Add 'proxyarp' interface option

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@158 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-12-22 06:10:42 +01:00 · 2002-07-25 16:31:46 +00:00 · 2002-07-25 16:31:46 +00:00 · 7e54769ec5
commit 7e54769ec5
parent 409216ed72
2 changed files with 26 additions and 4 deletions
--- a/Lrp/etc/init.d/shorewall
+++ b/Lrp/etc/init.d/shorewall
@ -512,7 +512,9 @@ validate_interfaces_file() {

 	for option in `separate_list $options`; do
 	    case $option in
-	    dhcp|noping|filterping|routestopped|norfc1918|multi|routefilter|dropunclean|logunclean|blacklist|-)
+	    dhcp|noping|filterping|routestopped|norfc1918|multi)
+                ;;
+	    routefilter|dropunclean|logunclean|blacklist|proxyarp|-)
 		;;
 	    *)
 		error_message "Warning: Invalid option ($option) in record \"$r\""
@ -1228,6 +1230,16 @@ setup_proxy_arp() {
 	expandv address interface external haveroute
 	setup_one_proxy_arp
    done < $TMP_DIR/proxyarp
+
+    interfaces=`find_interfaces_by_option proxyarp`
+
+    for interface in $interfaces; do
+	if qt echo 1 > /proc/sys/net/ipv4/conf/$interface/proxy_arp; then
+	    echo "   Enabled proxy ARP on $interface"
+        else
+	    error_message "Warning: Unable to enable proxy ARP on $interface"
+        fi
+    done
 }

 ###############################################################################
@ -1268,15 +1280,16 @@ delete_proxy_arp() {
 	while read address interface external haveroute; do
 	    qt arp -i $external -d $address pub
 	    [ -z "$haveroute" ] && qt ip route del $address dev $interface
-
-	    echo 0 > /proc/sys/net/ipv4/conf/$external/proxy_arp
-	    echo 0 > /proc/sys/net/ipv4/conf/$interface/proxy_arp
 	done < ${STATEDIR}/proxyarp

 	rm -f ${STATEDIR}/proxyarp
    fi

    [ -d ${STATEDIR} ] && touch ${STATEDIR}/proxyarp
+
+    for f in `ls /proc/sys/net/ipv4/conf/*/proxy_arp`; do
+	echo 0 > $f
+    done
 }

 ################################################################################
--- a/Lrp/etc/shorewall/interfaces
+++ b/Lrp/etc/shorewall/interfaces
@ -73,6 +73,15 @@
 #	.	.	blacklist    - Check packets arriving on this interface
 #				       against the /etc/shorewall/blacklist
 #				       file.
+#			proxyarp     - 
+#				Sets 
+#				/proc/sys/net/ipv4/conf/<interface>/proxy_arp.
+#				Do NOT use this option if you are
+#				employing Proxy ARP through entries in
+#				/etc/shorewall/proxyarp. This option is
+#				intended soley for use with Proxy ARP
+#				sub-networking as described at:
+#				http://www.tldp.org/HOWTO/mini/Proxy-ARP-Subnet
 #			
 #			The order in which you list the options is not
 #			significant but the list should have no embedded white