fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2025-12-28 21:30:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

ip-tunnel: merge branch 'pr/1565'

Browse source 
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1565

(cherry picked from commit 82a9a493af)
This commit is contained in:
Beniamino Galvani 2023-03-13 09:45:03 +01:00
commit 0fac815a72
5 changed files with 113 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/core/platform/tests/test-common.c
View file

@ -2520,7 +2520,9 @@ nmtstp_link_ip6gre_add(NMPlatform *platform,
gboolean success;
char b1[NM_INET_ADDRSTRLEN];
char b2[NM_INET_ADDRSTRLEN];
char encap[20];
char tclass[20];
gboolean encap_ignore;
gboolean tclass_inherit;
g_assert(nm_utils_ifname_valid_kernel(name, NULL));
@ -2538,9 +2540,11 @@ nmtstp_link_ip6gre_add(NMPlatform *platform,
g_strdup_printf("dev %s", nm_platform_link_get_name(platform, lnk->parent_ifindex));
tclass_inherit = NM_FLAGS_HAS(lnk->flags, IP6_TNL_F_USE_ORIG_TCLASS);
encap_ignore = NM_FLAGS_HAS(lnk->flags, IP6_TNL_F_IGN_ENCAP_LIMIT);
success = !nmtstp_run_command(
"ip link add %s type %s%s%s local %s remote %s ttl %u tclass %s flowlabel %x",
"ip link add %s type %s%s%s local %s remote %s ttl %u tclass %s encaplimit %s "
"flowlabel %x",
name,
lnk->is_tap ? "ip6gretap" : "ip6gre",
NM_PRINT_FMT_QUOTED2(dev, " ", dev, ""),
@ -2548,6 +2552,7 @@ nmtstp_link_ip6gre_add(NMPlatform *platform,
nm_inet6_ntop(&lnk->remote, b2),
lnk->ttl,
tclass_inherit ? "inherit" : nm_sprintf_buf(tclass, "%02x", lnk->tclass),
encap_ignore ? "none" : nm_sprintf_buf(encap, "%u", lnk->encap_limit),
lnk->flow_label);
if (success) {
pllink = nmtstp_assert_wait_for_link(platform,

