Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport from master branch #330

Merged
merged 8 commits into from
Aug 17, 2015
Merged

Backport from master branch #330

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
c1ae869
Support for configurating IPv6 forwarding. bnc#916013
mchf Jul 3, 2015
abc1bce
Fixed old testsuite
mchf Jul 3, 2015
19b2df5
Replaced direct access to /proc using sysctl call
mchf Jul 3, 2015
86b1704
Added comment
mchf Jul 3, 2015
44bb3fa
Updated changelog
mchf Jul 23, 2015
1abaa39
Adapted testsuite
mchf Jul 23, 2015
72a6ffc
Fixed old testsuite
mchf Aug 5, 2015
ec804d3
Allways do runtime IPv4 enablement
mchf Aug 10, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions package/yast2-network.changes
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
-------------------------------------------------------------------
Mon Aug 17 14:59:37 UTC 2015 - mfilka@suse.com

- bnc#916013
- IPv6 forwarding setup is stored persistently
- 3.1.112.6

-------------------------------------------------------------------
Wed Aug 12 08:31:16 UTC 2015 - mfilka@suse.com

Expand Down
2 changes: 1 addition & 1 deletion package/yast2-network.spec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@


Name: yast2-network
Version: 3.1.112.5
Version: 3.1.112.6
Release: 0

BuildRoot: %{_tmppath}/%{name}-%{version}-build
Expand Down
67 changes: 43 additions & 24 deletions src/modules/Routing.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,13 @@ class RoutingClass < Module
# "routes" file location
ROUTES_FILE = "/etc/sysconfig/network/routes"

SYSCTL_IPV4_PATH = ".etc.sysctl_conf.\"net.ipv4.ip_forward\""
SYSCTL_IPV6_PATH = ".etc.sysctl_conf.\"net.ipv6.conf.all.forwarding\""
# sysctl keys, used as *single* SCR path components below
IPV4_SYSCTL = "net.ipv4.ip_forward"
IPV6_SYSCTL = "net.ipv6.conf.all.forwarding"
# SCR paths
SYSCTL_AGENT_PATH = ".etc.sysctl_conf"
SYSCTL_IPV4_PATH = SYSCTL_AGENT_PATH + ".\"#{IPV4_SYSCTL}\""
SYSCTL_IPV6_PATH = SYSCTL_AGENT_PATH + ".\"#{IPV6_SYSCTL}\""

# see man routes - difference on implicit device param (aka "-") in
# case of /etc/sysconfig/network/routes and /etc/sysconfig/network/
Expand Down Expand Up @@ -137,54 +142,68 @@ def RemoveDefaultGw
nil
end

# Reads current status for both IPv4 and IPv6 forwarding
def ReadIPForwarding
if SuSEFirewall.IsEnabled
@Forward_v4 = SuSEFirewall.GetSupportRoute
# FIXME: missing support for setting IPv6 forwarding enablement in
# SuSEFirewall module and in SuSEFirewall2 at all
else
@Forward_v4 = SCR.Read(path(SYSCTL_IPV4_PATH)) == "1"
@Forward_v6 = SCR.Read(path(SYSCTL_IPV6_PATH)) == "1"
end

@Forward_v6 = SCR.Read(path(SYSCTL_IPV6_PATH)) == "1"

log.info("Forward_v4=#{@Forward_v4}")
log.info("Forward_v6=#{@Forward_v6}")

nil
end

def WriteIPForwarding
forward_ipv4 = @Forward_v4 ? "1" : "0"
forward_ipv6 = @Forward_v6 ? "1" : "0"
# Configures system for IPv4 forwarding
#
# @param [Boolean] true when forwarding should be enabled
def write_ipv4_forwarding(forward_ipv4)
sysctl_val = forward_ipv4 ? "1" : "0"

if SuSEFirewall.IsEnabled
# FIXME: missing support for setting IPv6 forwarding enablement in
# SuSEFirewall module and in SuSEFirewall2 at all
SuSEFirewall.SetSupportRoute(@Forward_v4)
SuSEFirewall.SetSupportRoute(forward_ipv4)
else
SCR.Write(
path(SYSCTL_IPV4_PATH),
forward_ipv4
)
SCR.Write(
path(SYSCTL_IPV6_PATH),
forward_ipv6
sysctl_val
)
SCR.Write(path(".etc.sysctl_conf"), nil)
SCR.Write(path(SYSCTL_AGENT_PATH), nil)
end

