From c0ad57b0797e3927f850f704029b53599a0e10ae Mon Sep 17 00:00:00 2001 From: pmp1 Date: Wed, 19 Nov 2025 01:21:45 -0500 Subject: [PATCH] Add integ/networking for Trixie Added packaging support for Trixie under 'debian/trixie/'. This change brings updates from the 'f/trixie' branch into 'master' to ensure consistent functionality and packaging structure across both branches. dpdk ifupdown ifupdown-extra ifenslave iputils lldpd net-tools openvswitch Story: 2011360 Task: 53245 Change-Id: I436d3a3a9a3a0d309b279112b320323878d51099 Signed-off-by: pmp1 Signed-off-by: Abhinav Ayyapasetti --- ...1-Adding-STX-kernel-build-dependency.patch | 56 ++ .../dpdk/debian/trixie/deb_patches/series | 1 + networking/dpdk/debian/trixie/meta_data.yaml | 13 + ...-script-if-it-is-a-labeled-interface.patch | 67 ++ .../debian/trixie/deb_patches/series | 1 + .../ifenslave/debian/trixie/meta_data.yaml | 7 + ...r-prefix-length-on-etc-network-route.patch | 252 +++++++ ...gnore-IFACE-all-for-ifupdown-scripts.patch | 73 ++ .../0003-Handle-default-route-creation.patch | 152 +++++ ...D-and-gateway-detection-improve-logs.patch | 435 ++++++++++++ ...t-for-gateway-checking-in-dual-stack.patch | 238 +++++++ ...ck-of-address-warning-if-method-isn-.patch | 37 + .../debian/trixie/deb_patches/series | 6 + .../debian/trixie/meta_data.yaml | 7 + .../0001-Fix-detection-logic.patch | 70 ++ ...ix-long-labels-cause-command-to-fail.patch | 37 + ...out-interface-label-when-setting-MTU.patch | 42 ++ ...-Check-for-existing-IP-before-adding.patch | 630 ++++++++++++++++++ .../ifupdown/debian/trixie/deb_patches/series | 4 + .../ifupdown/debian/trixie/meta_data.yaml | 7 + .../iputils/debian/trixie/meta_data.yaml | 7 + ...t-pattern-matching-on-response-when-.patch | 120 ++++ .../0002-ping-Move-ping_rts-multicast.patch | 37 + ...y-from-Subnet-Router-anycast-address.patch | 134 ++++ ...reply-with-wrong-source-with-warning.patch | 150 +++++ .../iputils/debian/trixie/patches/series | 4 + .../debian-configure-lldp-initscript.patch | 23 + .../lldpd/debian/trixie/deb_patches/series | 1 + networking/lldpd/debian/trixie/meta_data.yaml | 6 + .../trixie/patches/lldpd-create-run-dir.patch | 12 + .../trixie/patches/lldpd-i40e-disable.patch | 230 +++++++ networking/lldpd/debian/trixie/patches/series | 2 + .../net-tools/debian/trixie/meta_data.yaml | 6 + .../net-tools-hostname-ipv6-shortname.patch | 36 + ...t-tools-ifconfig-no-ifstate-on-flush.patch | 32 + .../net-tools/debian/trixie/patches/series | 2 + .../fix-openvswitch-vtep-race.patch | 31 + .../debian/trixie/deb_patches/series | 1 + .../debian/trixie/docker/Dockerfile | 28 + .../openvswitch/debian/trixie/meta_data.yaml | 9 + .../debian/trixie/stx-ovs.stable_docker_image | 2 + 41 files changed, 3008 insertions(+) create mode 100644 networking/dpdk/debian/trixie/deb_patches/0001-Adding-STX-kernel-build-dependency.patch create mode 100644 networking/dpdk/debian/trixie/deb_patches/series create mode 100644 networking/dpdk/debian/trixie/meta_data.yaml create mode 100644 networking/ifenslave/debian/trixie/deb_patches/0001-Skip-script-if-it-is-a-labeled-interface.patch create mode 100644 networking/ifenslave/debian/trixie/deb_patches/series create mode 100644 networking/ifenslave/debian/trixie/meta_data.yaml create mode 100644 networking/ifupdown-extra/debian/trixie/deb_patches/0001-Accept-netmask-or-prefix-length-on-etc-network-route.patch create mode 100644 networking/ifupdown-extra/debian/trixie/deb_patches/0002-ignore-IFACE-all-for-ifupdown-scripts.patch create mode 100644 networking/ifupdown-extra/debian/trixie/deb_patches/0003-Handle-default-route-creation.patch create mode 100644 networking/ifupdown-extra/debian/trixie/deb_patches/0004-Fix-DAD-and-gateway-detection-improve-logs.patch create mode 100644 networking/ifupdown-extra/debian/trixie/deb_patches/0005-Correct-support-for-gateway-checking-in-dual-stack.patch create mode 100644 networking/ifupdown-extra/debian/trixie/deb_patches/0006-Only-generate-lack-of-address-warning-if-method-isn-.patch create mode 100644 networking/ifupdown-extra/debian/trixie/deb_patches/series create mode 100644 networking/ifupdown-extra/debian/trixie/meta_data.yaml create mode 100644 networking/ifupdown/debian/trixie/deb_patches/0001-Fix-detection-logic.patch create mode 100644 networking/ifupdown/debian/trixie/deb_patches/0002-Fix-long-labels-cause-command-to-fail.patch create mode 100644 networking/ifupdown/debian/trixie/deb_patches/0003-filter-out-interface-label-when-setting-MTU.patch create mode 100644 networking/ifupdown/debian/trixie/deb_patches/0004-Check-for-existing-IP-before-adding.patch create mode 100644 networking/ifupdown/debian/trixie/deb_patches/series create mode 100644 networking/ifupdown/debian/trixie/meta_data.yaml create mode 100644 networking/iputils/debian/trixie/meta_data.yaml create mode 100644 networking/iputils/debian/trixie/patches/0001-Revert-Add-strict-pattern-matching-on-response-when-.patch create mode 100644 networking/iputils/debian/trixie/patches/0002-ping-Move-ping_rts-multicast.patch create mode 100644 networking/iputils/debian/trixie/patches/0003-ping-Print-reply-from-Subnet-Router-anycast-address.patch create mode 100644 networking/iputils/debian/trixie/patches/0004-ping-Print-reply-with-wrong-source-with-warning.patch create mode 100644 networking/iputils/debian/trixie/patches/series create mode 100644 networking/lldpd/debian/trixie/deb_patches/debian-configure-lldp-initscript.patch create mode 100644 networking/lldpd/debian/trixie/deb_patches/series create mode 100644 networking/lldpd/debian/trixie/meta_data.yaml create mode 100644 networking/lldpd/debian/trixie/patches/lldpd-create-run-dir.patch create mode 100644 networking/lldpd/debian/trixie/patches/lldpd-i40e-disable.patch create mode 100644 networking/lldpd/debian/trixie/patches/series create mode 100644 networking/net-tools/debian/trixie/meta_data.yaml create mode 100644 networking/net-tools/debian/trixie/patches/net-tools-hostname-ipv6-shortname.patch create mode 100644 networking/net-tools/debian/trixie/patches/net-tools-ifconfig-no-ifstate-on-flush.patch create mode 100644 networking/net-tools/debian/trixie/patches/series create mode 100644 networking/openvswitch/debian/trixie/deb_patches/fix-openvswitch-vtep-race.patch create mode 100644 networking/openvswitch/debian/trixie/deb_patches/series create mode 100644 networking/openvswitch/debian/trixie/docker/Dockerfile create mode 100644 networking/openvswitch/debian/trixie/meta_data.yaml create mode 100644 networking/openvswitch/debian/trixie/stx-ovs.stable_docker_image diff --git a/networking/dpdk/debian/trixie/deb_patches/0001-Adding-STX-kernel-build-dependency.patch b/networking/dpdk/debian/trixie/deb_patches/0001-Adding-STX-kernel-build-dependency.patch new file mode 100644 index 000000000..68e4120be --- /dev/null +++ b/networking/dpdk/debian/trixie/deb_patches/0001-Adding-STX-kernel-build-dependency.patch @@ -0,0 +1,56 @@ +From 3010aa5cfac3a70740f70f24025e25cef0eba21d Mon Sep 17 00:00:00 2001 +From: Thales Elero Cervi +Date: Thu, 24 Jul 2025 11:57:40 -0300 +Subject: [PATCH] Adding STX kernel build dependency + +This patch updates the dpdk debian build files to include StarlingX +Linux kernel as a build dependency. Kernel path is then used for the +Meson build option "kernel_dir", mapping the proper kernel headers in +build time. + +Signed-off-by: Thales Elero Cervi +--- + debian/control | 2 ++ + debian/rules | 6 ++++++ + 2 files changed, 8 insertions(+) + +diff --git a/debian/control b/debian/control +index 80fa7f68d6..46da9f07fe 100644 +--- a/debian/control ++++ b/debian/control +@@ -22,6 +22,8 @@ Build-Depends: chrpath, + libnuma-dev, + libpcap-dev, + libssl-dev, ++ linux@KERNEL_TYPE@-headers-stx-amd64, ++ linux@KERNEL_TYPE@-keys, + meson (>= 0.47.1~), + pkg-config, + python3, +diff --git a/debian/rules b/debian/rules +index 182123d959..d64807ade9 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -15,6 +15,11 @@ ifeq (,$(findstring terse,$(DEB_BUILD_OPTIONS))) + export DH_OPTIONS=-v + endif + ++# STX: Including StarlingX Kernel headers for Meson build options ++kheaders_name=$(shell ls /usr/src | grep linux@KERNEL_TYPE@-headers | grep amd64) ++kversion=$(shell echo $(kheaders_name) | sed 's/linux@KERNEL_TYPE@-headers-//g') ++export STAGING_KERNEL_DIR=/usr/src/kernels/$(kversion)/ ++ + # People rebuilding this package can overwrite RTE_MACHINE + # via DEB_BUILD_OPTIONS if they like + ifneq (,$(filter rte_machine=%,$(DEB_BUILD_OPTIONS))) +@@ -85,6 +90,7 @@ override_dh_auto_configure: + dh_auto_configure -- $(DPDK_CONFIG_OPTIONS) \ + --includedir=include/dpdk \ + --default-library=shared \ ++ -Dkernel_dir=$(STAGING_KERNEL_DIR) \ + -Dinclude_subdir_arch=../$(DEB_HOST_MULTIARCH)/dpdk \ + -Dmachine=$(RTE_MACHINE) + +-- +2.34.1 + diff --git a/networking/dpdk/debian/trixie/deb_patches/series b/networking/dpdk/debian/trixie/deb_patches/series new file mode 100644 index 000000000..94e4065c9 --- /dev/null +++ b/networking/dpdk/debian/trixie/deb_patches/series @@ -0,0 +1 @@ +0001-Adding-STX-kernel-build-dependency.patch diff --git a/networking/dpdk/debian/trixie/meta_data.yaml b/networking/dpdk/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..ced4ff4ac --- /dev/null +++ b/networking/dpdk/debian/trixie/meta_data.yaml @@ -0,0 +1,13 @@ +--- +debname: dpdk +debver: 20.11.7-1~deb11u1 +dl_path: + name: dpdk-debian-20.11.7-1_deb11u1.tar.gz + url: https://salsa.debian.org/debian/dpdk/-/archive/debian/20.11.7-1_deb11u1/dpdk-debian-20.11.7-1_deb11u1.tar.gz + md5sum: 4bb547ab663ec787833cd43fe3d20f1c + sha256sum: ae62bc916a41f14e957ee7440b94dfb0e22a1d0dd6c1371cb628eab4fb74befd +revision: + dist: $STX_DIST + GITREVCOUNT: + BASE_SRCREV: a806d997496740f2cec02db121c609e3c743c003 + SRC_DIR: ${MY_REPO}/stx/integ/networking/dpdk diff --git a/networking/ifenslave/debian/trixie/deb_patches/0001-Skip-script-if-it-is-a-labeled-interface.patch b/networking/ifenslave/debian/trixie/deb_patches/0001-Skip-script-if-it-is-a-labeled-interface.patch new file mode 100644 index 000000000..6b49d8de9 --- /dev/null +++ b/networking/ifenslave/debian/trixie/deb_patches/0001-Skip-script-if-it-is-a-labeled-interface.patch @@ -0,0 +1,67 @@ +From 746894fb8cb7f0117519191b04e838b10c57ef79 Mon Sep 17 00:00:00 2001 +From: Andre Kantek +Date: Mon, 30 Sep 2024 15:57:56 -0300 +Subject: [PATCH] Skip script if it is a labeled interface + +Labeled interface config files (format 'intf:label') only handle +interface addresses not the bonding itself. Skip scripts if this is +the case + +Signed-off-by: Andre Kantek +--- + debian/ifenslave.if-post-down | 5 +++++ + debian/ifenslave.if-pre-up | 5 +++++ + debian/ifenslave.if-up | 5 +++++ + 3 files changed, 15 insertions(+) + +diff --git a/debian/ifenslave.if-post-down b/debian/ifenslave.if-post-down +index 177a06c..a3595a4 100755 +--- a/debian/ifenslave.if-post-down ++++ b/debian/ifenslave.if-post-down +@@ -26,6 +26,11 @@ sysfs_remove_all() + done + } + ++# If it is a labeled interface, skip ++if [[ "$IFACE" =~ ":" ]] ; then ++ exit 0 ++fi ++ + BOND_PARAMS="/sys/class/net/$IFACE/bonding" + + # free $IFACE if it is currently enslaved to a bonding device. +diff --git a/debian/ifenslave.if-pre-up b/debian/ifenslave.if-pre-up +index 52336ab..2b87fcf 100755 +--- a/debian/ifenslave.if-pre-up ++++ b/debian/ifenslave.if-pre-up +@@ -216,6 +216,11 @@ setup_slave_device() { + setup_primary + } + ++# If it is a labeled interface, skip ++if [[ "$IFACE" =~ ":" ]] ; then ++ exit 0 ++fi ++ + # Option slaves deprecated, replaced by bond-slaves, but still supported for backward compatibility. + IF_BOND_SLAVES=${IF_BOND_SLAVES:-$IF_SLAVES} + +diff --git a/debian/ifenslave.if-up b/debian/ifenslave.if-up +index 923b38f..bd9baa9 100755 +--- a/debian/ifenslave.if-up ++++ b/debian/ifenslave.if-up +@@ -16,6 +16,11 @@ sysfs() + return 0 + } + ++# If it is a labeled interface, skip ++if [[ "$IFACE" =~ ":" ]] ; then ++ exit 0 ++fi ++ + # If the stanza bond-give-a-chance is set for a slave interface, + # then force $IFACE to be the primary for some time, then restore the primary to its previous value. + +-- +2.34.1 + diff --git a/networking/ifenslave/debian/trixie/deb_patches/series b/networking/ifenslave/debian/trixie/deb_patches/series new file mode 100644 index 000000000..f4d4150f4 --- /dev/null +++ b/networking/ifenslave/debian/trixie/deb_patches/series @@ -0,0 +1 @@ +0001-Skip-script-if-it-is-a-labeled-interface.patch diff --git a/networking/ifenslave/debian/trixie/meta_data.yaml b/networking/ifenslave/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..2b2ea3fb7 --- /dev/null +++ b/networking/ifenslave/debian/trixie/meta_data.yaml @@ -0,0 +1,7 @@ +--- +debver: 2.13 +debname: ifenslave +archive: https://snapshot.debian.org/archive/debian/20220519T084715Z/pool/main/i/ifenslave/ +revision: + dist: $STX_DIST + PKG_GITREVCOUNT: true diff --git a/networking/ifupdown-extra/debian/trixie/deb_patches/0001-Accept-netmask-or-prefix-length-on-etc-network-route.patch b/networking/ifupdown-extra/debian/trixie/deb_patches/0001-Accept-netmask-or-prefix-length-on-etc-network-route.patch new file mode 100644 index 000000000..38b1f99e9 --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/deb_patches/0001-Accept-netmask-or-prefix-length-on-etc-network-route.patch @@ -0,0 +1,252 @@ +From d6b8917a04b72bc59c641b7a6fdce27e160e9b31 Mon Sep 17 00:00:00 2001 +From: Andre Fernando Zanella Kantek +Date: Thu, 19 May 2022 10:11:21 -0300 +Subject: [PATCH] Accept netmask or prefix-length on /etc/network/routes file +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This change adds support for both netmask or prefix-length on the +routes file. Internally "route" command is deprecated in favor of +"ip route" as it support better newer kernels + +Signed-off-by: Andre Fernando Zanella Kantek +--- + debian/ifupdown-extra.networking-routes.init | 61 +++++++++++++++++--- + debian/network-routes | 12 +++- + if-up-scripts/static-routes | 50 ++++++++++++++-- + 3 files changed, 107 insertions(+), 16 deletions(-) + +diff --git a/debian/ifupdown-extra.networking-routes.init b/debian/ifupdown-extra.networking-routes.init +index c10b658..db1254d 100755 +--- a/debian/ifupdown-extra.networking-routes.init ++++ b/debian/ifupdown-extra.networking-routes.init +@@ -55,6 +55,32 @@ ROUTEFILE="/etc/network/routes" + VERBOSITY=${VERBOSITY:-0} + + ++function get_prefix_length { ++ netmask=$1 ++ if [[ ${netmask} =~ .*:.* ]]; then ++ # IPv6 ++ awk -F: '{ ++ split($0, octets) ++ for (i in octets) { ++ decval = strtonum("0x"octets[i]) ++ mask += 16 - log(2**16 - decval)/log(2); ++ } ++ print "/" mask ++ }' <<< ${netmask} ++ elif [[ ${netmask} =~ .*\..* ]]; then ++ # IPv4 ++ awk -F. '{ ++ split($0, octets) ++ for (i in octets) { ++ mask += 8 - log(2**8 - octets[i])/log(2); ++ } ++ print "/" mask ++ }' <<< ${netmask} ++ elif [[ ${netmask} =~ ^[0-9]+$ ]]; then ++ echo "/${netmask}" ++ fi ++} ++ + # Functions to read the route file and process it + + +@@ -92,17 +118,19 @@ del_global_routes() { + cat $ROUTEFILE | egrep "^[^#].*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then ++ local prefix_len ++ prefix_len=$(get_prefix_length ${netmask}) + if [ "$gateway" != "reject" ] ; then + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting global route for $network / $netmask through gateway $gateway" + if [ "$interface" != "any" ] ; then +- run_route del $network/$netmask via $gateway dev $interface ++ run_route del ${network}${prefix_len} via ${gateway} dev ${interface} + else +- run_route del $network/$netmask via $gateway ++ run_route del ${network}${prefix_len} via ${gateway} + fi + [ $? -ne 0 ] && ret=$? + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting reject route for $network / $netmask" +- run_route del $network/$netmask reject ++ run_route del ${network}${prefix_len} reject + [ $? -ne 0 ] && ret=$? + fi + +@@ -119,17 +147,19 @@ add_global_routes() { + cat $ROUTEFILE | egrep "^[^#].*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then ++ local prefix_len ++ prefix_len=$(get_prefix_length ${netmask}) + if [ "$gateway" != "reject" ] ; then + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding global route for $network / $netmask through gateway $gateway" + if [ "$interface" != "any" ] ; then +- run_route add $network/$netmask via $gateway dev $interface ++ run_route add ${network}${prefix_len} via ${gateway} dev ${interface} + else +- run_route add $network/$netmask via $gateway ++ run_route add ${network}${prefix_len} via ${gateway} + fi + [ $? -ne 0 ] && ret=$? + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding global reject route for $network / $netmask" +- run_route add $network/$netmask reject ++ run_route add ${network}${prefix_len} reject + [ $? -ne 0 ] && ret=$? + fi + +@@ -146,14 +176,29 @@ check_global_routes() { + cat $ROUTEFILE | egrep "^[^#].*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then ++ local af='--inet' + if [ "$gateway" != "reject" ] ; then + if [ "$interface" != "any" ] ; then +- if ! route | egrep -q "^${network}\s+${gateway}\s+${netmask}.*${interface}" ; then ++ local search_str="^${network}\s+${gateway}\s+${netmask}.*${interface}" ++ if [[ ${network} =~ .*:.* ]]; then ++ local prefix_len ++ prefix_len=$(get_prefix_length ${netmask}) ++ af='--inet6'; ++ search_str="${network}${prefix_len}\s+${gateway}.*${interface}" ++ fi ++ if ! route ${af} -n | egrep -q ${search_str} ; then + ret=1 + log_failure_msg "Route to network ${network}/${netmask} via ${gateway} is not configured in interface ${interface}" + fi + else +- if ! route | egrep -q "^${network}\s+${gateway}\s+${netmask}" ; then ++ local search_str="^${network}\s+${gateway}\s+${netmask}" ++ if [[ ${network} =~ .*:.* ]]; then ++ local prefix_len ++ prefix_len=$(get_prefix_length ${netmask}) ++ af='--inet6'; ++ search_str="${network}${prefix_len}\s+${gateway}" ++ fi ++ if ! route ${af} -n | egrep -q ${search_str} ; then + log_failure_msg "Route to network ${network}/${netmask} via ${gateway} is not configured" + ret=1 + fi +diff --git a/debian/network-routes b/debian/network-routes +index 78de41a..789c51d 100644 +--- a/debian/network-routes ++++ b/debian/network-routes +@@ -7,10 +7,18 @@ + # + # This file includes a list of routes for different networks following + # the format: # Network Netmask Gateway Interface ++# Netmask can be set as the mask or the prefix length + # + # Example: +-# 172.1.1.0 255.255.255.0 192.168.0.1 eth0 +-# ++# IPv4: ++# 172.1.1.0 255.255.255.0 192.168.0.1 eth0 ++# or ++# 172.1.1.0 24 192.168.0.1 eth0 ++# ++# IPv6: ++# 2001:2002:2003:: ffff:ffff:ffff:ffff:: fd00::1 eth0 ++# or ++# 2001:2002:2003:: 64 fd00::1 eth0 + # + # If you want to add a route that will be added regardless of interfaces + # you will have to use the 'any' interface. This can be handy if you want +diff --git a/if-up-scripts/static-routes b/if-up-scripts/static-routes +index 3db5f29..867303d 100755 +--- a/if-up-scripts/static-routes ++++ b/if-up-scripts/static-routes +@@ -59,6 +59,32 @@ VERBOSITY=${VERBOSITY:-0} + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901612 + if [ ${IFACE} = "--all" ]; then IFACE="[[:alnum:]]+"; fi + ++function get_prefix_length { ++ netmask=$1 ++ if [[ ${netmask} =~ .*:.* ]]; then ++ # IPv6 ++ awk -F: '{ ++ split($0, octets) ++ for (i in octets) { ++ decval = strtonum("0x"octets[i]) ++ mask += 16 - log(2**16 - decval)/log(2); ++ } ++ print "/" mask ++ }' <<< ${netmask} ++ elif [[ ${netmask} =~ .*\..* ]]; then ++ # IPv4 ++ awk -F. '{ ++ split($0, octets) ++ for (i in octets) { ++ mask += 8 - log(2**8 - octets[i])/log(2); ++ } ++ print "/" mask ++ }' <<< ${netmask} ++ elif [[ ${netmask} =~ ^[0-9]+$ ]]; then ++ echo "/${netmask}" ++ fi ++} ++ + del_static_routes() { + # NOTE: We actually don't have to remove routes if downing an interface + # since they will be removed nevertheless. In any case, this +@@ -67,12 +93,14 @@ del_static_routes() { + cat $ROUTEFILE | egrep "^[^#].*[[:space:]]${IFACE}[[:space:]]*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then ++ local prefix_len ++ prefix_len=$(get_prefix_length ${netmask}) + if [ "$gateway" != "reject" ] ; then + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting route for $network / $netmask through gateway $gateway at $interface" +- route del -net $network netmask $netmask gw $gateway dev $interface ++ ip route del ${network}${prefix_len} via ${gateway} dev ${interface} + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting reject route for $network / $netmask when bringing up $interface" +- route del -net $network netmask $netmask reject ++ ip route del ${network}${prefix_len} reject + fi + + else +@@ -85,12 +113,14 @@ add_static_routes() { + cat $ROUTEFILE | egrep "^[^#].*[[:space:]]${IFACE}[[:space:]]*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then ++ local prefix_len ++ prefix_len=$(get_prefix_length ${netmask}) + if [ "$gateway" != "reject" ] && [ "$gateway" != "blackhole" ] ; then +- [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding route for $network / $netmask through gateway $gateway at $interface" +- route add -net $network netmask $netmask gw $gateway dev $interface ++ [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding route for $network / $netmask through gateway $gateway at $interface" ++ ip route add ${network}${prefix_len} via ${gateway} dev ${interface} + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding reject/blackhole route for $network / $netmask when bringing up $interface" +- ip route add blackhole $network/$netmask ++ ip route add blackhole ${network}${prefix_len} + fi + + else +@@ -103,8 +133,16 @@ check_static_routes() { + cat $ROUTEFILE | egrep "^[^#].