Default values for 'vs' interface
This commit is contained in:
parent
e4ac7f411c
commit
4cb1c01938
19
cmdline.c
19
cmdline.c
@ -282,12 +282,11 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
|
||||
.max_conns_per_ip = 0,
|
||||
.tmpfs_size = 4 * (1024 * 1024),
|
||||
.mount_proc = true,
|
||||
.iface = NULL,
|
||||
.iface_no_lo = false,
|
||||
.iface_vs_ip = "0.0.0.0",
|
||||
.iface_vs_nm = "255.255.255.255",
|
||||
.iface = NULL,
|
||||
.iface_vs_ip = "192.168.255.2",
|
||||
.iface_vs_nm = "255.255.255.0",
|
||||
.iface_vs_gw = "0.0.0.0",
|
||||
.sbinip_fd = -1,
|
||||
};
|
||||
/* *INDENT-OFF* */
|
||||
|
||||
@ -351,8 +350,8 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
|
||||
{{"tmpfsmount", required_argument, NULL, 'T'}, "List of mountpoints to be mounted as RW/tmpfs inside the container. Can be specified multiple times. Supports 'dest' syntax"},
|
||||
{{"tmpfs_size", required_argument, NULL, 0x0602}, "Number of bytes to allocate for tmpfsmounts (default: 4194304)"},
|
||||
{{"disable_proc", no_argument, NULL, 0x0603}, "Disable mounting /proc in the jail"},
|
||||
{{"iface", required_argument, NULL, 'I'}, "Interface which will be cloned (MACVTAP) and put inside the subprocess' namespace as 'vs'"},
|
||||
{{"iface_no_lo", no_argument, NULL, 0x700}, "Don't Bring up the 'lo' interface"},
|
||||
{{"iface", required_argument, NULL, 'I'}, "Interface which will be cloned (MACVTAP) and put inside the subprocess' namespace as 'vs'"},
|
||||
{{"iface_vs_ip", required_argument, NULL, 0x701}, "IP of the 'vs' interface"},
|
||||
{{"iface_vs_nm", required_argument, NULL, 0x702}, "Netmask of the 'vs' interface"},
|
||||
{{"iface_vs_gw", required_argument, NULL, 0x703}, "Default GW for the 'vs' interface"},
|
||||
@ -560,12 +559,12 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
|
||||
break;
|
||||
}
|
||||
break;
|
||||
case 'I':
|
||||
nsjconf->iface = optarg;
|
||||
break;
|
||||
case 0x700:
|
||||
nsjconf->iface_no_lo = true;
|
||||
break;
|
||||
case 'I':
|
||||
nsjconf->iface = optarg;
|
||||
break;
|
||||
case 0x701:
|
||||
nsjconf->iface_vs_ip = optarg;
|
||||
break;
|
||||
@ -622,9 +621,5 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
|
||||
return false;
|
||||
}
|
||||
|
||||
if ((nsjconf->sbinip_fd = open("/sbin/ip", O_RDONLY)) == -1) {
|
||||
PLOG_E("No /sbin/ip on your system. Networking support is limited");
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
3
common.h
3
common.h
@ -98,12 +98,11 @@ struct nsjconf_t {
|
||||
unsigned int max_conns_per_ip;
|
||||
size_t tmpfs_size;
|
||||
bool mount_proc;
|
||||
char *iface;
|
||||
bool iface_no_lo;
|
||||
const char *iface;
|
||||
const char *iface_vs_ip;
|
||||
const char *iface_vs_nm;
|
||||
const char *iface_vs_gw;
|
||||
int sbinip_fd;
|
||||
TAILQ_HEAD(envlist, charptr_t) envs;
|
||||
TAILQ_HEAD(pidslist, pids_t) pids;
|
||||
TAILQ_HEAD(mountptslist, mounts_t) mountpts;
|
||||
|
12
net.c
12
net.c
@ -56,8 +56,8 @@ static bool netSystemSbinIp(struct nsjconf_t *nsjconf, char *const *argv)
|
||||
return false;
|
||||
}
|
||||
if (pid == 0) {
|
||||
fexecve(nsjconf->sbinip_fd, argv, environ);
|
||||
PLOG_E("fexecve('fd=%d')", nsjconf->sbinip_fd);
|
||||
execve("/sbin/ip", argv, environ);
|
||||
PLOG_E("execve('/sbin/ip'");
|
||||
_exit(1);
|
||||
}
|
||||
|
||||
@ -97,7 +97,7 @@ bool netCloneMacVtapAndNS(struct nsjconf_t *nsjconf, int pid)
|
||||
snprintf(iface, sizeof(iface), "NS.TAP.%d", pid);
|
||||
|
||||
char *const argv_add[] =
|
||||
{ "ip", "link", "add", "link", nsjconf->iface, iface, "type", "macvtap", NULL };
|
||||
{ "ip", "link", "add", "link", (char *)nsjconf->iface, iface, "type", "macvtap", NULL };
|
||||
if (netSystemSbinIp(nsjconf, argv_add) == false) {
|
||||
LOG_E("Couldn't create MACVTAP interface for '%s'", nsjconf->iface);
|
||||
return false;
|
||||
@ -342,6 +342,12 @@ bool netConfigureVs(struct nsjconf_t * nsjconf)
|
||||
return false;
|
||||
}
|
||||
|
||||
if (addr.s_addr == INADDR_ANY) {
|
||||
LOG_I("Gateway address for '%s' is 0.0.0.0. Not adding the default route",
|
||||
IFACE_NAME);
|
||||
return true;
|
||||
}
|
||||
|
||||
struct rtentry rt;
|
||||
memset(&rt, '\0', sizeof(rt));
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user