132
src/core/platform/tests/test-link.c
View file

@ -1439,12 +1439,25 @@ test_software_detect(gconstpointer user_data)
module_loaded = nmtstp_ensure_module("ip6_gre");
lnk_ip6tnl.local = nmtst_inet6_from_string("fd01::42");
lnk_ip6tnl.remote = nmtst_inet6_from_string("fd01::aaaa");
lnk_ip6tnl.parent_ifindex = ifindex_parent;
lnk_ip6tnl.tclass = 21;
lnk_ip6tnl.flow_label = 1338;
lnk_ip6tnl.is_gre = TRUE;
switch (test_data->test_mode) {
case 0:
lnk_ip6tnl.local = nmtst_inet6_from_string("fd01::43");
lnk_ip6tnl.remote = nmtst_inet6_from_string("fd01::aaaa");
lnk_ip6tnl.parent_ifindex = ifindex_parent;
lnk_ip6tnl.tclass = 21;
lnk_ip6tnl.flow_label = 1338;
lnk_ip6tnl.is_gre = TRUE;
break;
case 1:
lnk_ip6tnl.local = nmtst_inet6_from_string("fd01::44");
lnk_ip6tnl.remote = nmtst_inet6_from_string("fd01::aaab");
lnk_ip6tnl.parent_ifindex = ifindex_parent;
lnk_ip6tnl.tclass = 0;
lnk_ip6tnl.flow_label = 1339;
lnk_ip6tnl.is_gre = TRUE;
lnk_ip6tnl.flags = IP6_TNL_F_IGN_ENCAP_LIMIT | IP6_TNL_F_USE_ORIG_TCLASS;
break;
}
if (!nmtstp_link_ip6gre_add(NULL, ext, DEVICE_NAME, &lnk_ip6tnl)) {
if (!module_loaded) {
@ -1463,14 +1476,29 @@ test_software_detect(gconstpointer user_data)
module_loaded = nmtstp_ensure_module("ip6_gre");
lnk_ip6tnl.local = nmtst_inet6_from_string("fe80::abcd");
lnk_ip6tnl.remote = nmtst_inet6_from_string("fc01::bbbb");
lnk_ip6tnl.parent_ifindex = ifindex_parent;
lnk_ip6tnl.ttl = 10;
lnk_ip6tnl.tclass = 22;
lnk_ip6tnl.flow_label = 1339;
lnk_ip6tnl.is_gre = TRUE;
lnk_ip6tnl.is_tap = TRUE;
switch (test_data->test_mode) {
case 0:
lnk_ip6tnl.local = nmtst_inet6_from_string("fe80::abcd");
lnk_ip6tnl.remote = nmtst_inet6_from_string("fc01::bbbb");
lnk_ip6tnl.parent_ifindex = ifindex_parent;
lnk_ip6tnl.ttl = 10;
lnk_ip6tnl.tclass = 23;
lnk_ip6tnl.flow_label = 1340;
lnk_ip6tnl.is_gre = TRUE;
lnk_ip6tnl.is_tap = TRUE;
break;
case 1:
lnk_ip6tnl.local = nmtst_inet6_from_string("fe80::abce");
lnk_ip6tnl.remote = nmtst_inet6_from_string("fc01::bbbc");
lnk_ip6tnl.parent_ifindex = ifindex_parent;
lnk_ip6tnl.ttl = 10;
lnk_ip6tnl.tclass = 0;
lnk_ip6tnl.flow_label = 1341;
lnk_ip6tnl.is_gre = TRUE;
lnk_ip6tnl.is_tap = TRUE;
lnk_ip6tnl.flags = IP6_TNL_F_IGN_ENCAP_LIMIT | IP6_TNL_F_USE_ORIG_TCLASS;
break;
}
if (!nmtstp_link_ip6gre_add(NULL, ext, DEVICE_NAME, &lnk_ip6tnl)) {
if (!module_loaded) {
@ -1851,29 +1879,65 @@ test_software_detect(gconstpointer user_data)
{
const NMPlatformLnkIp6Tnl *plnk = &lnk->lnk_ip6tnl;
g_assert(plnk == nm_platform_link_get_lnk_ip6gre(NM_PLATFORM_GET, ifindex, NULL));
g_assert_cmpint(plnk->parent_ifindex, ==, ifindex_parent);
nmtst_assert_ip6_address(&plnk->local, "fd01::42");
nmtst_assert_ip6_address(&plnk->remote, "fd01::aaaa");
g_assert_cmpint(plnk->tclass, ==, 21);
g_assert_cmpint(plnk->flow_label, ==, 1338);
g_assert_cmpint(plnk->is_gre, ==, TRUE);
g_assert_cmpint(plnk->is_tap, ==, FALSE);
switch (test_data->test_mode) {
case 0:
g_assert(plnk == nm_platform_link_get_lnk_ip6gre(NM_PLATFORM_GET, ifindex, NULL));
g_assert_cmpint(plnk->parent_ifindex, ==, ifindex_parent);
nmtst_assert_ip6_address(&plnk->local, "fd01::43");
nmtst_assert_ip6_address(&plnk->remote, "fd01::aaaa");
g_assert_cmpint(plnk->tclass, ==, 21);
g_assert_cmpint(plnk->flow_label, ==, 1338);
g_assert_cmpint(plnk->is_gre, ==, TRUE);
