summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2020-12-20 12:46:36 +0100
committerChristian Poessinger <christian@poessinger.com>2020-12-20 12:46:36 +0100
commit509fed31c63d52b5ffb73e58a2da75add699ede2 (patch)
tree6baed459322c8793976e55ec67e4043643bbda8b
parent0cf4694a23b20e7f15fb8b8b349c16dfc3e17ade (diff)
parent9541355433e202fade4692851bffa33ba9d48f44 (diff)
downloadvyos-1x-509fed31c63d52b5ffb73e58a2da75add699ede2.tar.gz
vyos-1x-509fed31c63d52b5ffb73e58a2da75add699ede2.zip
Merge branch 'duid' into current
* duid: dhcpv6: T3134: add missing duid support
-rw-r--r--interface-definitions/include/dhcpv6-options.xml.i12
-rw-r--r--interface-definitions/include/interface-mac.xml.i2
-rw-r--r--python/vyos/ifconfig/interface.py44
-rwxr-xr-xsrc/validators/ipv6-duid27
-rwxr-xr-xsrc/validators/mac-address2
5 files changed, 69 insertions, 18 deletions
diff --git a/interface-definitions/include/dhcpv6-options.xml.i b/interface-definitions/include/dhcpv6-options.xml.i
index 9a1016956..997d4f2a4 100644
--- a/interface-definitions/include/dhcpv6-options.xml.i
+++ b/interface-definitions/include/dhcpv6-options.xml.i
@@ -4,6 +4,18 @@
<help>DHCPv6 client settings/options</help>
</properties>
<children>
+ <leafNode name="duid">
+ <properties>
+ <help>DHCP unique identifier (DUID) to be sent by dhcpv6 client</help>
+ <valueHelp>
+ <format>&lt;h:h:h:h:h:h:h:h:h:h:h:h:h:h:h:h&gt;</format>
+ <description>DHCP unique identifier (DUID)</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-duid"/>
+ </constraint>
+ </properties>
+ </leafNode>
<leafNode name="parameters-only">
<properties>
<help>Acquire only config parameters, no address</help>
diff --git a/interface-definitions/include/interface-mac.xml.i b/interface-definitions/include/interface-mac.xml.i
index e277de85c..87dc5fb60 100644
--- a/interface-definitions/include/interface-mac.xml.i
+++ b/interface-definitions/include/interface-mac.xml.i
@@ -3,7 +3,7 @@
<properties>
<help>Media Access Control (MAC) address</help>
<valueHelp>
- <format>h:h:h:h:h:h</format>
+ <format>macaddr</format>
<description>Hardware (MAC) address</description>
</valueHelp>
<constraint>
diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py
index 7026223b1..18357125b 100644
--- a/python/vyos/ifconfig/interface.py
+++ b/python/vyos/ifconfig/interface.py
@@ -13,14 +13,15 @@
# You should have received a copy of the GNU Lesser General Public
# License along with this library. If not, see <http://www.gnu.org/licenses/>.
-from netifaces import interfaces
import os
import re
import json
import jmespath
+from binascii import unhexlify
from copy import deepcopy
from glob import glob
+from netifaces import interfaces
from ipaddress import IPv4Network
from ipaddress import IPv6Address
@@ -733,7 +734,7 @@ class Interface(Control):
>>> Interface('eth0').set_proxy_arp_pvlan(1)
"""
self.set_interface('proxy_arp_pvlan', enable)
-
+
def get_addr(self):
"""
@@ -889,7 +890,7 @@ class Interface(Control):
# drop all interface addresses first
self.flush_addrs()
-
+
ifname = self.ifname
for bridge, bridge_config in bridge_dict.items():
@@ -903,18 +904,18 @@ class Interface(Control):
# set bridge port path priority
if 'priority' in bridge_config:
self.set_path_cost(bridge_config['priority'])
-
+
vlan_filter = 0
vlan_add = set()
-
+
del_ifname_vlan_ids = get_vlan_ids(ifname)
bridge_vlan_filter = Section.klass(bridge)(bridge, create=True).get_vlan_filter()
-
+
if bridge_vlan_filter:
if 1 in del_ifname_vlan_ids:
del_ifname_vlan_ids.remove(1)
vlan_filter = 1
-
+
for vlan in del_ifname_vlan_ids:
cmd = f'bridge vlan del dev {ifname} vid {vlan}'
self._cmd(cmd)
@@ -937,13 +938,13 @@ class Interface(Control):
cmd = f'bridge vlan add dev {self.ifname} vid {vlan} master'
self._cmd(cmd)
vlan_add.add(vlan)
-
+
if vlan_filter:
# Setting VLAN ID for the bridge
for vlan in vlan_add:
cmd = f'bridge vlan add dev {bridge} vid {vlan} self'
self._cmd(cmd)
-
+
# enable/disable Vlan Filter
# When the VLAN aware option is not detected, the setting of `bridge` should not be overwritten
Section.klass(bridge)(bridge, create=True).set_vlan_filter(vlan_filter)
@@ -999,11 +1000,22 @@ class Interface(Control):
ifname = self.ifname
config_file = f'/run/dhcp6c/dhcp6c.{ifname}.conf'
+ duid_file = f'/var/lib/dhcpv6/dhcp6c_duid'
if enable and 'disable' not in self._config:
render(config_file, 'dhcp-client/ipv6.tmpl',
self._config)
+ duid = dict_search('dhcpv6_options.duid', self._config)
+ if duid != None:
+ # DUID file path hardcoded and must be written as binary.