*[[:space:]]${IFACE}[[:space:]]*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then ++ local af='--inet' + if [ "$gateway" != "reject" ] ; then +- if ! route -n | egrep -q "${network}\s+${gateway}\s+${netmask}.*${interface}"; then ++ local search_str="${network}\s+${gateway}\s+${netmask}.*${interface}" ++ if [[ ${network} =~ .*:.* ]]; then ++ local prefix_len ++ prefix_len=$(get_prefix_length ${netmask}) ++ af='--inet6'; ++ search_str="${network}${prefix_len}\s+${gateway}.*${interface}" ++ fi ++ if ! route ${af} -n | egrep -q ${search_str}; then + echo "ERROR: Route '$network $netmask $gateway $interface' defined in $ROUTEFILE is not configured" + fi + fi +-- +2.17.1 + diff --git a/networking/ifupdown-extra/debian/trixie/deb_patches/0002-ignore-IFACE-all-for-ifupdown-scripts.patch b/networking/ifupdown-extra/debian/trixie/deb_patches/0002-ignore-IFACE-all-for-ifupdown-scripts.patch new file mode 100644 index 000000000..a60aed767 --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/deb_patches/0002-ignore-IFACE-all-for-ifupdown-scripts.patch @@ -0,0 +1,73 @@ +From fa4c461a16fc5305dd52558f919b3c7a63257972 Mon Sep 17 00:00:00 2001 +From: Fabiano Mercer +Date: Fri, 29 Jul 2022 11:07:02 -0300 +Subject: [PATCH] ignore IFACE "--all" for ifupdown scripts + +--- + if-up-scripts/check-duplicate-ip | 3 ++- + if-up-scripts/check-duplicate-ip6 | 3 ++- + if-up-scripts/check-gateway | 3 +++ + if-up-scripts/check-network-cable | 3 +++ + 4 files changed, 10 insertions(+), 2 deletions(-) + +diff --git a/if-up-scripts/check-duplicate-ip b/if-up-scripts/check-duplicate-ip +index a07668d..347639d 100755 +--- a/if-up-scripts/check-duplicate-ip ++++ b/if-up-scripts/check-duplicate-ip +@@ -105,8 +105,9 @@ fi + + # If the interface is a serial (sl), WAN interfaces (ww) or localhost (lo) then skip the test + # as it does not make sense in these ++# this script only handles one interface per run so ignore "--all" as well + case $IFACE in +- sl* | ww* | lo*) exit 0 ;; ++ sl* | ww* | lo* | "--all") exit 0 ;; + *) ;; + esac + +diff --git a/if-up-scripts/check-duplicate-ip6 b/if-up-scripts/check-duplicate-ip6 +index f48cdd3..b9ff87a 100755 +--- a/if-up-scripts/check-duplicate-ip6 ++++ b/if-up-scripts/check-duplicate-ip6 +@@ -107,8 +107,9 @@ fi + + # If the interface is a serial (sl), WAN interfaces (ww) or localhost (lo) then skip the test + # as it does not make sense in these ++# this script only handles one interface per run so ignore "--all" as well + case $IFACE in +- sl* | ww* | lo*) exit 0 ;; ++ sl* | ww* | lo* | "--all") exit 0 ;; + *) ;; + esac + +diff --git a/if-up-scripts/check-gateway b/if-up-scripts/check-gateway +index b3fdeb6..97c93b1 100755 +--- a/if-up-scripts/check-gateway ++++ b/if-up-scripts/check-gateway +@@ -55,6 +55,9 @@ VERBOSITY=${VERBOSITY:-0} + # Break out if we don't have an interface to work with + [ -z "$IFACE" ] && exit 0 + ++# Ignore "--all" ++[ "$IFACE" = "--all" ] && exit 0 ++ + if [ "$DO_SYSLOG" = "yes" ] ; then + OUTPUT="logger -i -p daemon.err -s" + else +diff --git a/if-up-scripts/check-network-cable b/if-up-scripts/check-network-cable +index 94279eb..f8e9044 100755 +--- a/if-up-scripts/check-network-cable ++++ b/if-up-scripts/check-network-cable +@@ -180,6 +180,9 @@ case $IFACE in + bond*) + check_bond_status || [ "$ABORT_NO_LINK" != "yes" ] || exit 1 + ;; ++ "--all") ++ # this script only handles one interface per run ++ ;; + lo*) ;; + *) + check_status || [ "$ABORT_NO_LINK" != "yes" ] || exit 1 +-- +2.17.1 + diff --git a/networking/ifupdown-extra/debian/trixie/deb_patches/0003-Handle-default-route-creation.patch b/networking/ifupdown-extra/debian/trixie/deb_patches/0003-Handle-default-route-creation.patch new file mode 100644 index 000000000..6c76861a4 --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/deb_patches/0003-Handle-default-route-creation.patch @@ -0,0 +1,152 @@ +From 946aea4142d5d0acea03c3f72509fd2285f7f73f Mon Sep 17 00:00:00 2001 +From: Andre Kantek +Date: Tue, 13 Sep 2022 11:02:35 -0300 +Subject: [PATCH] Handle default route creation + +Signed-off-by: Andre Kantek +--- + debian/ifupdown-extra.networking-routes.init | 34 ++++++++++++++------ + if-up-scripts/static-routes | 30 ++++++++++++----- + 2 files changed, 46 insertions(+), 18 deletions(-) + +diff --git a/debian/ifupdown-extra.networking-routes.init b/debian/ifupdown-extra.networking-routes.init +index db1254d..e9097d1 100755 +--- a/debian/ifupdown-extra.networking-routes.init ++++ b/debian/ifupdown-extra.networking-routes.init +@@ -81,6 +81,20 @@ function get_prefix_length { + fi + } + ++# if route is default, remove prefix_len ++function get_linux_network { ++ network=$1 ++ netmask=$2 ++ local prefix_len ++ local linux_network ++ prefix_len=$(get_prefix_length ${netmask}) ++ linux_network="${network}${prefix_len}" ++ if [ "${network}" == "default" ]; then ++ linux_network="${network}" ++ fi ++ echo "${linux_network}" ++} ++ + # Functions to read the route file and process it + + +@@ -118,19 +132,19 @@ del_global_routes() { + cat $ROUTEFILE | egrep "^[^#].*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then +- local prefix_len +- prefix_len=$(get_prefix_length ${netmask}) ++ local linux_network ++ linux_network=$(get_linux_network ${network} ${netmask}) + if [ "$gateway" != "reject" ] ; then + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting global route for $network / $netmask through gateway $gateway" + if [ "$interface" != "any" ] ; then +- run_route del ${network}${prefix_len} via ${gateway} dev ${interface} ++ run_route del ${linux_network} via ${gateway} dev ${interface} + else +- run_route del ${network}${prefix_len} via ${gateway} ++ run_route del ${linux_network} via ${gateway} + fi + [ $? -ne 0 ] && ret=$? + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting reject route for $network / $netmask" +- run_route del ${network}${prefix_len} reject ++ run_route del ${linux_network} reject + [ $? -ne 0 ] && ret=$? + fi + +@@ -147,19 +161,19 @@ add_global_routes() { + cat $ROUTEFILE | egrep "^[^#].*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then +- local prefix_len +- prefix_len=$(get_prefix_length ${netmask}) ++ local linux_network ++ linux_network=$(get_linux_network ${network} ${netmask}) + if [ "$gateway" != "reject" ] ; then + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding global route for $network / $netmask through gateway $gateway" + if [ "$interface" != "any" ] ; then +- run_route add ${network}${prefix_len} via ${gateway} dev ${interface} ++ run_route add ${linux_network} via ${gateway} dev ${interface} + else +- run_route add ${network}${prefix_len} via ${gateway} ++ run_route add ${linux_network} via ${gateway} + fi + [ $? -ne 0 ] && ret=$? + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding global reject route for $network / $netmask" +- run_route add ${network}${prefix_len} reject ++ run_route add ${linux_network} reject + [ $? -ne 0 ] && ret=$? + fi + +diff --git a/if-up-scripts/static-routes b/if-up-scripts/static-routes +index 867303d..1341f43 100755 +--- a/if-up-scripts/static-routes ++++ b/if-up-scripts/static-routes +@@ -85,6 +85,20 @@ function get_prefix_length { + fi + } + ++# if route is default, remove prefix_len ++function get_linux_network { ++ network=$1 ++ netmask=$2 ++ local prefix_len ++ local linux_network ++ prefix_len=$(get_prefix_length ${netmask}) ++ linux_network="${network}${prefix_len}" ++ if [ "${network}" == "default" ]; then ++ linux_network="${network}" ++ fi ++ echo "${linux_network}" ++} ++ + del_static_routes() { + # NOTE: We actually don't have to remove routes if downing an interface + # since they will be removed nevertheless. In any case, this +@@ -93,14 +107,14 @@ del_static_routes() { + cat $ROUTEFILE | egrep "^[^#].*[[:space:]]${IFACE}[[:space:]]*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then +- local prefix_len +- prefix_len=$(get_prefix_length ${netmask}) ++ local linux_network ++ linux_network=$(get_linux_network ${network} ${netmask}) + if [ "$gateway" != "reject" ] ; then + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting route for $network / $netmask through gateway $gateway at $interface" +- ip route del ${network}${prefix_len} via ${gateway} dev ${interface} ++ ip route del ${linux_network} via ${gateway} dev ${interface} + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Deleting reject route for $network / $netmask when bringing up $interface" +- ip route del ${network}${prefix_len} reject ++ ip route del ${linux_network} reject + fi + + else +@@ -113,14 +127,14 @@ add_static_routes() { + cat $ROUTEFILE | egrep "^[^#].*[[:space:]]${IFACE}[[:space:]]*$" | + while read network netmask gateway interface ; do + if [ -n "$interface" ] && [ -n "$network" ] && [ -n "$netmask" ] && [ -n "$gateway" ] ; then +- local prefix_len +- prefix_len=$(get_prefix_length ${netmask}) ++ local linux_network ++ linux_network=$(get_linux_network ${network} ${netmask}) + if [ "$gateway" != "reject" ] && [ "$gateway" != "blackhole" ] ; then + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding route for $network / $netmask through gateway $gateway at $interface" +- ip route add ${network}${prefix_len} via ${gateway} dev ${interface} ++ ip route add ${linux_network} via ${gateway} dev ${interface} + else + [ "$VERBOSITY" -eq 1 ] && echo "DEBUG: Adding reject/blackhole route for $network / $netmask when bringing up $interface" +- ip route add blackhole ${network}${prefix_len} ++ ip route add blackhole ${linux_network} + fi + + else +-- +2.17.1 + diff --git a/networking/ifupdown-extra/debian/trixie/deb_patches/0004-Fix-DAD-and-gateway-detection-improve-logs.patch b/networking/ifupdown-extra/debian/trixie/deb_patches/0004-Fix-DAD-and-gateway-detection-improve-logs.patch new file mode 100644 index 000000000..3c944b235 --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/deb_patches/0004-Fix-DAD-and-gateway-detection-improve-logs.patch @@ -0,0 +1,435 @@ +From 301be9cc3629927620206132dc00dba8b83045eb Mon Sep 17 00:00:00 2001 +From: Lucas Ratusznei Fonseca +Date: Mon, 5 Feb 2024 01:15:33 -0300 +Subject: [PATCH] Fix DAD and gateway detection, improve logs + +--- + if-up-scripts/check-duplicate-ip | 51 ++++++++++++---------- + if-up-scripts/check-duplicate-ip6 | 34 ++++++++++----- + if-up-scripts/check-gateway | 72 +++++++++++++++++++++++-------- + if-up-scripts/check-network-cable | 54 +++++++++++++---------- + 4 files changed, 138 insertions(+), 73 deletions(-) + +diff --git a/if-up-scripts/check-duplicate-ip b/if-up-scripts/check-duplicate-ip +index 347639d..a975a90 100755 +--- a/if-up-scripts/check-duplicate-ip ++++ b/if-up-scripts/check-duplicate-ip +@@ -56,11 +56,22 @@ VERBOSITY=${VERBOSITY:-0} + LC_ALL=C + export LC_ALL + +-if [ "$DO_SYSLOG" = "yes" ] ; then +- OUTPUT="logger -i -p daemon.err -s" +-else +- OUTPUT="echo" +-fi ++do_output() { ++ local REDIR_ECHO="" ++ if [[ " err warning " =~ " $1 " ]] ; then ++ REDIR_ECHO="1>&2" ++ fi ++ ++ if [ "$DO_SYSLOG" = "yes" ] ; then ++ logger -i -p daemon.