extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-22 14:20:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add 'proxyarp' interface option

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@158 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-07-25 16:31:46 +00:00
parent 409216ed72
commit 7e54769ec5
2 changed files with 26 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
Lrp/etc/init.d/shorewall
View File

@ -512,7 +512,9 @@ validate_interfaces_file() {
for option in `separate_list $options`; do for option in `separate_list $options`; do
case $option in case $option in
dhcp|noping|filterping|routestopped|norfc1918|multi|routefilter|dropunclean|logunclean|blacklist|-) dhcp|noping|filterping|routestopped|norfc1918|multi)
;;
routefilter|dropunclean|logunclean|blacklist|proxyarp|-)
;; ;;
*) *)
error_message "Warning: Invalid option ($option) in record \"$r\"" error_message "Warning: Invalid option ($option) in record \"$r\""
@ -1228,6 +1230,16 @@ setup_proxy_arp() {
expandv address interface external haveroute expandv address interface external haveroute
setup_one_proxy_arp setup_one_proxy_arp
done < $TMP_DIR/proxyarp done < $TMP_DIR/proxyarp
interfaces=`find_interfaces_by_option proxyarp`
for interface in $interfaces; do
if qt echo 1 > /proc/sys/net/ipv4/conf/$interface/proxy_arp; then
echo " Enabled proxy ARP on $interface"
else
error_message "Warning: Unable to enable proxy ARP on $interface"
fi
done
} }
############################################################################### ###############################################################################
@ -1268,15 +1280,16 @@ delete_proxy_arp() {
while read address interface external haveroute; do while read address interface external haveroute; do
qt arp -i $external -d $address pub qt arp -i $external -d $address pub
[ -z "$haveroute" ] && qt ip route del $address dev $interface [ -z "$haveroute" ] && qt ip route del $address dev $interface
echo 0 > /proc/sys/net/ipv4/conf/$external/proxy_arp
echo 0 > /proc/sys/net/ipv4/conf/$interface/proxy_arp
done < ${STATEDIR}/proxyarp done < ${STATEDIR}/proxyarp
rm -f ${STATEDIR}/proxyarp rm -f ${STATEDIR}/proxyarp
fi fi
[ -d ${STATEDIR} ] && touch ${STATEDIR}/proxyarp [ -d ${STATEDIR} ] && touch ${STATEDIR}/proxyarp
for f in `ls /proc/sys/net/ipv4/conf/*/proxy_arp`; do
echo 0 > $f
done
} }
################################################################################ ################################################################################

9
Lrp/etc/shorewall/interfaces
View File

@ -73,6 +73,15 @@
# . . blacklist - Check packets arriving on this interface # . . blacklist - Check packets arriving on this interface
# against the /etc/shorewall/blacklist # against the /etc/shorewall/blacklist
# file. # file.
# proxyarp -
# Sets
# /proc/sys/net/ipv4/conf/<interface>/proxy_arp.
# Do NOT use this option if you are
# employing Proxy ARP through entries in
# /etc/shorewall/proxyarp. This option is
# intended soley for use with Proxy ARP
# sub-networking as described at:
# http://www.tldp.org/HOWTO/mini/Proxy-ARP-Subnet
# #
# The order in which you list the options is not # The order in which you list the options is not
# significant but the list should have no embedded white # significant but the list should have no embedded white