Merge remote-tracking branch 'origin/master'
This commit is contained in:
commit
87fbf37c8a
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*
|
*
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2018-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2018-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*
|
*
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -4,9 +4,10 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
#include <assert.h>
|
||||||
#include <sys/nv.h>
|
#include <sys/nv.h>
|
||||||
#include <sys/sockio.h>
|
#include <sys/sockio.h>
|
||||||
#include <dev/if_wg/if_wg.h>
|
#include <dev/wg/if_wg.h>
|
||||||
|
|
||||||
#define IPC_SUPPORTS_KERNEL_INTERFACE
|
#define IPC_SUPPORTS_KERNEL_INTERFACE
|
||||||
|
|
||||||
|
@ -118,7 +119,7 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
|
||||||
goto skip_peers;
|
goto skip_peers;
|
||||||
for (i = 0; i < peer_count; ++i) {
|
for (i = 0; i < peer_count; ++i) {
|
||||||
struct wgpeer *peer;
|
struct wgpeer *peer;
|
||||||
struct wgallowedip *aip;
|
struct wgallowedip *aip = NULL;
|
||||||
const nvlist_t *const *nvl_aips;
|
const nvlist_t *const *nvl_aips;
|
||||||
size_t aip_count, j;
|
size_t aip_count, j;
|
||||||
|
|
||||||
|
@ -169,11 +170,13 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
|
||||||
if (!aip_count || !nvl_aips)
|
if (!aip_count || !nvl_aips)
|
||||||
goto skip_allowed_ips;
|
goto skip_allowed_ips;
|
||||||
for (j = 0; j < aip_count; ++j) {
|
for (j = 0; j < aip_count; ++j) {
|
||||||
|
if (!nvlist_exists_number(nvl_aips[j], "cidr"))
|
||||||
|
continue;
|
||||||
|
if (!nvlist_exists_binary(nvl_aips[j], "ipv4") && !nvlist_exists_binary(nvl_aips[j], "ipv6"))
|
||||||
|
continue;
|
||||||
aip = calloc(1, sizeof(*aip));
|
aip = calloc(1, sizeof(*aip));
|
||||||
if (!aip)
|
if (!aip)
|
||||||
goto err_allowed_ips;
|
goto err_allowed_ips;
|
||||||
if (!nvlist_exists_number(nvl_aips[j], "cidr"))
|
|
||||||
continue;
|
|
||||||
number = nvlist_get_number(nvl_aips[j], "cidr");
|
number = nvlist_get_number(nvl_aips[j], "cidr");
|
||||||
if (nvlist_exists_binary(nvl_aips[j], "ipv4")) {
|
if (nvlist_exists_binary(nvl_aips[j], "ipv4")) {
|
||||||
binary = nvlist_get_binary(nvl_aips[j], "ipv4", &size);
|
binary = nvlist_get_binary(nvl_aips[j], "ipv4", &size);
|
||||||
|
@ -184,7 +187,8 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
|
||||||
aip->family = AF_INET;
|
aip->family = AF_INET;
|
||||||
aip->cidr = number;
|
aip->cidr = number;
|
||||||
memcpy(&aip->ip4, binary, sizeof(aip->ip4));
|
memcpy(&aip->ip4, binary, sizeof(aip->ip4));
|
||||||
} else if (nvlist_exists_binary(nvl_aips[j], "ipv6")) {
|
} else {
|
||||||
|
assert(nvlist_exists_binary(nvl_aips[j], "ipv6"));
|
||||||
binary = nvlist_get_binary(nvl_aips[j], "ipv6", &size);
|
binary = nvlist_get_binary(nvl_aips[j], "ipv6", &size);
|
||||||
if (!binary || number > 128) {
|
if (!binary || number > 128) {
|
||||||
ret = EINVAL;
|
ret = EINVAL;
|
||||||
|
@ -193,14 +197,14 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
|
||||||
aip->family = AF_INET6;
|
aip->family = AF_INET6;
|
||||||