$1 ifupdown: "${@:2}" ++ else ++ eval echo 'ifupdown: "${@:2}"' $REDIR_ECHO ++ fi ++} ++ ++OUT_ERR="do_output err" ++OUT_WARN="do_output warning" ++OUT_DEBUG="do_output debug" + + do_arping() { + # Send ARP pings to detect if there is a duplicate address "out there" +@@ -74,18 +85,18 @@ do_arping() { + + # First determine physical interface in case aliased interfaces are used + real_iface=$(echo "$IFACE" | sed -e 's|:[[:digit:]]\+||') +- +- if [ -z "`ip link show $real_iface up 2>/dev/null`" ]; then ++ if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) != "up" ]] ; then ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Interface $real_iface (for $IFACE) is not in UP state, skipping duplicate IPv4 address check" + return + fi + + for ADDR in $IF_ADDRESS; do + # Skip interface is address is IPv6, arping only works for IPv4 + if ! echo ${ADDR} | grep -q ":" ; then +- [ "$VERBOSITY" -eq 1 ] && $OUTPUT "DEBUG: Sending arp pings through $real_iface (for $IFACE) to detect other systems using $ADDR" +- $ARPING -c $ARP_COUNT -w $ARP_TIMEOUT -D -I $real_iface $ADDR $ARPING_EXTRAOPTS >$ARPING_REDIR ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending arp pings through $real_iface (for $IFACE) to detect other systems using $ADDR" ++ $ARPING -c $ARP_COUNT -w $ARP_TIMEOUT -D -I $real_iface $ADDR $ARPING_EXTRAOPTS >/dev/null + if [ $? -ne 0 ] ; then +- $OUTPUT "ERROR: Duplicate address $ADDR assigned in the network where $real_iface is connected to." ++ $OUT_ERR "Duplicate address $ADDR assigned in the network where $real_iface is connected to." + fi + fi + done +@@ -99,7 +110,7 @@ find_ip() { + } + + if [ -z "$IFACE" ] ; then +- echo "ERROR: Do not know what interface to check. IFACE environment variable is not defined!" >&2 ++ $OUT_ERR "Do not know what interface to check. IFACE environment variable is not defined!" + exit 0 + fi + +@@ -111,6 +122,12 @@ case $IFACE in + *) ;; + esac + ++[ -z "$IF_ADDRESS" ] && find_ip ++# Still no IP? Bail out ++if [ -z "$IF_ADDRESS" ] ; then ++ $OUT_WARN "Cannot check for duplicate IPv4 address in the network as the script could not find the IPv4 address of $IFACE. You can disable this test by setting DO_ARPING to 'no' in $DEFAULT ." ++ exit 0 ++fi + + # For arping: + # Two possible arpings: iputils-arping or arping, with different +@@ -120,30 +137,20 @@ if [ -x /usr/bin/arping ] ; then + ARPING=/usr/bin/arping + ARP_TIMEOUT=${ARP_TIMEOUT:-3} # Time here is measured in seconds + ARPING_EXTRAOPTS="-q" # Use -q(uiet) in iputil's arping +- ARPING_REDIR="/dev/stdout" # Do not redirect output + else + if [ -x /usr/sbin/arping ] ; then + ARPING=/usr/sbin/arping + ARP_TIMEOUT=${ARP_TIMEOUT:-1500} # Time here is measures in milliseconds + # experiments show anything less than 1500 is unreliable. + ARPING_EXTRAOPTS="" # No '-q' option in arping +- ARPING_REDIR="/dev/null" # Send output to /dev/null if using this program + else + # Do not continue if ARPING is not available +- echo "WARNING: Cannot check for duplicate IP address in the network. The script cannot find the 'arping' program (tried /usr/bin/arping and /usr/sbin/arping. Please either install the iputils-arping or arping packages or disable this test by setting DO_ARPING to 'no' in $DEFAULT ." >&2 ++ $OUT_WARN "Cannot check for duplicate IP address in the network. The script cannot find the 'arping' program (tried /usr/bin/arping and /usr/sbin/arping. Please either install the iputils-arping or arping packages or disable this test by setting DO_ARPING to 'no' in $DEFAULT ." + exit 0 + fi + fi + ARP_COUNT=${ARP_COUNT:-2} + +- +- +-[ -z "$IF_ADDRESS" ] && find_ip +-# Still no IP? Bail out +-if [ -z "$IF_ADDRESS" ] ; then +- echo "WARNING: Cannot check for duplicate IP address in the network as the script could not find the ip address of $IFACE. You can disable this test by setting DO_ARPING to 'no' in $DEFAULT ." >&2 +- exit 0 +-fi + do_arping + + exit 0 +diff --git a/if-up-scripts/check-duplicate-ip6 b/if-up-scripts/check-duplicate-ip6 +index b9ff87a..fd4b453 100755 +--- a/if-up-scripts/check-duplicate-ip6 ++++ b/if-up-scripts/check-duplicate-ip6 +@@ -54,11 +54,22 @@ VERBOSITY=${VERBOSITY:-0} + LC_ALL=C + export LC_ALL + +-if [ "$DO_SYSLOG" = "yes" ] ; then +- OUTPUT="logger -i -p daemon.err -s" +-else +- OUTPUT="echo" +-fi ++do_output() { ++ local REDIR_ECHO="" ++ if [[ " err warning " =~ " $1 " ]] ; then ++ REDIR_ECHO="1>&2" ++ fi ++ ++ if [ "$DO_SYSLOG" = "yes" ] ; then ++ logger -i -p daemon.$1 ifupdown: "${@:2}" ++ else ++ eval echo 'ifupdown: "${@:2}"' $REDIR_ECHO ++ fi ++} ++ ++OUT_ERR="do_output err" ++OUT_WARN="do_output warning" ++OUT_DEBUG="do_output debug" + + do_ndisc() { + # Use the Network Discovery Protocol to detect if there is a duplicate address +@@ -70,23 +81,24 @@ do_ndisc() { + + # First determine physical interface in case aliased interfaces are used + real_iface=$(echo "$IFACE" | sed -e 's|:[[:digit:]]\+||') +- link_address=$(ip link show wlan0 | grep link | awk '{print toupper($2)}') +- +- if [ -z "`ip link show $real_iface up`" ]; then ++ if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) != "up" ]] ; then ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Interface $real_iface (for $IFACE) is not in UP state, skipping duplicate IPv6 address check" + return + fi + ++ link_address=$(ip link show "$real_iface" | grep link | awk '{print toupper($2)}') ++ + for ADDR in $IF_ADDRESS; do + # Only check IP address if it is IPv6 + if echo ${ADDR} | grep -q ":" ; then +- [ "$VERBOSITY" -eq 1 ] && $OUTPUT "DEBUG: Sending arp pings through $real_iface (for $IFACE) to detect other systems using $ADDR" ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending arp pings through $real_iface (for $IFACE) to detect other systems using $ADDR" + dup_link_address=$($NDISC -q $ADDR $real_iface) + if [ $? -eq 0 ] ; then + # If the link address is the same as our address this is not a problem + # (ndisc returns it in at least Wireless interfaces), only report if the link + # address does not match + if [ "$link_address" != "$dup_link_address" ] ; then +- $OUTPUT "ERROR: Duplicate address $ADDR assigned in the network where $real_iface is connected to." ++ $OUT_ERR "Duplicate address $ADDR assigned in the network where $real_iface is connected to." + fi + fi + fi +@@ -101,7 +113,7 @@ find_ip6() { + } + + if [ -z "$IFACE" ] ; then +- echo "ERROR: Do not know what interface to check. IFACE environment variable is not defined!" >&2 ++ $OUT_ERR "Do not know what interface to check. IFACE environment variable is not defined!" + exit 1 + fi + +diff --git a/if-up-scripts/check-gateway b/if-up-scripts/check-gateway +index 97c93b1..d2c45c1 100755 +--- a/if-up-scripts/check-gateway ++++ b/if-up-scripts/check-gateway +@@ -42,13 +42,18 @@ + + # Defaults + ARPING=/usr/bin/arping ++NDISC=/usr/bin/ndisc6 + ARP_COUNT=${ARP_COUNT:-2} + ARP_TIMEOUT=${ARP_TIMEOUT:-3} + DO_SYSLOG=${DO_SYSLOG:-yes} + VERBOSITY=${VERBOSITY:-0} + +-# Do not continue if ARPING is not available +-[ ! -x "$ARPING" ] && exit 0 ++[ -x "$ARPING" ] ++HAS_ARPING=$? ++ ++[ -x "$NDISC" ] ++HAS_NDISC=$? ++ + # or if the user has told us to not do arpings + [ "$DO_ARPING" = "no" ] && exit 0 + +@@ -58,17 +63,28 @@ VERBOSITY=${VERBOSITY:-0} + # Ignore "--all" + [ "$IFACE" = "--all" ] && exit 0 + +-if [ "$DO_SYSLOG" = "yes" ] ; then +- OUTPUT="logger -i -p daemon.err -s" +-else +- OUTPUT="echo" +-fi ++do_output() { ++ local REDIR_ECHO="" ++ if [[ " err warning " =~ " $1 " ]] ; then ++ REDIR_ECHO="1>&2" ++ fi ++ ++ if [ "$DO_SYSLOG" = "yes" ] ; then ++ logger -i -p daemon.$1 ifupdown: "${@:2}" ++ else ++ eval echo 'ifupdown: "${@:2}"' $REDIR_ECHO ++ fi ++} ++ ++OUT_ERR="do_output err" ++OUT_WARN="do_output warning" ++OUT_DEBUG="do_output debug" + + # Try to obtain the IP address of our gateway (DHCP case) + if [ -z "$IF_GATEWAY" ] ; then + IF_GATEWAY=$(ip route list | grep "^default " | grep "dev $IFACE" | awk '{print $3}') + # Warn if there are multiple gateways +- echo $IF_GATEWAY | grep -q " " && [ "$VERBOSITY" -eq 1 ] && $OUTPUT "Found multiple gateways as default routes for $IFACE" ++ echo $IF_GATEWAY | grep -q " " && [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Found multiple gateways as default routes for $IFACE" + fi + # Still no IP? Bail out + [ -z "$IF_GATEWAY" ] && exit 0 +@@ -92,12 +108,7 @@ do_arping() { + local ARPING_OPTIONS="-q -c $ARP_COUNT -w $ARP_TIMEOUT -f -I $IFACE" + local GATEWAY_FOUND=1 + +- # Check if the interface is up +- if [ -z "`ip link show $real_iface up 2>/dev/null`" ]; then +- return 0 +- fi +- +- [ "$VERBOSITY" -eq 1 ] && $OUTPUT "DEBUG: Sending arp pings through $IFACE to detect if the gateway $GATEWAY is present" ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending arp pings through $IFACE to detect if the gateway $GATEWAY is present" + if [ "`id -u`" = 0 ] ; then + if $ARPING $ARPING_OPTIONS $GATEWAY ; then + GATEWAY_FOUND=0 +@@ -112,10 +123,23 @@ do_arping() { + fi + + if [ "$GATEWAY_FOUND" = 1 ] ; then +- $OUTPUT "ERROR: Cannot find default gateway $GATEWAY in the network where $IFACE is connected to" ++ $OUT_ERR "Cannot find default gateway $GATEWAY in the network where $IFACE is connected to" + fi + } + ++do_ndisc() { ++ ++ local GATEWAY=$1 ++ ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending ICMP6 pings through $IFACE to detect if the gateway $GATEWAY is present" ++ ++ $NDISC -q $GATEWAY $real_iface >/dev/null 2>&1 ++ if [ $? -ne 0 ] ; then ++ $OUT_ERR "Cannot find default gateway $GATEWAY in the network where $IFACE is connected to" ++ fi ++ ++} ++ + # Check our IFACE name, if it is a serial line or loopback skip it as ARP ping is not possible there + + case "$IFACE" in +@@ -123,8 +147,22 @@ case "$IFACE" in + *) ;; + esac + +-for gateway in $IF_GATEWAY ; do +- do_arping $gateway ++real_iface=$(echo "$IFACE" | sed -e 's|:[[:digit:]]\+||') ++if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) != "up" ]] ; then ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Interface $real_iface (for $IFACE) is not in UP state, skipping gateway detection" ++ exit 0 ++fi ++ ++for gateway in $IF_GATEWAY ; do ++ if [[ "$gateway" =~ ":" ]] ; then ++ if [ $HAS_NDISC -eq 0 ] ; then ++ do_ndisc $gateway ++ fi ++ else ++ if [ $HAS_ARPING -eq 0 ] ; then ++ do_arping $gateway ++ fi ++ fi + done + + exit 0 +diff --git a/if-up-scripts/check-network-cable b/if-up-scripts/check-network-cable +index f8e9044..be3d5b3 100755 +--- a/if-up-scripts/check-network-cable ++++ b/if-up-scripts/check-network-cable +@@ -58,11 +58,22 @@ if [ "$DO_CABLETEST" = "no" ]; then + exit 0 + fi + +-if [ "$DO_SYSLOG" = yes ]; then +- OUTPUT="logger -i -p daemon.err -s" +-else +- OUTPUT=echo +-fi ++do_output() { ++ local REDIR_ECHO="" ++ if [[ " err warning " =~ " $1 " ]] ; then ++ REDIR_ECHO="1>&2" ++ fi ++ ++ if [ "$DO_SYSLOG" = "yes" ] ; then ++ logger -i -p daemon.