[DEV_ATTR_SENDREDIRECTS] = { .name = "sendredirects", .type = BLOBMSG_TYPE_BOOL },
[DEV_ATTR_NEIGHLOCKTIME] = { .name = "neighlocktime", .type = BLOBMSG_TYPE_INT32 },
[DEV_ATTR_ISOLATE] = { .name = "isolate", .type = BLOBMSG_TYPE_BOOL },
+ [DEV_ATTR_DROP_V4_UNICAST_IN_L2_MULTICAST] = { .name = "drop_v4_unicast_in_l2_multicast", .type = BLOBMSG_TYPE_BOOL },
+ [DEV_ATTR_DROP_V6_UNICAST_IN_L2_MULTICAST] = { .name = "drop_v6_unicast_in_l2_multicast", .type = BLOBMSG_TYPE_BOOL },
+ [DEV_ATTR_DROP_GRATUITOUS_ARP] = { .name = "drop_gratuitous_arp", .type = BLOBMSG_TYPE_BOOL },
+ [DEV_ATTR_DROP_UNSOLICITED_NA] = { .name = "drop_unsolicited_na", .type = BLOBMSG_TYPE_BOOL },
+ [DEV_ATTR_ARP_ACCEPT] = { .name = "arp_accept", .type = BLOBMSG_TYPE_BOOL },
};
const struct uci_blob_param_list device_attr_list = {
n->unicast_flood = s->unicast_flood;
n->sendredirects = s->flags & DEV_OPT_SENDREDIRECTS ?
s->sendredirects : os->sendredirects;
+ n->drop_v4_unicast_in_l2_multicast = s->flags & DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST ?
+ s->drop_v4_unicast_in_l2_multicast : os->drop_v4_unicast_in_l2_multicast;
+ n->drop_v6_unicast_in_l2_multicast = s->flags & DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST ?
+ s->drop_v6_unicast_in_l2_multicast : os->drop_v6_unicast_in_l2_multicast;
+ n->drop_gratuitous_arp = s->flags & DEV_OPT_DROP_GRATUITOUS_ARP ?
+ s->drop_gratuitous_arp : os->drop_gratuitous_arp;
+ n->drop_unsolicited_na = s->flags & DEV_OPT_DROP_UNSOLICITED_NA ?
+ s->drop_unsolicited_na : os->drop_unsolicited_na;
+ n->arp_accept = s->flags & DEV_OPT_ARP_ACCEPT ?
+ s->arp_accept : os->arp_accept;
n->flags = s->flags | os->flags | os->valid_flags;
}
s->flags |= DEV_OPT_ISOLATE;
}
+ if ((cur = tb[DEV_ATTR_DROP_V4_UNICAST_IN_L2_MULTICAST])) {
+ s->drop_v4_unicast_in_l2_multicast = blobmsg_get_bool(cur);
+ s->flags |= DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST;
+ }
+
+ if ((cur = tb[DEV_ATTR_DROP_V6_UNICAST_IN_L2_MULTICAST])) {
+ s->drop_v6_unicast_in_l2_multicast = blobmsg_get_bool(cur);
+ s->flags |= DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST;
+ }
+
+ if ((cur = tb[DEV_ATTR_DROP_GRATUITOUS_ARP])) {
+ s->drop_gratuitous_arp = blobmsg_get_bool(cur);
+ s->flags |= DEV_OPT_DROP_GRATUITOUS_ARP;
+ }
+
+ if ((cur = tb[DEV_ATTR_DROP_UNSOLICITED_NA])) {
+ s->drop_unsolicited_na = blobmsg_get_bool(cur);
+ s->flags |= DEV_OPT_DROP_UNSOLICITED_NA;
+ }
+
+ if ((cur = tb[DEV_ATTR_ARP_ACCEPT])) {
+ s->arp_accept = blobmsg_get_bool(cur);
+ s->flags |= DEV_OPT_ARP_ACCEPT;
+ }
+
device_set_disabled(dev, disabled);
}
blobmsg_add_u8(b, "unicast_flood", st.unicast_flood);
if (st.flags & DEV_OPT_SENDREDIRECTS)
blobmsg_add_u8(b, "sendredirects", st.sendredirects);
+ if (st.flags & DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST)
+ blobmsg_add_u8(b, "drop_v4_unicast_in_l2_multicast", st.drop_v4_unicast_in_l2_multicast);
+ if (st.flags & DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST)
+ blobmsg_add_u8(b, "drop_v6_unicast_in_l2_multicast", st.drop_v6_unicast_in_l2_multicast);
+ if (st.flags & DEV_OPT_DROP_GRATUITOUS_ARP)
+ blobmsg_add_u8(b, "drop_gratuitous_arp", st.drop_gratuitous_arp);
+ if (st.flags & DEV_OPT_DROP_UNSOLICITED_NA)
+ blobmsg_add_u8(b, "drop_unsolicited_na", st.drop_unsolicited_na);
+ if (st.flags & DEV_OPT_ARP_ACCEPT)
+ blobmsg_add_u8(b, "arp_accept", st.arp_accept);
}
s = blobmsg_open_table(b, "statistics");
DEV_ATTR_NEIGHLOCKTIME,
DEV_ATTR_ISOLATE,
DEV_ATTR_IP6SEGMENTROUTING,
+ DEV_ATTR_DROP_V4_UNICAST_IN_L2_MULTICAST,
+ DEV_ATTR_DROP_V6_UNICAST_IN_L2_MULTICAST,
+ DEV_ATTR_DROP_GRATUITOUS_ARP,
+ DEV_ATTR_DROP_UNSOLICITED_NA,
+ DEV_ATTR_ARP_ACCEPT,
__DEV_ATTR_MAX,
};
DEV_OPT_NEIGHLOCKTIME = (1 << 22),
DEV_OPT_ISOLATE = (1 << 23),
DEV_OPT_IP6SEGMENTROUTING = (1 << 24),
+ DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST = (1 << 25),
+ DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST = (1 << 26),
+ DEV_OPT_DROP_GRATUITOUS_ARP = (1 << 27),
+ DEV_OPT_DROP_UNSOLICITED_NA = (1 << 28),
+ DEV_OPT_ARP_ACCEPT = (1 << 29),
};