SCR.Execute(
path(".target.bash"),
"echo #{forward_ipv4} > /proc/sys/net/ipv4/ip_forward"
)
SCR.Execute(
path(".target.bash"),
"echo #{forward_ipv6} > /proc/sys/net/ipv6/conf/all/forwarding",
SCR.Execute(path(".target.bash"), "sysctl -w #{IPV4_SYSCTL}=#{sysctl_val}")

nil
end

# Configures system for IPv6 forwarding
#
# @param [Boolean] true when forwarding should be enabled
def write_ipv6_forwarding(forward_ipv6)
sysctl_val = forward_ipv6 ? "1" : "0"

# SuSEfirewall2 has no direct support for IPv6 (aka FW_FORWARD).
# Sysctl has to be configured manualy. bnc#916013
SCR.Write(
path(SYSCTL_IPV6_PATH),
sysctl_val
)
SCR.Write(path(SYSCTL_AGENT_PATH), nil)

SCR.Execute(path(".target.bash"), "sysctl -w #{IPV6_SYSCTL}=#{sysctl_val}")

nil
end

# Configures system for both IPv4 and IPv6 forwarding
def WriteIPForwarding
write_ipv4_forwarding(@Forward_v4)
write_ipv6_forwarding(@Forward_v6)
end

# Read routing settings
# If no routes, sets a default gateway from Detection
# @return true if success
Expand Down
23 changes: 2 additions & 21 deletions test/routing_test.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,21 +28,6 @@
SCR.stub(:Execute) { nil }
end

def fw_independent_write_expects
expect(SCR)
.to receive(:Execute)
.with(
path(".target.bash"),
"echo #{@value4} > /proc/sys/net/ipv4/ip_forward"
)
expect(SCR)
.to receive(:Execute)
.with(
path(".target.bash"),
"echo #{@value6} > /proc/sys/net/ipv6/conf/all/forwarding",
)
end

context "when Firewall is enabled" do

before(:each) do
Expand All @@ -55,9 +40,7 @@ def fw_independent_write_expects
.to receive(:SetSupportRoute)
.with(forward_v4)

fw_independent_write_expects

expect(Routing.WriteIPForwarding).to be_equal nil
expect(Yast::Routing.WriteIPForwarding).to be_equal nil
end
end
end
Expand All @@ -78,9 +61,7 @@ def fw_independent_write_expects
.to receive(:Write)
.with(SYSCTL_IPV6_PATH, @value6)

fw_independent_write_expects

expect(Routing.WriteIPForwarding).to be_equal nil
expect(Yast::Routing.WriteIPForwarding).to be_equal nil
end
end
end
Expand Down
5 changes: 3 additions & 2 deletions testsuite/tests/Network_YaPI.out
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -296,10 +296,11 @@ Read .etc.sysctl_conf."net.ipv6.conf.all.forwarding" nil
Execute .target.bash_output " LANG=C TERM=dumb COLUMNS=1024 systemctl --no-legend --no-pager --no-ask-password show SuSEfirewall2.service --property=Id --property=MainPID --property=Description --property=LoadState --property=ActiveState --property=SubState --property=UnitFileState --property=FragmentPath " $["exit":0, "stderr":"", "stdout":"laptop.suse.cz"]
Execute .target.bash_output " LANG=C TERM=dumb COLUMNS=1024 systemctl --no-legend --no-pager --no-ask-password is-enabled SuSEfirewall2.service " $["exit":0, "stderr":"", "stdout":"laptop.suse.cz"]
Write .etc.sysctl_conf."net.ipv4.ip_forward" "0" true
Write .etc.sysctl_conf nil true
Execute .target.bash "sysctl -w net.ipv4.ip_forward=0" 0
Write .etc.sysctl_conf."net.ipv6.conf.all.forwarding" "0" true
Write .etc.sysctl_conf nil true
Execute .target.bash "echo 0 > /proc/sys/net/ipv4/ip_forward" 0
Execute .target.bash "echo 0 > /proc/sys/net/ipv6/conf/all/forwarding" 0
Execute .target.bash "sysctl -w net.ipv6.conf.all.forwarding=0" 0
Read .target.size "/etc/sysconfig/network/routes" 27
Execute .target.bash "/bin/cp /etc/sysconfig/network/routes /etc/sysconfig/network/routes.YaST2save" 0
Execute .target.remove "/etc/sysconfig/network/ifroute-eth0" 0
Expand Down