In 5a8bcb674f71a20e95df55319b34c556638378ce, IPForwarding was introduced to set forwarding flags on interfaces in .network files. networkd sets forwarding options regardless of the previous setting, even if it was set by e.g. sysctl. This commit makes IPForwarding not change forwarding settings, so that systems using sysctl continue to work even if IPForwarding is unset in their .network files.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial bug report. --- man/systemd.network.xml | 4 ++-- src/network/networkd-link.c | 6 ++++++ src/network/networkd-network.c | 2 ++ 3 files changed, 10 insertions(+), 2 deletions(-) Zbyszek, Lennart: this new patch should address your concerns. diff --git a/man/systemd.network.xml b/man/systemd.network.xml index 5504b46..07c7e5b 100644 --- a/man/systemd.network.xml +++ b/man/systemd.network.xml @@ -365,8 +365,8 @@ <filename>net.ipv6.conf.<interface>.forwarding</filename> sysctl options of the network interface (see <ulink url="https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt";>ip-sysctl.txt</ulink> - for details about sysctl options). Defaults to - <literal>no</literal>.</para> + for details about sysctl options). If unset, IP forwarding + parameters of the interface will not be changed.</para> <para>Note: unless this option is turned on, no IP forwarding is done on this interface, even if this is diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 8b0de1f..d0b2b80 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -1478,6 +1478,9 @@ static int link_set_ipv4_forward(Link *link) { const char *p = NULL; int r; + if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID) + return 0; + p = strjoina("/proc/sys/net/ipv4/conf/", link->ifname, "/forwarding"); r = write_string_file_no_create(p, one_zero(link_ipv4_forward_enabled(link))); if (r < 0) @@ -1494,6 +1497,9 @@ static int link_set_ipv6_forward(Link *link) { if (!socket_ipv6_is_supported()) return 0; + if (link->network->ip_forward == _ADDRESS_FAMILY_BOOLEAN_INVALID) + return 0; + p = strjoina("/proc/sys/net/ipv6/conf/", link->ifname, "/forwarding"); r = write_string_file_no_create(p, one_zero(link_ipv6_forward_enabled(link))); if (r < 0) diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index 8aa4eb2..f4762bd 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -109,6 +109,8 @@ static int network_load_one(Manager *manager, const char *filename) { network->link_local = ADDRESS_FAMILY_IPV6; + network->ip_forward = _ADDRESS_FAMILY_BOOLEAN_INVALID; + r = config_parse(NULL, filename, file, "Match\0" "Link\0" -- 2.3.6 _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