/* events broadcasted to all users of a device */
bool sendredirects;
bool ip6segmentrouting;
bool isolate;
+ bool drop_v4_unicast_in_l2_multicast;
+ bool drop_v6_unicast_in_l2_multicast;
+ bool drop_gratuitous_arp;
+ bool drop_unsolicited_na;
+ bool arp_accept;
};
/*
system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/send_redirects", dev->ifname, val);
}
+static void system_set_drop_v4_unicast_in_l2_multicast(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/drop_unicast_in_l2_multicast", dev->ifname, val);
+}
+
+static void system_set_drop_v6_unicast_in_l2_multicast(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv6/conf/%s/drop_unicast_in_l2_multicast", dev->ifname, val);
+}
+
+static void system_set_drop_gratuitous_arp(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/drop_gratuitous_arp", dev->ifname, val);
+}
+
+static void system_set_drop_unsolicited_na(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv6/conf/%s/drop_unsolicited_na", dev->ifname, val);
+}
+
+static void system_set_arp_accept(struct device *dev, const char *val)
+{
+ system_set_dev_sysctl("/proc/sys/net/ipv4/conf/%s/arp_accept", dev->ifname, val);
+}
+
static void system_bridge_set_multicast_to_unicast(struct device *dev, const char *val)
{
system_set_dev_sysctl("/sys/class/net/%s/brport/multicast_to_unicast", dev->ifname, val);
dev->ifname, buf, buf_sz);
}
+
+static int system_get_drop_v4_unicast_in_l2_multicast(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/drop_unicast_in_l2_multicast",
+ dev->ifname, buf, buf_sz);
+}
+
+static int system_get_drop_v6_unicast_in_l2_multicast(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv6/conf/%s/drop_unicast_in_l2_multicast",
+ dev->ifname, buf, buf_sz);
+}
+
+static int system_get_drop_gratuitous_arp(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/drop_gratuitous_arp",
+ dev->ifname, buf, buf_sz);
+}
+
+static int system_get_drop_unsolicited_na(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv6/conf/%s/drop_unsolicited_na",
+ dev->ifname, buf, buf_sz);
+}
+
+static int system_get_arp_accept(struct device *dev, char *buf, const size_t buf_sz)
+{
+ return system_get_dev_sysctl("/proc/sys/net/ipv4/conf/%s/arp_accept",
+ dev->ifname, buf, buf_sz);
+}
+
/* Evaluate netlink messages */
static int cb_rtnl_event(struct nl_msg *msg, void *arg)
{
s->sendredirects = strtoul(buf, NULL, 0);
s->flags |= DEV_OPT_SENDREDIRECTS;
}
+
+ if (!system_get_drop_v4_unicast_in_l2_multicast(dev, buf, sizeof(buf))) {
+ s->drop_v4_unicast_in_l2_multicast = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST;
+ }
+
+ if (!system_get_drop_v6_unicast_in_l2_multicast(dev, buf, sizeof(buf))) {
+ s->drop_v6_unicast_in_l2_multicast = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST;
+ }
+
+ if (!system_get_drop_gratuitous_arp(dev, buf, sizeof(buf))) {
+ s->drop_gratuitous_arp = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_DROP_GRATUITOUS_ARP;
+ }
+
+ if (!system_get_drop_unsolicited_na(dev, buf, sizeof(buf))) {
+ s->drop_unsolicited_na = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_DROP_UNSOLICITED_NA;
+ }
+
+ if (!system_get_arp_accept(dev, buf, sizeof(buf))) {
+ s->arp_accept = strtoul(buf, NULL, 0);
+ s->flags |= DEV_OPT_ARP_ACCEPT;
+ }
}
void
}
if (apply_mask & DEV_OPT_SENDREDIRECTS)
system_set_sendredirects(dev, s->sendredirects ? "1" : "0");
+ if (apply_mask & DEV_OPT_DROP_V4_UNICAST_IN_L2_MULTICAST)
+ system_set_drop_v4_unicast_in_l2_multicast(dev, s->drop_v4_unicast_in_l2_multicast ? "1" : "0");
+ if (apply_mask & DEV_OPT_DROP_V6_UNICAST_IN_L2_MULTICAST)
+ system_set_drop_v6_unicast_in_l2_multicast(dev, s->drop_v6_unicast_in_l2_multicast ? "1" : "0");
+ if (apply_mask & DEV_OPT_DROP_GRATUITOUS_ARP)
+ system_set_drop_gratuitous_arp(dev, s->drop_gratuitous_arp ? "1" : "0");
+ if (apply_mask & DEV_OPT_DROP_UNSOLICITED_NA)
+ system_set_drop_unsolicited_na(dev, s->drop_unsolicited_na ? "1" : "0");
+ if (apply_mask & DEV_OPT_ARP_ACCEPT)
+ system_set_arp_accept(dev, s->arp_accept ? "1" : "0");
}
int system_if_up(struct device *dev)