When we want to change the zone an interface belongs to
we can't use firewalld's addInterface() because this one
doesn't allow to add interface to zone when it already
has been part of some other/same zone.
We need to use changeZone() method instead - hopefuly
this is the final name of this method.
We already have the master device kept in the active connection, so
we can just use that instead of having the Policy determine and set
it manually. This also should allow slaves to auto-activate their
master connections if the master is able to activate.
This function used to be used only from activation paths, so it
was fine to assert there because we always expected that there
would be an activation request. These days we'd like to use it
in more places, so just return NULL if there's no connection.
We'll want to eventually match (for VLAN) a given hardware address
that's not the device's hardware address. Only the device itself
knows which NMSetting should contain it's hardware address (ie
the 'wired' setting for NMDeviceEthernet, 'infiniband' for
NMDeviceInfiniband, etc) and VLANs take their hardware address
from the parent interface. So eventually we'll have VLAN
interfaces use these new arguments to ask their parent interface
to match the VLAN hardware address in a connection, since the
VLAN doesn't know (or need to know) what kind of interface it
really is underneath.
- changes nm_utils_get_proc_sys_net_value() to allow all values, not just 0,1
- adds nm_utils_get_proc_sys_net_value_with_bounds() for limiting valid values
To suppress periodic disk wakeups, only write timestamps to disk
when a device gets activated or deactivated. Timestamps are
still updated periodically in memory, just not flushed to disk
at that time.
The check for virtual interface name was too loose, so
restrict it to VLAN only which is what actually uses it,
and ensure we have an interface name to compare against
the device.
Found by Weiping Pan <wpan@redhat.com>
Make sure we don't already have an NMDevice for this interface
before creating it, and also when creating the interface, make
a new NMDevice for it immediately to prevent a race between
telling the kernel to create the interface via netlink, and when
udev later tells us about it. In between there we could be
triggered to try creating the interface again.
Rather than generating enum classes by hand (and complaining in each
file that "this should really be standard"), use glib-mkenums.
Unfortunately, we need a very new version of glib-mkenums in order to
deal with NM's naming conventions and to fix a few other bugs, so just
import that into the source tree temporarily.
Also, to simplify the use of glib-mkenums, import Makefile.glib from
https://bugzilla.gnome.org/654395.
To avoid having to run glib-mkenums for every subdirectory of src/,
add a new "generated" directory, and put the generated enums files
there.
Finally, use Makefile.glib for marshallers too, and generate separate
ones for libnm-glib and NetworkManager.
nm_firewall_manager_remove_from_zone() is called from
nm_device_deactivate()
Also fix nm_firewall_manager_add_to_zone() to the latest
FirewallD1.zone.addInterface signature.
That was always the goal, but never got there. This time we need it
for real to abstract handling of dependent connections so bite the
bullet and make it happen.
Allows clients to retrieve the reason a device changed to
the given state along with the state itself, preventing
race conditions if the state were retrieved separately
from the reason. Reason codes were not previously
accessible without listening to the StateChanged signal.
Adds a new "master" property to NMActiveConnection containing the path
of the master NMDevice if the connection has a master.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
The NM 'iface' isn't always the IP iface (like for modems) so
to avoid a warning, only flush routes and addresses on deactivate
when the iface can actually handle it.
There are now three places we need delayed state transitions:
1) unavailable to disconnected
2) failed to disconnected
3) bond unavailable to disconnected
(3) wasn't doing a delayed transition, but we can't change
state from inside a state-change handler otherwise we may not
end up fully processing the current state chagne. So it needs a
delayed transition too; add some generic code to make that
easier to do.
The callers of fw_add_to_zone() were passing an 'int' (AF_INET or
AF_INET6) while that function was expecting a boolean. Thus when
IPv6 functions passed AF_INET6 that would be interpreted as TRUE
and IPv4 operations would be scheduled.
Shortcut to access the connection linked to the activation
request of a device.
The patch only replaces usage with nm_device_get_connection()
if the existing code assumes that an activation request must
be available.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Add an accessor for device rfkill type and use that instead of
GObject properties, and also use that accessor when claiming a
new device instead of checking NM_IS_DEVICE_xxxx(). Allows us
to move one step closer to making WiMAX a plugin.
NetworkManager[815]: merge_ip6_configs: assertion `src != NULL' failed
Calling ip6_config_merge_and_apply() with a NULL src_config is fine
since that's what happens during RA or DHCP lease changes.
Reported by Johannes Sjölund
If the interface has no IP configuration (bond slave, etc) then
it still needs to get activated too. Previously the code would
only move to ACTIVATED when the first IP method completed, but
since slaves don't do IP config, they never got to ACTIVATED
state.