$1 ifupdown: "${@:2}" ++ else ++ eval echo 'ifupdown: "${@:2}"' $REDIR_ECHO ++ fi ++} ++ ++OUT_ERR="do_output err" ++OUT_WARN="do_output warning" ++OUT_DEBUG="do_output debug" + + # Set our locale environment, just in case any of the tools get translated + LC_ALL=C +@@ -91,16 +102,8 @@ check_status_ethtool() { + return $status + } + +-check_status_iplink() { +- local status=0 +- local info="" +- +- [ -x "$IPTOOL" ] || return 0 +- info=$($IPTOOL link show "$IFACE" up 2>&1) +- if [ -z "$info" ] ; then +- status=1 +- fi +- return $status ++check_status_sysfs() { ++ [ -f /sys/class/net/${IFACE}/operstate ] && [[ $(< /sys/class/net/${IFACE}/operstate) != "down" ]] + } + + # Status check function for all types of interfaces +@@ -108,14 +111,14 @@ check_status () { + local status=0 myid=$(id -u) + + $IPTOOL link show "$IFACE" >/dev/null 2>&1 || { +- $OUTPUT "ERROR: Interface $IFACE does not seem to be present" \ ++ $OUT_ERR "Interface $IFACE does not seem to be present" \ + "in the system" + return 0 + } + +- check_status_iplink || status=$? ++ check_status_sysfs || status=$? + [ $status -eq 0 ] || +- $OUTPUT "WARNING: Initialising interface $IFACE which does" \ ++ $OUT_WARN "Initialising interface $IFACE which does" \ + "not have a link" + return $status + } +@@ -126,7 +129,7 @@ check_ethernet_status() { + local status=0 myid=$(id -u) + + $IPTOOL link show "$IFACE" >/dev/null 2>&1 || { +- $OUTPUT "ERROR: Interface $IFACE does not seem to be present" \ ++ $OUT_ERR "Interface $IFACE does not seem to be present" \ + "in the system" + return 0 + } +@@ -138,10 +141,10 @@ check_ethernet_status() { + elif [ -x "$MIITOOL" ] && [ $myid -eq 0 ]; then + check_status_miitool || status=$? + else +- check_status_iplink || status=$? ++ check_status_sysfs || status=$? + fi + [ $status -eq 0 ] || +- $OUTPUT "WARNING: Initialising interface $IFACE which does" \ ++ $OUT_WARN "Initialising interface $IFACE which does" \ + "not have a link" + return $status + } +@@ -162,16 +165,21 @@ check_bond_status() { + [ $status -ne 0 ] || return 0 + done + done <$slaves +- $OUTPUT "WARNING: Initialising bond $IFACE which does not have link" \ ++ $OUT_WARN "Initialising bond $IFACE which does not have link" \ + "on any slave" + return $status + } + + [ "$IFACE" ] || { +- $OUTPUT "ERROR: Variable IFACE not set in environment" ++ $OUT_ERR "Variable IFACE not set in environment" + exit 1 + } + ++# If it is a labeled interface, skip ++if [[ "$IFACE" =~ ":" ]] ; then ++ exit 0 ++fi ++ + # Check our IFACE name, run the status check depending on the type of interface + case $IFACE in + en* | eth*) +-- +2.34.1 + diff --git a/networking/ifupdown-extra/debian/trixie/deb_patches/0005-Correct-support-for-gateway-checking-in-dual-stack.patch b/networking/ifupdown-extra/debian/trixie/deb_patches/0005-Correct-support-for-gateway-checking-in-dual-stack.patch new file mode 100644 index 000000000..2f31d2493 --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/deb_patches/0005-Correct-support-for-gateway-checking-in-dual-stack.patch @@ -0,0 +1,238 @@ +From ffb43e6c855ce7f653128ca91f019c3648f4a0d9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Javier=20Fernandez-Sanguino=20Pe=C3=B1a?= +Date: Fri, 6 Sep 2024 09:53:24 -0300 +Subject: [PATCH] Correct support for gateway checking in dual-stack + +This change contains the correct parsing for the real interface name, +removing the label part (after ':') from the IFACE variable to be +used by ndisc and arping + +Also enhanced log messages, now registering test result as error if +failed or as info if passes since this kind of information is very +useful for troubleshoot + +Added a final ICMP echo test (using ping) to enhance diagnosis, but +only logging result as info since gateway is under no obligation to +answer ECHO messages. + +Signed-off-by: Andre Kantek +--- + if-up-scripts/check-duplicate-ip | 14 +++--- + if-up-scripts/check-duplicate-ip6 | 5 +- + if-up-scripts/check-gateway | 80 ++++++++++++++++++++++++------- + 3 files changed, 75 insertions(+), 24 deletions(-) + +diff --git a/if-up-scripts/check-duplicate-ip b/if-up-scripts/check-duplicate-ip +index a975a90..ec9ff65 100755 +--- a/if-up-scripts/check-duplicate-ip ++++ b/if-up-scripts/check-duplicate-ip +@@ -73,6 +73,9 @@ OUT_ERR="do_output err" + OUT_WARN="do_output warning" + OUT_DEBUG="do_output debug" + ++# First determine physical interface in case aliased interfaces are used ++real_iface=$(echo "$IFACE" | awk -F ':' '{print $1}') ++ + do_arping() { + # Send ARP pings to detect if there is a duplicate address "out there" + # Curiously enough, the script will return faster if there *is* a system +@@ -83,12 +86,10 @@ do_arping() { + # does not have link, notice that ARPING will try to send the ARP requests + # even if there is no link so we use this to speed things up + +-# First determine physical interface in case aliased interfaces are used +- real_iface=$(echo "$IFACE" | sed -e 's|:[[:digit:]]\+||') +- if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) != "up" ]] ; then +- [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Interface $real_iface (for $IFACE) is not in UP state, skipping duplicate IPv4 address check" +- return +- fi ++ if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) != "up" ]] ; then ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Interface $real_iface (for $IFACE) is not in UP state, skipping duplicate IPv4 address check" ++ return ++ fi + + for ADDR in $IF_ADDRESS; do + # Skip interface is address is IPv6, arping only works for IPv4 +@@ -122,6 +123,7 @@ case $IFACE in + *) ;; + esac + ++ + [ -z "$IF_ADDRESS" ] && find_ip + # Still no IP? Bail out + if [ -z "$IF_ADDRESS" ] ; then +diff --git a/if-up-scripts/check-duplicate-ip6 b/if-up-scripts/check-duplicate-ip6 +index fd4b453..0af95c1 100755 +--- a/if-up-scripts/check-duplicate-ip6 ++++ b/if-up-scripts/check-duplicate-ip6 +@@ -71,6 +71,9 @@ OUT_ERR="do_output err" + OUT_WARN="do_output warning" + OUT_DEBUG="do_output debug" + ++# First determine physical interface in case aliased interfaces are used ++real_iface=$(echo "$IFACE" | awk -F ':' '{print $1}') ++ + do_ndisc() { + # Use the Network Discovery Protocol to detect if there is a duplicate address + # "out there" +@@ -79,8 +82,6 @@ do_ndisc() { + # does not have link, notice that ARPING will try to send the ARP requests + # even if there is no link so we use this to speed things up + +-# First determine physical interface in case aliased interfaces are used +- real_iface=$(echo "$IFACE" | sed -e 's|:[[:digit:]]\+||') + if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) != "up" ]] ; then + [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Interface $real_iface (for $IFACE) is not in UP state, skipping duplicate IPv6 address check" + return +diff --git a/if-up-scripts/check-gateway b/if-up-scripts/check-gateway +index d2c45c1..8e24a82 100755 +--- a/if-up-scripts/check-gateway ++++ b/if-up-scripts/check-gateway +@@ -43,6 +43,7 @@ + # Defaults + ARPING=/usr/bin/arping + NDISC=/usr/bin/ndisc6 ++PING=/usr/bin/ping + ARP_COUNT=${ARP_COUNT:-2} + ARP_TIMEOUT=${ARP_TIMEOUT:-3} + DO_SYSLOG=${DO_SYSLOG:-yes} +@@ -54,6 +55,9 @@ HAS_ARPING=$? + [ -x "$NDISC" ] + HAS_NDISC=$? + ++[ -x "$PING" ] ++HAS_PING=$? ++ + # or if the user has told us to not do arpings + [ "$DO_ARPING" = "no" ] && exit 0 + +@@ -78,22 +82,41 @@ do_output() { + + OUT_ERR="do_output err" + OUT_WARN="do_output warning" ++OUT_INFO="do_output info" + OUT_DEBUG="do_output debug" + +-# Try to obtain the IP address of our gateway (DHCP case) +-if [ -z "$IF_GATEWAY" ] ; then +- IF_GATEWAY=$(ip route list | grep "^default " | grep "dev $IFACE" | awk '{print $3}') +- # Warn if there are multiple gateways +- echo $IF_GATEWAY | grep -q " " && [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Found multiple gateways as default routes for $IFACE" +-fi +-# Still no IP? Bail out +-[ -z "$IF_GATEWAY" ] && exit 0 +- + + # Set up our environment + LC_ALL=C + export LC_ALL + ++log_ping_test() { ++# ICMP echo test (using ping) to enhance diagnosis, but only logging result as ++# info since gateway is under no obligation to answer ECHO messages. ++ local GATEWAY=$1 ++ local GATEWAY_FOUND=1 ++ [ "${VERBOSITY}" -eq 1 ] && ${OUT_DEBUG} "Sending ICMP6 ECHO messages through ${real_iface} to detect if the gateway ${GATEWAY} is present" ++ ip_route_get=$(ip route get ${GATEWAY}) ++ [ "$VERBOSITY" -eq 1 ] && ${OUT_DEBUG} "gateway route table resolution: '${ip_route_get}'" ++ if [[ "${GATEWAY}" =~ ":" ]] ; then ++ ${PING} -6 -i 0.3 -c 2 -q ${GATEWAY} ++ if [ $? -ne 0 ] ; then ++ GATEWAY_FOUND=0 ++ fi ++ else ++ ${PING} -4 -i 0.3 -c 2 -q ${GATEWAY} ++ if [ $? -ne 0 ] ; then ++ GATEWAY_FOUND=0 ++ fi ++ fi ++ if [ "${GATEWAY_FOUND}" = 1 ] ; then ++ ${OUT_INFO} "Gateway ${GATEWAY} in ${real_iface} is reachable via ICMP ECHO (ping)" ++ else ++ ${OUT_INFO} "Gateway ${GATEWAY} in ${real_iface} is not reachable via ICMP ECHO (ping)" ++ fi ++ ++} ++ + do_arping() { + # Send ARP pings to detect if the default gateway is "out there" + # Curiously enough, the script will return faster if there *is* a system +@@ -105,10 +128,10 @@ do_arping() { + # even if there is no link so we use this to speed things up + + local GATEWAY=$1 +- local ARPING_OPTIONS="-q -c $ARP_COUNT -w $ARP_TIMEOUT -f -I $IFACE" ++ local ARPING_OPTIONS="-q -c $ARP_COUNT -w $ARP_TIMEOUT -f -I $real_iface" + local GATEWAY_FOUND=1 + +- [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending arp pings through $IFACE to detect if the gateway $GATEWAY is present" ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending arp pings through $real_iface to detect if the gateway $GATEWAY is present" + if [ "`id -u`" = 0 ] ; then + if $ARPING $ARPING_OPTIONS $GATEWAY ; then + GATEWAY_FOUND=0 +@@ -123,19 +146,29 @@ do_arping() { + fi + + if [ "$GATEWAY_FOUND" = 1 ] ; then +- $OUT_ERR "Cannot find default gateway $GATEWAY in the network where $IFACE is connected to" +- fi ++ $OUT_ERR "Cannot find with ARP default gateway $GATEWAY in the network where $real_iface is connected to" ++ else ++ $OUT_INFO "Gateway $GATEWAY in $real_iface is reachable via ARP" ++ if [ $HAS_PING -eq 0 ] ; then ++ log_ping_test $GATEWAY ++ fi ++ fi + } + + do_ndisc() { + + local GATEWAY=$1 + +- [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending ICMP6 pings through $IFACE to detect if the gateway $GATEWAY is present" ++ [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Sending ICMPv6:NDP discovery messages through $real_iface to detect if the gateway $GATEWAY is present" + + $NDISC -q $GATEWAY $real_iface >/dev/null 2>&1 + if [ $? -ne 0 ] ; then +- $OUT_ERR "Cannot find default gateway $GATEWAY in the network where $IFACE is connected to" ++ $OUT_ERR "Cannot find with ICMPv6:NDP default gateway $GATEWAY in the network where $real_iface is connected to" ++ else ++ $OUT_INFO "Gateway $GATEWAY in $real_iface is reachable via ICMPv6:NDP" ++ if [ $HAS_PING -eq 0 ] ; then ++ log_ping_test $GATEWAY ++ fi + fi + + } +@@ -147,12 +180,27 @@ case "$IFACE" in + *) ;; + esac + +-real_iface=$(echo "$IFACE" | sed -e 's|:[[:digit:]]\+||') ++real_iface=$(echo "$IFACE" | awk -F ':' '{print $1}') + if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) != "up" ]] ; then + [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Interface $real_iface (for $IFACE) is not in UP state, skipping gateway detection" + exit 0 + fi + ++# Try to obtain the IP address of our gateway (DHCP case) ++if [ -z "$IF_GATEWAY" ] ; then ++ IF_GATEWAY4=$(ip -4 route list | grep "^default " | grep "dev $real_iface" | awk '{print $3}') ++ IF_GATEWAY6=$(ip -6 route list | grep "^default " | grep "dev $real_iface" | awk '{print $3}') ++ # Warn if there are multiple gateways ++ echo $IF_GATEWAY4 | grep -q " " && [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Found multiple IPv4 gateways as default routes for $real_iface" ++ echo $IF_GATEWAY6 | grep -q " " && [ "$VERBOSITY" -eq 1 ] && $OUT_DEBUG "Found multiple IPv6 gateways as default routes for $real_iface" ++ if [ -n "$IF_GATEWAY4" ] || [ -n "$IF_GATEWAY4" ]; then ++ IF_GATEWAY="${IF_GATEWAY4} ${IF_GATEWAY6}" ++ fi ++fi ++# Still no IP? Bail out ++[ -z "$IF_GATEWAY" ] && exit 0 ++ ++ + for gateway in $IF_GATEWAY ; do + if [[ "$gateway" =~ ":" ]] ; then + if [ $HAS_NDISC -eq 0 ] ; then +-- +2.34.1 + diff --git a/networking/ifupdown-extra/debian/trixie/deb_patches/0006-Only-generate-lack-of-address-warning-if-method-isn-.patch b/networking/ifupdown-extra/debian/trixie/deb_patches/0006-Only-generate-lack-of-address-warning-if-method-isn-.patch new file mode 100644 index 000000000..0a666ca9b --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/deb_patches/0006-Only-generate-lack-of-address-warning-if-method-isn-.patch @@ -0,0 +1,37 @@ +From da5950d5578aaed4719624400b59402fc335cd7a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Javier=20Fernandez-Sanguino=20Pe=C3=B1a?= +Date: Tue, 1 Oct 2024 09:10:11 -0300 +Subject: [PATCH] Only generate lack of address warning if method isn't manual +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The script check-duplicate-ip is generating warning message about +lack of address config in the interface even if the method is manual. +The manual method does not provide address to be tested. + +This change adds this logic to decide if generates a warning message. + +Signed-off-by: Andre Kantek +--- + if-up-scripts/check-duplicate-ip | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/if-up-scripts/check-duplicate-ip b/if-up-scripts/check-duplicate-ip +index ec9ff65..b51fa11 100755 +--- a/if-up-scripts/check-duplicate-ip ++++ b/if-up-scripts/check-duplicate-ip +@@ -127,7 +127,9 @@ esac + [ -z "$IF_ADDRESS" ] && find_ip + # Still no IP? Bail out + if [ -z "$IF_ADDRESS" ] ; then +- $OUT_WARN "Cannot check for duplicate IPv4 address in the network as the script could not find the IPv4 address of $IFACE. You can disable this test by setting DO_ARPING to 'no' in $DEFAULT ." ++ if [[ "$METHOD" != 'manual' ]]; then ++ $OUT_WARN "Cannot check for duplicate IPv4 address in the network as the script could not find the IPv4 address of $IFACE. You can disable this test by setting DO_ARPING to 'no' in $DEFAULT ." ++ fi + exit 0 + fi + +-- +2.34.1 + diff --git a/networking/ifupdown-extra/debian/trixie/deb_patches/series b/networking/ifupdown-extra/debian/trixie/deb_patches/series new file mode 100644 index 000000000..23e898e9a --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/deb_patches/series @@ -0,0 +1,6 @@ +0001-Accept-netmask-or-prefix-length-on-etc-network-route.patch +0002-ignore-IFACE-all-for-ifupdown-scripts.patch +0003-Handle-default-route-creation.patch +0004-Fix-DAD-and-gateway-detection-improve-logs.patch +0005-Correct-support-for-gateway-checking-in-dual-stack.patch +0006-Only-generate-lack-of-address-warning-if-method-isn-.patch diff --git a/networking/ifupdown-extra/debian/trixie/meta_data.yaml b/networking/ifupdown-extra/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..fa158d50f --- /dev/null +++ b/networking/ifupdown-extra/debian/trixie/meta_data.yaml @@ -0,0 +1,7 @@ +--- +debver: 0.32 +debname: ifupdown-extra +archive: https://snapshot.debian.org/archive/debian/20220519T084715Z/pool/main/i/ifupdown-extra/ +revision: + dist: $STX_DIST + PKG_GITREVCOUNT: true diff --git a/networking/ifupdown/debian/trixie/deb_patches/0001-Fix-detection-logic.patch b/networking/ifupdown/debian/trixie/deb_patches/0001-Fix-detection-logic.patch new file mode 100644 index 000000000..bac9b2c32 --- /dev/null +++ b/networking/ifupdown/debian/trixie/deb_patches/0001-Fix-detection-logic.patch @@ -0,0 +1,70 @@ +From 382eb354d6b6ceee52fb2dd6d8845b9a313a3f78 Mon Sep 17 00:00:00 2001 +From: Lucas Ratusznei Fonseca +Date: Thu, 8 Feb 2024 14:52:17 -0300 +Subject: [PATCH] Fix detection logic + +--- + settle-dad.sh | 42 +++++++++++++++++++++++++++--------------- + 1 file changed, 27 insertions(+), 15 deletions(-) + +diff --git a/settle-dad.sh b/settle-dad.sh +index 37cb516..4cdbc8e 100644 +--- a/settle-dad.sh ++++ b/settle-dad.sh +@@ -6,26 +6,38 @@ delay=${IF_DAD_INTERVAL:-0.1} + + [ $attempts -eq 0 ] && exit 0 + +-echo -n "Waiting for DAD... " ++echo -n "Attempting DAD test for ${IF_ADDRESS}/${IF_NETMASK} on ${IFACE}... " ++ ++real_iface=${IFACE%:*} ++no_link=0 ++ + for attempt in $(seq 1 $attempts); do +- tentative=$(ip -o -6 address list dev "$IFACE" to "${IF_ADDRESS}/${IF_NETMASK}" tentative | wc -l) +- if [ $tentative -eq 0 ]; then +- attempt=0 # This might have been our last attempt, but successful +- break ++ if [ ! -f /sys/class/net/${real_iface}/operstate ] || [[ $(< /sys/class/net/${real_iface}/operstate) == "down" ]] ; then ++ no_link=0 ++ else ++ no_link=1 ++ tentative=$(ip -o -6 address list dev "$IFACE" to "${IF_ADDRESS}/${IF_NETMASK}" tentative) ++ if [ -z "$tentative" ]; then ++ attempt=0 # This might have been our last attempt, but successful ++ break ++ fi ++ if [[ "$tentative" =~ "dadfailed tentative" ]] ; then ++ echo "Failed" ++ exit 1 ++ fi + fi +- sleep $delay ++ ++ sleep $delay + done + + if [ $attempt -eq $attempts ]; then +- echo "Timed out" +- exit 1 +-fi +- +-dadfailed=$(ip -o -6 address list dev "$IFACE" to "${IF_ADDRESS}/${IF_NETMASK}" dadfailed | wc -l) +- +-if [ $dadfailed -ge 1 ]; then +- echo "Failed" +- exit 1 ++ if [ $no_link -eq 0 ]; then ++ echo "No link" ++ exit 0 ++ else ++ echo "Timed out" ++ exit 1 ++ fi + fi + + echo Done +-- +2.34.1 + diff --git a/networking/ifupdown/debian/trixie/deb_patches/0002-Fix-long-labels-cause-command-to-fail.patch b/networking/ifupdown/debian/trixie/deb_patches/0002-Fix-long-labels-cause-command-to-fail.patch new file mode 100644 index 000000000..466f0c315 --- /dev/null +++ b/networking/ifupdown/debian/trixie/deb_patches/0002-Fix-long-labels-cause-command-to-fail.patch @@ -0,0 +1,37 @@ +From ab7e1b45ce9c7cb9a43bc82edb706dd9e8b89ee3 Mon Sep 17 00:00:00 2001 +From: Lucas Ratusznei Fonseca +Date: Wed, 7 Aug 2024 01:30:19 -0300 +Subject: [PATCH] Fix long labels cause command to fail + +--- + execute.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/execute.c b/execute.c +index 05fdfd1..3a731f2 100644 +--- a/execute.c ++++ b/execute.c +@@ -460,9 +460,20 @@ int strncmpz(const char *l, const char *r, size_t llen) { + return i; + } + ++#define LINUX_MAX_IFNAME_LEN 15 ++ + char *get_var(const char *id, size_t idlen, interface_defn *ifd) { + if (strncmpz(id, "iface", idlen) == 0) ++ { ++ if(strlen(ifd->real_iface) > LINUX_MAX_IFNAME_LEN) ++ { ++ const char* colon_pos = strchr(ifd->real_iface, ':'); ++ if(colon_pos) ++ return strndup(ifd->real_iface, colon_pos - ifd->real_iface); ++ } ++ + return strdup(ifd->real_iface); ++ } + + for (int i = 0; i < ifd->n_options; i++) { + if (strncmpz(id, ifd->option[i].name, idlen) == 0) { +-- +2.34.1 + diff --git a/networking/ifupdown/debian/trixie/deb_patches/0003-filter-out-interface-label-when-setting-MTU.patch b/networking/ifupdown/debian/trixie/deb_patches/0003-filter-out-interface-label-when-setting-MTU.patch new file mode 100644 index 000000000..c0a795def --- /dev/null +++ b/networking/ifupdown/debian/trixie/deb_patches/0003-filter-out-interface-label-when-setting-MTU.patch @@ -0,0 +1,42 @@ +From ea9deacedf3e1421e3e20ee91ec34bbb9e5ff8f1 Mon Sep 17 00:00:00 2001 +From: Andre Kantek +Date: Mon, 30 Sep 2024 16:14:59 -0300 +Subject: [PATCH] filter out interface label when setting MTU + +When ifupdown receives a labeled interface name (format intf:label) +it tries to cat the MTU value in /sys and that prints an error message +that pollutes the log and prevents the MTU setting. + +This change filters out the label part from "%iface%" to correctly +query /sys + +Signed-off-by: Andre Kantek +--- + inet6.defn | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/inet6.defn b/inet6.defn +index cec6a17..9817560 100644 +--- a/inet6.defn ++++ b/inet6.defn +@@ -86,7 +86,7 @@ method static + -[[/sbin/sysctl -q -e -w net.ipv6.conf.%iface/.//%.use_tempaddr=%privext%]] + -[[/sbin/sysctl -q -e -w net.ipv6.conf.%iface/.//%.accept_ra=%accept_ra%]] + -[[/sbin/sysctl -q -e -w net.ipv6.conf.%iface/.//%.autoconf=%autoconf%]] +- -[[if [ "$(/bin/cat /sys/class/net/%iface%/mtu)" -lt %mtu% ]; then /sbin/ip link set dev %iface% mtu %mtu%; else /sbin/sysctl -q -e -w net.ipv6.conf.