g_assert_cmpint(plnk->is_tap, ==, FALSE);
break;
case 1:
g_assert(plnk == nm_platform_link_get_lnk_ip6gre(NM_PLATFORM_GET, ifindex, NULL));
g_assert_cmpint(plnk->parent_ifindex, ==, ifindex_parent);
nmtst_assert_ip6_address(&plnk->local, "fd01::44");
nmtst_assert_ip6_address(&plnk->remote, "fd01::aaab");
g_assert_cmpint(plnk->flow_label, ==, 1339);
g_assert_cmpint(plnk->is_gre, ==, TRUE);
g_assert_cmpint(plnk->is_tap, ==, FALSE);
g_assert_cmpint(plnk->flags & 0xFFFF, /* ignore kernel internal flags */
==,
IP6_TNL_F_IGN_ENCAP_LIMIT | IP6_TNL_F_USE_ORIG_TCLASS);
break;
}
break;
}
case NM_LINK_TYPE_IP6GRETAP:
{
const NMPlatformLnkIp6Tnl *plnk = &lnk->lnk_ip6tnl;
g_assert(plnk == nm_platform_link_get_lnk_ip6gretap(NM_PLATFORM_GET, ifindex, NULL));
g_assert_cmpint(plnk->parent_ifindex, ==, ifindex_parent);
nmtst_assert_ip6_address(&plnk->local, "fe80::abcd");
nmtst_assert_ip6_address(&plnk->remote, "fc01::bbbb");
g_assert_cmpint(plnk->ttl, ==, 10);
g_assert_cmpint(plnk->tclass, ==, 22);
g_assert_cmpint(plnk->flow_label, ==, 1339);
g_assert_cmpint(plnk->is_gre, ==, TRUE);
g_assert_cmpint(plnk->is_tap, ==, TRUE);
switch (test_data->test_mode) {
case 0:
g_assert(plnk
== nm_platform_link_get_lnk_ip6gretap(NM_PLATFORM_GET, ifindex, NULL));
g_assert_cmpint(plnk->parent_ifindex, ==, ifindex_parent);
nmtst_assert_ip6_address(&plnk->local, "fe80::abcd");
nmtst_assert_ip6_address(&plnk->remote, "fc01::bbbb");
g_assert_cmpint(plnk->ttl, ==, 10);
g_assert_cmpint(plnk->tclass, ==, 23);
g_assert_cmpint(plnk->flow_label, ==, 1340);
g_assert_cmpint(plnk->is_gre, ==, TRUE);
g_assert_cmpint(plnk->is_tap, ==, TRUE);
break;
case 1:
g_assert(plnk
== nm_platform_link_get_lnk_ip6gretap(NM_PLATFORM_GET, ifindex, NULL));
g_assert_cmpint(plnk->parent_ifindex, ==, ifindex_parent);
nmtst_assert_ip6_address(&plnk->local, "fe80::abce");
nmtst_assert_ip6_address(&plnk->remote, "fc01::bbbc");
g_assert_cmpint(plnk->ttl, ==, 10);
g_assert_cmpint(plnk->flow_label, ==, 1341);
g_assert_cmpint(plnk->is_gre, ==, TRUE);
g_assert_cmpint(plnk->is_tap, ==, TRUE);
g_assert_cmpint(plnk->flags & 0xFFFF, /* ignore kernel internal flags */
==,
IP6_TNL_F_IGN_ENCAP_LIMIT | IP6_TNL_F_USE_ORIG_TCLASS);
break;
}
break;
}
case NM_LINK_TYPE_IPIP:
@ -3888,8 +3952,10 @@ _nmtstp_setup_tests(void)
test_software_detect_add("/link/software/detect/gretap", NM_LINK_TYPE_GRETAP, 0);
test_software_detect_add("/link/software/detect/ip6tnl/0", NM_LINK_TYPE_IP6TNL, 0);
test_software_detect_add("/link/software/detect/ip6tnl/1", NM_LINK_TYPE_IP6TNL, 1);
test_software_detect_add("/link/software/detect/ip6gre", NM_LINK_TYPE_IP6GRE, 0);
test_software_detect_add("/link/software/detect/ip6gretap", NM_LINK_TYPE_IP6GRETAP, 0);
test_software_detect_add("/link/software/detect/ip6gre/0", NM_LINK_TYPE_IP6GRE, 0);
test_software_detect_add("/link/software/detect/ip6gre/1", NM_LINK_TYPE_IP6GRE, 1);
test_software_detect_add("/link/software/detect/ip6gretap/0", NM_LINK_TYPE_IP6GRETAP, 0);
test_software_detect_add("/link/software/detect/ip6gretap/1", NM_LINK_TYPE_IP6GRETAP, 1);
test_software_detect_add("/link/software/detect/ipip", NM_LINK_TYPE_IPIP, 0);
test_software_detect_add("/link/software/detect/macvlan", NM_LINK_TYPE_MACVLAN, 0);
test_software_detect_add("/link/software/detect/macvtap", NM_LINK_TYPE_MACVTAP, 0);