aip->cidr = number;
|
aip->cidr = number;
|
||||||
memcpy(&aip->ip6, binary, sizeof(aip->ip6));
|
memcpy(&aip->ip6, binary, sizeof(aip->ip6));
|
||||||
} else
|
}
|
||||||
continue;
|
|
||||||
|
|
||||||
if (!peer->first_allowedip)
|
if (!peer->first_allowedip)
|
||||||
peer->first_allowedip = aip;
|
peer->first_allowedip = aip;
|
||||||
else
|
else
|
||||||
peer->last_allowedip->next_allowedip = aip;
|
peer->last_allowedip->next_allowedip = aip;
|
||||||
peer->last_allowedip = aip;
|
peer->last_allowedip = aip;
|
||||||
|
aip = NULL;
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
err_allowed_ips:
|
err_allowed_ips:
|
||||||
|
@ -209,6 +213,9 @@ static int kernel_get_device(struct wgdevice **device, const char *ifname)
|
||||||
free(aip);
|
free(aip);
|
||||||
goto err_peer;
|
goto err_peer;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Nothing leaked, hopefully -- ownership transferred or aip freed. */
|
||||||
|
assert(aip == NULL);
|
||||||
skip_allowed_ips:
|
skip_allowed_ips:
|
||||||
if (!dev->first_peer)
|
if (!dev->first_peer)
|
||||||
dev->first_peer = peer;
|
dev->first_peer = peer;
|
||||||
|
@ -322,6 +329,7 @@ static int kernel_set_device(struct wgdevice *dev)
|
||||||
nvlist_destroy(nvl_aips[j]);
|
nvlist_destroy(nvl_aips[j]);
|
||||||
free(nvl_aips);
|
free(nvl_aips);
|
||||||
nvlist_destroy(nvl_peers[i]);
|
nvlist_destroy(nvl_peers[i]);
|
||||||
|
nvl_peers[i] = NULL;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (i) {
|
if (i) {
|
||||||
|
@ -329,9 +337,11 @@ static int kernel_set_device(struct wgdevice *dev)
|
||||||
for (i = 0; i < peer_count; ++i)
|
for (i = 0; i < peer_count; ++i)
|
||||||
nvlist_destroy(nvl_peers[i]);
|
nvlist_destroy(nvl_peers[i]);
|
||||||
free(nvl_peers);
|
free(nvl_peers);
|
||||||
|
nvl_peers = NULL;
|
||||||
}
|
}
|
||||||
wgd.wgd_data = nvlist_pack(nvl_device, &wgd.wgd_size);
|
wgd.wgd_data = nvlist_pack(nvl_device, &wgd.wgd_size);
|
||||||
nvlist_destroy(nvl_device);
|
nvlist_destroy(nvl_device);
|
||||||
|
nvl_device = NULL;
|
||||||
if (!wgd.wgd_data)
|
if (!wgd.wgd_data)
|
||||||
goto err;
|
goto err;
|
||||||
s = get_dgram_socket();
|
s = get_dgram_socket();
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -168,7 +168,7 @@ sockets, which bypass Netfilter.) When IPv6 is in use, additional similar lines
|
||||||
Or, perhaps it is desirable to store private keys in encrypted form, such as through use of
|
Or, perhaps it is desirable to store private keys in encrypted form, such as through use of
|
||||||
.BR pass (1):
|
.BR pass (1):
|
||||||
|
|
||||||
\fBPostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)\fP
|
\fBPreUp = wg set %i private-key <(pass WireGuard/private-keys/%i)\fP
|
||||||
.br
|
.br
|
||||||
|
|
||||||
For use on a server, the following is a more complicated example involving multiple peers:
|
For use on a server, the following is a more complicated example involving multiple peers:
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
@ -27,7 +27,7 @@
|
||||||
static int peer_cmp(const void *first, const void *second)
|
static int peer_cmp(const void *first, const void *second)
