bridge interface does not yet exist, or
was present in the managed bridges file, will an
NMDeviceBridge be created and activation be possible.
2013-02-01 18:03:11 -06:00
|
|
|
gboolean nm_system_create_bridge (const char *iface, gboolean *out_exists);
|
2012-05-23 16:19:26 +02:00
|
|
|
gboolean nm_system_del_bridge (const char *iface);
|
|
|
|
|
|
|
|
|
|
gboolean nm_system_bridge_attach (int master_ifindex,
|
|
|
|
|
const char *master_iface,
|
|
|
|
|
int slave_ifindex,
|
|
|
|
|
const char *slave_iface);
|
|
|
|
|
gboolean nm_system_bridge_detach (int master_ifindex,
|
|
|
|
|
const char *master_iface,
|
|
|
|
|
int slave_ifindex,
|
|
|
|
|
const char *slave_iface);
|
|
|
|
|
|
2004-08-24 00:31:47 +00:00
|
|
|
#endif
|