+ # https://github.com/jinmei/wide-dhcpv6/blob/24ee2a4f0009bc/dhcp6c.h#L33
+ with open(duid_file, 'wb') as f:
+ f.write(unhexlify(duid.replace(':', '').encode()))
+ else:
+ if os.path.isfile(duid_file):
+ os.remove(duid_file)
+
# We must ignore any return codes. This is required to enable DHCPv6-PD
# for interfaces which are yet not up and running.
return self._popen(f'systemctl restart dhcp6c@{ifname}.service')
@@ -1012,6 +1024,8 @@ class Interface(Control):
if os.path.isfile(config_file):
os.remove(config_file)
+ if os.path.isfile(duid_file):
+ os.remove(duid_file)
def get_tc_config(self,objectname):
# Parse configuration
@@ -1041,7 +1055,7 @@ class Interface(Control):
# Remove existing mirroring rules
self.del_tc_qdisc(ifname,'ingress','ffff:')
self.del_tc_qdisc(ifname,'prio','1:')
-
+
# Setting up packet mirroring
ingress_mirror = dict_search('mirror.ingress', self._config)
# if interface does yet not exist bail out early and
@@ -1053,7 +1067,7 @@ class Interface(Control):
# Export the mirrored traffic to the interface
mirror_cmd = f'tc filter add dev {ifname} parent ffff: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress mirror dev {ingress_mirror}'
self._cmd(mirror_cmd)
-
+
egress_mirror = dict_search('mirror.egress', self._config)
# if interface does yet not exist bail out early and
# add it later
@@ -1071,14 +1085,14 @@ class Interface(Control):
# https://man7.org/linux/man-pages/man8/tc-mirred.8.html
ifname = self._config['ifname']
mirror_rules = self._config.get('is_monitor_intf')
-
+
# Remove existing mirroring rules
# The rule must be completely deleted first
for rule in mirror_rules:
for intf, dire in rule.items():
self.del_tc_qdisc(intf,'ingress','ffff:')
self.del_tc_qdisc(intf,'prio','1:')
-
+
# Setting mirror rules
for rule in mirror_rules:
for intf, dire in rule.items():
@@ -1265,11 +1279,11 @@ class Interface(Control):
if 'is_bridge_member' in config:
bridge_dict = config.get('is_bridge_member')
self.add_to_bridge(bridge_dict)
-
+
# Re-set rules for the mirror monitoring interface
if 'is_monitor_intf' in config:
self.apply_mirror_of_monitor()
-
+
# remove no longer required 802.1ad (Q-in-Q VLANs)
ifname = config['ifname']
for vif_s_id in config.get('vif_s_remove', {}):
diff --git a/src/validators/ipv6-duid b/src/validators/ipv6-duid
new file mode 100755
index 000000000..c0233b2f1
--- /dev/null
+++ b/src/validators/ipv6-duid
@@ -0,0 +1,27 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2020 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import re
+import sys
+
+pattern = "^([0-9A-Fa-f]{2}:){15}([0-9A-Fa-f]{2})$"
+
+if __name__ == '__main__':
+ if len(sys.argv) != 2:
+ sys.exit(1)
+ if not re.match(pattern, sys.argv[1]):
+ sys.exit(1)
+ sys.exit(0)
diff --git a/src/validators/mac-address b/src/validators/mac-address
index b2d3496f4..201dcaf12 100755
--- a/src/validators/mac-address
+++ b/src/validators/mac-address
@@ -17,10 +17,8 @@
import re
import sys
-
pattern = "^([0-9A-Fa-f]{2}[:]){5}([0-9A-Fa-f]{2})$"
-
if __name__ == '__main__':
if len(sys.argv) != 2:
sys.exit(1)