8
src/libnm-core-impl/nm-setting-ip-tunnel.c
View file

@ -491,7 +491,11 @@ verify(NMSetting *setting, NMConnection *connection, GError **error)
}
flags = priv->flags;
if (NM_IN_SET(priv->mode, NM_IP_TUNNEL_MODE_IPIP6, NM_IP_TUNNEL_MODE_IP6IP6))
if (NM_IN_SET(priv->mode,
NM_IP_TUNNEL_MODE_IPIP6,
NM_IP_TUNNEL_MODE_IP6IP6,
NM_IP_TUNNEL_MODE_IP6GRE,
NM_IP_TUNNEL_MODE_IP6GRETAP))
flags &= (guint32) (~_NM_IP_TUNNEL_FLAG_ALL_IP6TNL);
if (flags) {
g_set_error(error,
@ -727,7 +731,7 @@ nm_setting_ip_tunnel_class_init(NMSettingIPTunnelClass *klass)
* NMSettingIPTunnel:encapsulation-limit:
*
* How many additional levels of encapsulation are permitted to be prepended
* to packets. This property applies only to IPv6 tunnels.
* to packets. This property applies only to IPv6 tunnels. To disable this option, add %NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT to ip-tunnel flags.
*
* Since: 1.2
**/

2
src/libnmc-setting/settings-docs.h.in
View file

@ -216,7 +216,7 @@
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTES N_("Array of IP routes.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ROUTING_RULES N_("A comma separated list of routing rules for policy routing.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_TOKEN N_("Configure the token for draft-chown-6man-tokenised-ipv6-identifiers-02 IPv6 tokenized interface identifiers. Useful with eui64 addr-gen-mode.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_ENCAPSULATION_LIMIT N_("How many additional levels of encapsulation are permitted to be prepended to packets. This property applies only to IPv6 tunnels.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_ENCAPSULATION_LIMIT N_("How many additional levels of encapsulation are permitted to be prepended to packets. This property applies only to IPv6 tunnels. To disable this option, add NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT (0x1) to ip-tunnel flags.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FLAGS N_("Tunnel flags. Currently, the following values are supported: NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT (0x1), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_TCLASS (0x2), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FLOWLABEL (0x4), NM_IP_TUNNEL_FLAG_IP6_MIP6_DEV (0x8), NM_IP_TUNNEL_FLAG_IP6_RCV_DSCP_COPY (0x10), NM_IP_TUNNEL_FLAG_IP6_USE_ORIG_FWMARK (0x20). They are valid only for IPv6 tunnels.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FLOW_LABEL N_("The flow label to assign to tunnel packets. This property applies only to IPv6 tunnels.")
#define DESCRIBE_DOC_NM_SETTING_IP_TUNNEL_FWMARK N_("The fwmark value to assign to tunnel packets. This property can be set to a non zero value only on VTI and VTI6 tunnels.")

2
src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
View file

@ -640,7 +640,7 @@
<property name="output-key"
description="The key used for tunnel output packets; the property is valid only for certain tunnel modes (GRE, IP6GRE). If empty, no key is used." />
<property name="encapsulation-limit"
description="How many additional levels of encapsulation are permitted to be prepended to packets. This property applies only to IPv6 tunnels." />
description="How many additional levels of encapsulation are permitted to be prepended to packets. This property applies only to IPv6 tunnels. To disable this option, add NM_IP_TUNNEL_FLAG_IP6_IGN_ENCAP_LIMIT (0x1) to ip-tunnel flags." />
<property name="flow-label"
description="The flow label to assign to tunnel packets. This property applies only to IPv6 tunnels." />
<property name="fwmark"