|
||||||
{
|
{
|
||||||
time_t diff;
|
time_t diff;
|
||||||
const struct wgpeer *a = *(const void **)first, *b = *(const void **)second;
|
const struct wgpeer *a = *(void *const *)first, *b = *(void *const *)second;
|
||||||
|
|
||||||
if (!a->last_handshake_time.tv_sec && !a->last_handshake_time.tv_nsec && (b->last_handshake_time.tv_sec || b->last_handshake_time.tv_nsec))
|
if (!a->last_handshake_time.tv_sec && !a->last_handshake_time.tv_nsec && (b->last_handshake_time.tv_sec || b->last_handshake_time.tv_nsec))
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -312,9 +312,9 @@ static bool ugly_print(struct wgdevice *device, const char *param, bool with_int
|
||||||
else
|
else
|
||||||
printf("off\n");
|
printf("off\n");
|
||||||
} else if (!strcmp(param, "endpoints")) {
|
} else if (!strcmp(param, "endpoints")) {
|
||||||
if (with_interface)
|
|
||||||
printf("%s\t", device->name);
|
|
||||||
for_each_wgpeer(device, peer) {
|
for_each_wgpeer(device, peer) {
|
||||||
|
if (with_interface)
|
||||||
|
printf("%s\t", device->name);
|
||||||
printf("%s\t", key(peer->public_key));
|
printf("%s\t", key(peer->public_key));
|
||||||
if (peer->endpoint.addr.sa_family == AF_INET || peer->endpoint.addr.sa_family == AF_INET6)
|
if (peer->endpoint.addr.sa_family == AF_INET || peer->endpoint.addr.sa_family == AF_INET6)
|
||||||
printf("%s\n", endpoint(&peer->endpoint.addr));
|
printf("%s\n", endpoint(&peer->endpoint.addr));
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
// SPDX-License-Identifier: GPL-2.0
|
// SPDX-License-Identifier: GPL-2.0 OR MIT
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* SPDX-License-Identifier: GPL-2.0 */
|
/* SPDX-License-Identifier: GPL-2.0 OR MIT */
|
||||||
/*
|
/*
|
||||||
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
* Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -855,7 +855,7 @@ static void set_dnses(unsigned int netid, const char *dnses)
|
||||||
if (!len)
|
if (!len)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
xregcomp(®ex_ipnothost, "^[a-zA-Z0-9_=+.-]{1,15}$", REG_EXTENDED | REG_NOSUB);
|
xregcomp(®ex_ipnothost, "(^[0-9.]+$)|(^.*:.*$)", REG_EXTENDED | REG_NOSUB);
|
||||||
for (char *dns = strtok(mutable, ", \t\n"); dns; dns = strtok(NULL, ", \t\n")) {
|
for (char *dns = strtok(mutable, ", \t\n"); dns; dns = strtok(NULL, ", \t\n")) {
|
||||||
if (strchr(dns, '\'') || strchr(dns, '\\'))
|
if (strchr(dns, '\'') || strchr(dns, '\\'))
|
||||||
continue;
|
continue;
|
||||||
|
|
|
@ -452,8 +452,8 @@ cmd_up() {
|
||||||
local i
|
local i
|
||||||
get_real_interface && die "\`$INTERFACE' already exists as \`$REAL_INTERFACE'"
|
get_real_interface && die "\`$INTERFACE' already exists as \`$REAL_INTERFACE'"
|
||||||
trap 'del_if; del_routes; exit' INT TERM EXIT
|
trap 'del_if; del_routes; exit' INT TERM EXIT
|
||||||
execute_hooks "${PRE_UP[@]}"
|
|
||||||
add_if
|
add_if
|
||||||
|
execute_hooks "${PRE_UP[@]}"
|
||||||
set_config
|
set_config
|
||||||
for i in "${ADDRESSES[@]}"; do
|
for i in "${ADDRESSES[@]}"; do
|
||||||
add_addr "$i"
|
add_addr "$i"
|
||||||
|
|
|
@ -420,8 +420,8 @@ cmd_up() {
|
||||||
local i
|
local i
|
||||||
[[ -z $(ifconfig "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
|
[[ -z $(ifconfig "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
|
||||||
trap 'del_if; del_routes; clean_temp; exit' INT TERM EXIT
|
trap 'del_if; del_routes; clean_temp; exit' INT TERM EXIT
|
||||||
execute_hooks "${PRE_UP[@]}"
|
|
||||||
add_if
|
add_if
|
||||||
|
execute_hooks "${PRE_UP[@]}"
|
||||||
set_config
|
set_config
|
||||||
for i in "${ADDRESSES[@]}"; do
|
for i in "${ADDRESSES[@]}"; do
|
||||||
add_addr "$i"
|
add_addr "$i"
|
||||||
|
|
|
@ -254,9 +254,10 @@ add_default() {
|
||||||
fi
|
fi
|
||||||
local proto=-4 iptables=iptables pf=ip
|
local proto=-4 iptables=iptables pf=ip
|
||||||
[[ $1 == *:* ]] && proto=-6 iptables=ip6tables pf=ip6
|
[[ $1 == *:* ]] && proto=-6 iptables=ip6tables pf=ip6
|
||||||
cmd ip $(option_ns) $proto route add "$1" dev "$INTERFACE" table $table
|
|
||||||
cmd ip $(option_ns) $proto rule add not fwmark $table table $table
|
cmd ip $(option_ns) $proto rule add not fwmark $table table $table
|
||||||
cmd ip $(option_ns) $proto rule add table main suppress_prefixlength 0
|
cmd ip $(option_ns) $proto rule add table main suppress_prefixlength 0
|
||||||
|
cmd ip $(option_ns) $proto route add "$1" dev "$INTERFACE" table $table
|
||||||
|
|
||||||
local marker="-m comment --comment \"wg-quick(8) rule for $INTERFACE\"" restore=$'*raw\n' nftable="wg-quick-$INTERFACE" nftcmd
|
local marker="-m comment --comment \"wg-quick(8) rule for $INTERFACE\"" restore=$'*raw\n' nftable="wg-quick-$INTERFACE" nftcmd
|
||||||
printf -v nftcmd '%sadd table %s %s\n' "$nftcmd" "$pf" "$nftable"
|
printf -v nftcmd '%sadd table %s %s\n' "$nftcmd" "$pf" "$nftable"
|
||||||
|
@ -370,9 +371,10 @@ cmd_up() {
|
||||||
[[ -z $(ip link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
|
[[ -z $(ip link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
|
||||||
[[ -z $(ip $(option_ns) link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists in $NAMESPACE."
|
[[ -z $(ip $(option_ns) link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists in $NAMESPACE."
|
||||||
trap 'del_if; exit' INT TERM EXIT
|
trap 'del_if; exit' INT TERM EXIT
|
||||||
|
|
||||||
add_ns
|
add_ns
|
||||||
execute_hooks "${PRE_UP[@]}"
|
|
||||||
add_if
|
add_if
|
||||||
|
execute_hooks "${PRE_UP[@]}"
|
||||||
set_config
|
set_config
|
||||||
for i in "${ADDRESSES[@]}"; do
|
for i in "${ADDRESSES[@]}"; do
|
||||||
add_addr "$i"
|
add_addr "$i"
|
||||||
|
|
|
@ -417,8 +417,8 @@ cmd_up() {
|
||||||
local i
|
local i
|
||||||
get_real_interface && die "\`$INTERFACE' already exists as \`$REAL_INTERFACE'"
|
get_real_interface && die "\`$INTERFACE' already exists as \`$REAL_INTERFACE'"
|
||||||
trap 'del_if; del_routes; exit' INT TERM EXIT
|
trap 'del_if; del_routes; exit' INT TERM EXIT
|
||||||
execute_hooks "${PRE_UP[@]}"
|
|
||||||
add_if
|
add_if
|
||||||
|
execute_hooks "${PRE_UP[@]}"
|
||||||
set_config
|
set_config
|
||||||
for i in "${ADDRESSES[@]}"; do
|
for i in "${ADDRESSES[@]}"; do
|
||||||
add_addr "$i"
|
add_addr "$i"
|
||||||
|
|
Reference in New Issue