%iface/.//%.mtu=%mtu%; fi]] ++ -intf=$(echo "%iface%"|/usr/bin/awk -F ':' '{print $1}');[[if [ "$(/bin/cat /sys/class/net/${intf}/mtu)" -lt %mtu% ]; then /sbin/ip link set dev %iface% mtu %mtu%; else /sbin/sysctl -q -e -w net.ipv6.conf.%iface/.//%.mtu=%mtu%; fi]] + /sbin/ip addr flush dev %iface% mngtmpaddr \ + if (var_set("accept_ra", ifd) && !var_true("accept_ra", ifd)) + /sbin/ip link set dev %iface% [[address %hwaddress%]] up +@@ -119,7 +119,7 @@ method manual + hwaddress cleanup_hwaddress + + up +- -[[if [ "$(/bin/cat /sys/class/net/%iface%/mtu)" -lt %mtu% ]; then /sbin/ip link set dev %iface% mtu %mtu%; else /sbin/sysctl -q -e -w net.ipv6.conf.%iface/.//%.mtu=%mtu%; fi]] ++ -intf=$(echo "%iface%"|/usr/bin/awk -F ':' '{print $1}');[[if [ "$(/bin/cat /sys/class/net/${intf}/mtu)" -lt %mtu% ]; then /sbin/ip link set dev %iface% mtu %mtu%; else /sbin/sysctl -q -e -w net.ipv6.conf.%iface/.//%.mtu=%mtu%; fi]] + [[/sbin/ip link set dev %iface% address %hwaddress%]] + /sbin/ip link set dev %iface% up 2>/dev/null || true + +-- +2.34.1 + diff --git a/networking/ifupdown/debian/trixie/deb_patches/0004-Check-for-existing-IP-before-adding.patch b/networking/ifupdown/debian/trixie/deb_patches/0004-Check-for-existing-IP-before-adding.patch new file mode 100644 index 000000000..9711d6e1d --- /dev/null +++ b/networking/ifupdown/debian/trixie/deb_patches/0004-Check-for-existing-IP-before-adding.patch @@ -0,0 +1,630 @@ +From 9af1abca17d0760f4fa02e2078a77c680149af0c Mon Sep 17 00:00:00 2001 +From: Ferdinando Terada +Date: Tue, 10 Jun 2025 13:01:20 -0300 +Subject: [PATCH] Check for existing IP before adding + +Avoid redundant IP configuration by checking if the address is already +assigned before adding it, for both IPv4 and IPv6. + +Signed-off-by: Ferdinando Terada +--- + archcommon.c | 81 +++++++++++++++++++++++++++++++++++++++++++++++ + archcommon.h | 2 ++ + inet.defn | 8 ++--- + inet6.defn | 4 +-- + tests/linux/up.1 | 28 ++++------------ + tests/linux/up.11 | 4 +-- + tests/linux/up.16 | 22 ++++--------- + tests/linux/up.2 | 24 ++++---------- + tests/linux/up.3 | 20 ++++++------ + tests/linux/up.4 | 4 +-- + tests/linux/up.5 | 4 +-- + tests/linux/up.6 | 4 +-- + tests/linux/up.7 | 24 +++++--------- + tests/linux/up.8 | 16 +++------- + 14 files changed, 134 insertions(+), 111 deletions(-) + +diff --git a/archcommon.c b/archcommon.c +index 52a2666..32606db 100644 +--- a/archcommon.c ++++ b/archcommon.c +@@ -1,3 +1,6 @@ ++#include ++#include ++#include + #include + #include + #include +@@ -291,3 +294,81 @@ void if_set(interface_defn *ifd, char **pparam, int argc, char **argv) { + return; + strcpy(*pparam, argv[0]); + } ++ ++bool iface_has_address(interface_defn *ifd) { ++ if (!ifd || !ifd->logical_iface) ++ return false; ++ ++ char *address = get_var("address", strlen("address"), ifd); ++ char *family = get_var("address-family", strlen("address-family"), ifd); ++ ++ if (!address) { ++ free(family); ++ return false; ++ } ++ ++ struct ifaddrs *ifaddr, *ifa; ++ bool found = false; ++ ++ if (getifaddrs(&ifaddr) == -1) { ++ free(address); ++ free(family); ++ return false; ++ } ++ ++ int af = AF_INET; ++ if (strchr(address, ':') != NULL) ++ af = AF_INET6; ++ ++ char buf[INET6_ADDRSTRLEN]; ++ ++ char *ifname_real = strdup(ifd->logical_iface); ++ if (!ifname_real) { ++ free(address); ++ free(family); ++ freeifaddrs(ifaddr); ++ return false; ++ } ++ ++ // Extract the base interface name (e.g., "vlan11" from "vlan11:5-16") ++ char *sep = strchr(ifname_real, ':'); ++ if (sep) ++ *sep = '\0'; ++ ++ for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) { ++ if (!ifa->ifa_addr) ++ continue; ++ ++ int fam = ifa->ifa_addr->sa_family; ++ const void *src = NULL; ++ ++ if (fam == AF_INET) { ++ src = &((struct sockaddr_in *)ifa->ifa_addr)->sin_addr; ++ } else if (fam == AF_INET6) { ++ src = &((struct sockaddr_in6 *)ifa->ifa_addr)->sin6_addr; ++ } ++ ++ if (src && inet_ntop(fam, src, buf, sizeof(buf)) != NULL) { ++ // Extract base name from ifa->ifa_name (e.g., "lo" from "lo:1-2") ++ char ifa_name_base[IFNAMSIZ]; ++ strncpy(ifa_name_base, ifa->ifa_name, IFNAMSIZ - 1); ++ ifa_name_base[IFNAMSIZ - 1] = '\0'; ++ char *alias_sep = strchr(ifa_name_base, ':'); ++ if (alias_sep) ++ *alias_sep = '\0'; ++ ++ if (fam == af && ++ strcmp(ifa_name_base, ifname_real) == 0 && ++ strcmp(buf, address) == 0) { ++ found = true; ++ } ++ } ++ } ++ ++ freeifaddrs(ifaddr); ++ free(address); ++ free(family); ++ free(ifname_real); ++ ++ return found; ++} +\ No newline at end of file +diff --git a/archcommon.h b/archcommon.h +index fe99950..3323f63 100644 +--- a/archcommon.h ++++ b/archcommon.h +@@ -5,7 +5,9 @@ bool execable(const char *); + #define iface_is_link() (!_iface_has(ifd->real_iface, ":.")) + #define iface_has(s) _iface_has(ifd->real_iface, (s)) + #define iface_is_lo() ((!strcmp(ifd->logical_iface, LO_IFACE)) && (!no_loopback)) ++#define address_exists() iface_has_address(ifd) + ++bool iface_has_address(interface_defn *ifd); + bool _iface_has(const char *, const char *); + void cleanup_hwaddress(interface_defn *ifd, char **pparam, int argc, char **argv); + void make_hex_address(interface_defn *ifd, char **pparam, int argc, char **argv); +diff --git a/inet.defn b/inet.defn +index f6f3795..a79215c 100644 +--- a/inet.defn ++++ b/inet.defn +@@ -37,10 +37,10 @@ method static + + up + /sbin/ip addr add %address%[[/%netmask%]] [[broadcast %broadcast%]] \ +- [[peer %pointopoint%]] [[scope %scope%]] dev %iface% label %iface% +- /sbin/ip link set dev %iface% [[mtu %mtu%]] [[address %hwaddress%]] up +- +- [[ /sbin/ip route add default via %gateway% [[metric %metric%]] dev %iface% onlink ]] ++ [[peer %pointopoint%]] [[scope %scope%]] dev %iface% label %iface% ; \ ++ if (!address_exists()) ++ /sbin/ip link set dev %iface% [[mtu %mtu%]] [[address %hwaddress%]] up ; ++ [[ /sbin/ip route replace default via %gateway% [[metric %metric%]] dev %iface% onlink ]] + + down + [[ /sbin/ip route del default via %gateway% [[metric %metric%]] dev %iface% 2>&1 1>/dev/null || true ]] +diff --git a/inet6.defn b/inet6.defn +index 9817560..742d5b4 100644 +--- a/inet6.defn ++++ b/inet6.defn +@@ -91,9 +91,9 @@ method static + if (var_set("accept_ra", ifd) && !var_true("accept_ra", ifd)) + /sbin/ip link set dev %iface% [[address %hwaddress%]] up + /sbin/ip -6 addr add %address%[[/%netmask%]] [[scope %scope%]] dev %iface% [[preferred_lft %preferred-lifetime%]] \ +- if (!var_set("dad-attempts", ifd) || var_true("dad-attempts", ifd)) ++ if ((!address_exists()) && (!var_set("dad-attempts", ifd) || var_true("dad-attempts", ifd))) + /sbin/ip -6 addr add %address%[[/%netmask%]] [[scope %scope%]] dev %iface% [[preferred_lft %preferred-lifetime%]] nodad \ +- if (var_set("dad-attempts", ifd) && !var_true("dad-attempts", ifd)) ++ if ((!address_exists()) && (var_set("dad-attempts", ifd) && !var_true("dad-attempts", ifd))) + [[ /sbin/ip -6 route replace default via %gateway% [[metric %metric%]] dev %iface% onlink ]] + /lib/ifupdown/settle-dad.sh if (!no_act_commands && execable("/lib/ifupdown/settle-dad.sh") && (var_true("dad-attempts", ifd))) + +diff --git a/tests/linux/up.1 b/tests/linux/up.1 +index 06e2923..fccdbcb 100644 +--- a/tests/linux/up.1 ++++ b/tests/linux/up.1 +@@ -5,57 +5,43 @@ exit code: 0 + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + echo hi + echo hello + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth1=eth1 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.252.0.0 broadcast 1.3.255.255 dev eth1 label eth1 +-/sbin/ip link set dev eth1 up +- ++/sbin/ip addr add 1.2.3.4/255.252.0.0 broadcast 1.3.255.255 dev eth1 label eth1 ; /sbin/ip link set dev eth1 up ; + echo hi + echo hello + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth2=eth2 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.128 broadcast 1.2.3.127 dev eth2 label eth2 +-/sbin/ip link set dev eth2 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.128 broadcast 1.2.3.127 dev eth2 label eth2 ; /sbin/ip link set dev eth2 up ; + echo hi + echo hello + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth3=eth3 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.0 dev eth3 label eth3 +-/sbin/ip link set dev eth3 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.0 dev eth3 label eth3 ; /sbin/ip link set dev eth3 up ; + true + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth3=eth3 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.252 broadcast 1.2.3.4 dev eth3 label eth3 +-/sbin/ip link set dev eth3 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.252 broadcast 1.2.3.4 dev eth3 label eth3 ; /sbin/ip link set dev eth3 up ; + true + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth3=eth3 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.254 broadcast 255.255.255.255 dev eth3 label eth3 +-/sbin/ip link set dev eth3 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.254 broadcast 255.255.255.255 dev eth3 label eth3 ; /sbin/ip link set dev eth3 up ; + true + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth3=eth3 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.254 broadcast 0.0.0.0 dev eth3 label eth3 +-/sbin/ip link set dev eth3 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.254 broadcast 0.0.0.0 dev eth3 label eth3 ; /sbin/ip link set dev eth3 up ; + true + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +diff --git a/tests/linux/up.11 b/tests/linux/up.11 +index be6b803..46e14b8 100644 +--- a/tests/linux/up.11 ++++ b/tests/linux/up.11 +@@ -11,8 +11,6 @@ configure lo + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +diff --git a/tests/linux/up.16 b/tests/linux/up.16 +index 93b3fe1..f2e4935 100644 +--- a/tests/linux/up.16 ++++ b/tests/linux/up.16 +@@ -10,16 +10,12 @@ ifup: configuring interface lo=lo (inet) + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth1=eth1 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth1 label eth1 +-/sbin/ip link set dev eth1 mtu 1500 address 12:34:56:89:0a:bc up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth1 label eth1 ; /sbin/ip link set dev eth1 mtu 1500 address 12:34:56:89:0a:bc up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth1=eth1 (inet6) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +@@ -27,17 +23,15 @@ ifup: configuring interface eth1=eth1 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth1.autoconf=0 +-if [ "$(/bin/cat /sys/class/net/eth1/mtu)" -lt 1492 ]; then /sbin/ip link set dev eth1 mtu 1492; else /sbin/sysctl -q -e -w net.ipv6.conf.eth1.mtu=1492; fi ++intf=$(echo "eth1"|/usr/bin/awk -F ':' '{print $1}');if [ "$(/bin/cat /sys/class/net/${intf}/mtu)" -lt 1492 ]; then /sbin/ip link set dev eth1 mtu 1492; else /sbin/sysctl -q -e -w net.ipv6.conf.eth1.mtu=1492; fi + /sbin/ip link set dev eth1 address 12:34:ff:fe:0a:bc up +-/sbin/ip -6 addr add 3ffe:ffff:120::fffe:1/64 dev eth1 ++/sbin/ip -6 addr add 3ffe:ffff:120::fffe:1/64 dev eth1 + + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth2=eth2 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.5/255.255.255.0 broadcast 1.2.3.255 dev eth2 label eth2 +-/sbin/ip link set dev eth2 mtu 1500 address 12:34:56:89:0a:bc up +- ++/sbin/ip addr add 1.2.3.5/255.255.255.0 broadcast 1.2.3.255 dev eth2 label eth2 ; /sbin/ip link set dev eth2 mtu 1500 address 12:34:56:89:0a:bc up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth2=eth2 (inet6) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +@@ -45,7 +39,7 @@ ifup: configuring interface eth2=eth2 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth2.autoconf=0 +-if [ "$(/bin/cat /sys/class/net/eth2/mtu)" -lt 1492 ]; then /sbin/ip link set dev eth2 mtu 1492; else /sbin/sysctl -q -e -w net.ipv6.conf.eth2.mtu=1492; fi ++intf=$(echo "eth2"|/usr/bin/awk -F ':' '{print $1}');if [ "$(/bin/cat /sys/class/net/${intf}/mtu)" -lt 1492 ]; then /sbin/ip link set dev eth2 mtu 1492; else /sbin/sysctl -q -e -w net.ipv6.conf.eth2.mtu=1492; fi + /sbin/ip link set dev eth2 address 12:34:ff:fe:0a:bc up + /sbin/ip -6 addr add 3ffe:ffff:120::fffe:1/64 dev eth2 + +@@ -53,8 +47,6 @@ if [ "$(/bin/cat /sys/class/net/eth2/mtu)" -lt 1492 ]; then /sbin/ip link set de + + ifup: configuring interface eth3=eth3 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.5/255.255.255.0 broadcast 1.2.3.255 dev eth3 label eth3 +-/sbin/ip link set dev eth3 mtu 1500 address 12:34:56:89:0a:bc up +- ++/sbin/ip addr add 1.2.3.5/255.255.255.0 broadcast 1.2.3.255 dev eth3 label eth3 ; /sbin/ip link set dev eth3 mtu 1500 address 12:34:56:89:0a:bc up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +diff --git a/tests/linux/up.2 b/tests/linux/up.2 +index d80702f..282e57b 100644 +--- a/tests/linux/up.2 ++++ b/tests/linux/up.2 +@@ -5,43 +5,31 @@ exit code: 0 + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth1=eth1 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.3.4.5/255.255.255.0 broadcast 1.3.4.255 dev eth1 label eth1 +-/sbin/ip link set dev eth1 up +- ++/sbin/ip addr add 1.3.4.5/255.255.255.0 broadcast 1.3.4.255 dev eth1 label eth1 ; /sbin/ip link set dev eth1 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth2=eth2 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.4.5.6/255.255.255.0 broadcast 1.4.5.255 dev eth2 label eth2 +-/sbin/ip link set dev eth2 up +- ++/sbin/ip addr add 1.4.5.6/255.255.255.0 broadcast 1.4.5.255 dev eth2 label eth2 ; /sbin/ip link set dev eth2 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth3=eth3 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.5.6.7/255.255.255.0 broadcast 1.5.6.255 dev eth3 label eth3 +-/sbin/ip link set dev eth3 up +- ++/sbin/ip addr add 1.5.6.7/255.255.255.0 broadcast 1.5.6.255 dev eth3 label eth3 ; /sbin/ip link set dev eth3 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth4=eth4 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.7.8.9/255.255.255.0 broadcast 1.7.8.255 dev eth4 label eth4 +-/sbin/ip link set dev eth4 up +- ++/sbin/ip addr add 1.7.8.9/255.255.255.0 broadcast 1.7.8.255 dev eth4 label eth4 ; /sbin/ip link set dev eth4 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth5=eth5 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.8.9.10/255.255.255.0 broadcast 1.8.9.255 dev eth5 label eth5 +-/sbin/ip link set dev eth5 up +- ++/sbin/ip addr add 1.8.9.10/255.255.255.0 broadcast 1.8.9.255 dev eth5 label eth5 ; /sbin/ip link set dev eth5 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +diff --git a/tests/linux/up.3 b/tests/linux/up.3 +index d0f5d34..251d8f4 100644 +--- a/tests/linux/up.3 ++++ b/tests/linux/up.3 +@@ -5,9 +5,7 @@ exit code: 1 + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth0=eth0 (inet6) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +@@ -15,7 +13,7 @@ ifup: configuring interface eth0=eth0 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::1/64 dev eth0 nodad + +@@ -26,7 +24,7 @@ ifup: configuring interface eth0=eth0 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::2/64 dev eth0 nodad + +@@ -37,7 +35,7 @@ ifup: configuring interface eth0=eth0 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::3/64 dev eth0 nodad + +@@ -48,7 +46,7 @@ ifup: configuring interface eth0=eth0 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::4 dev eth0 nodad + +@@ -59,7 +57,7 @@ ifup: configuring interface eth0=eth0 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::5/128 dev eth0 nodad + +@@ -70,7 +68,7 @@ ifup: configuring interface eth0=eth0 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 64 dev eth0 nodad + +@@ -86,7 +84,7 @@ ifup: configuring interface eth1=eth1 (inet6) + + /sbin/sysctl -q -e -w net.ipv6.conf.eth1.accept_ra=0 + /sbin/sysctl -q -e -w net.ipv6.conf.eth1.autoconf=0 +- ++intf=$(echo "eth1"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip addr flush dev eth1 mngtmpaddr + /sbin/ip link set dev eth1 up + /sbin/ip -6 addr add 3ffe:ffff:100:f102::1/64 dev eth1 nodad +@@ -98,7 +96,7 @@ ifup: configuring interface eth1=eth1 (inet6) + + /sbin/sysctl -q -e -w net.ipv6.conf.eth1.accept_ra=1 + /sbin/sysctl -q -e -w net.ipv6.conf.eth1.autoconf=0 +- ++intf=$(echo "eth1"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth1 up + /sbin/ip -6 addr add 3ffe:ffff:100:f102::6/64 dev eth1 nodad + /sbin/ip -6 route replace default via 3ffe:ffff:100:f102::fff dev eth1 onlink +diff --git a/tests/linux/up.4 b/tests/linux/up.4 +index 575c9ae..7682c73 100644 +--- a/tests/linux/up.4 ++++ b/tests/linux/up.4 +@@ -4,9 +4,7 @@ exit code: 0 + + ifup: configuring interface eth0=work (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + echo hi + echo hello + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +diff --git a/tests/linux/up.5 b/tests/linux/up.5 +index ec6f493..bcd3de7 100644 +--- a/tests/linux/up.5 ++++ b/tests/linux/up.5 +@@ -5,8 +5,6 @@ exit code: 0 + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 address 00:DE:AD:00:BE:AF up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 address 00:DE:AD:00:BE:AF up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +diff --git a/tests/linux/up.6 b/tests/linux/up.6 +index ec6f493..bcd3de7 100644 +--- a/tests/linux/up.6 ++++ b/tests/linux/up.6 +@@ -5,8 +5,6 @@ exit code: 0 + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 address 00:DE:AD:00:BE:AF up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 address 00:DE:AD:00:BE:AF up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +diff --git a/tests/linux/up.7 b/tests/linux/up.7 +index 901a898..f18f144 100644 +--- a/tests/linux/up.7 ++++ b/tests/linux/up.7 +@@ -5,9 +5,7 @@ exit code: 0 + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth0=eth0 (inet6) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +@@ -15,7 +13,7 @@ ifup: configuring interface eth0=eth0 (inet6) + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.use_tempaddr=2 + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.accept_ra=0 + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip addr flush dev eth0 mngtmpaddr + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::1/64 dev eth0 nodad +@@ -24,9 +22,7 @@ ifup: configuring interface eth0=eth0 (inet6) + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth0=eth0 (inet6) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +@@ -34,7 +30,7 @@ ifup: configuring interface eth0=eth0 (inet6) + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.use_tempaddr=2 + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.accept_ra=0 + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip addr flush dev eth0 mngtmpaddr + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::1/64 dev eth0 nodad +@@ -48,7 +44,7 @@ ifup: configuring interface eth0.1=eth0.1 (inet6) + + + /sbin/sysctl -q -e -w net.ipv6.conf.eth0/1.autoconf=0 +- ++intf=$(echo "eth0.1"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip link set dev eth0.1 up + /sbin/ip -6 addr add 3ffe:ffff:120:f101::1/64 dev eth0.1 nodad + +@@ -56,9 +52,7 @@ ifup: configuring interface eth0.1=eth0.1 (inet6) + + ifup: configuring interface eth0=eth0 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 +-/sbin/ip link set dev eth0 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth0 label eth0 ; /sbin/ip link set dev eth0 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + ifup: configuring interface eth0=eth0 (inet6) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +@@ -66,7 +60,7 @@ ifup: configuring interface eth0=eth0 (inet6) + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.use_tempaddr=2 + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.accept_ra=0 + /sbin/sysctl -q -e -w net.ipv6.conf.eth0.autoconf=0 +- ++intf=$(echo "eth0"|/usr/bin/awk -F ':' '{print $1}'); + /sbin/ip addr flush dev eth0 mngtmpaddr + /sbin/ip link set dev eth0 up + /sbin/ip -6 addr add 3ffe:ffff:100:f101::1/64 dev eth0 nodad +@@ -76,9 +70,7 @@ if test -d /sys/class/net/eth0 && ! ip link show eth0.0201 >/dev/null 2>&1; + + ifup: configuring interface eth0.0201=eth0.0201 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 192.168.0.1/255.255.255.128 broadcast 192.168.0.127 dev eth0.0201 label eth0.0201 +-/sbin/ip link set dev eth0.0201 up +- ++/sbin/ip addr add 192.168.0.1/255.255.255.128 broadcast 192.168.0.127 dev eth0.0201 label eth0.0201 ; /sbin/ip link set dev eth0.0201 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + if test -d /sys/class/net/br0 && ! ip link show br0.0201 >/dev/null 2>&1; then if test `cat /sys/class/net/br0/type` -eq 32; then echo 0x0201 > /sys/class/net/br0/create_child; else /sbin/ip link set up dev br0; /sbin/ip link add link br0 name br0.0201 type vlan id 201; fi; fi + +diff --git a/tests/linux/up.8 b/tests/linux/up.8 +index f1f3f59..d9cc9e1 100644 +--- a/tests/linux/up.8 ++++ b/tests/linux/up.8 +@@ -5,18 +5,14 @@ exit code: 0 + + ifup: configuring interface eth1=eth1 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth1 label eth1 +-/sbin/ip link set dev eth1 up +- ++/sbin/ip addr add 1.2.3.4/255.255.255.0 broadcast 1.2.3.255 dev eth1 label eth1 ; /sbin/ip link set dev eth1 up ; + echo hi + echo hello + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + + ifup: configuring interface eth1:1=eth1:1 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 1.5.3.4/255.255.255.0 broadcast 1.5.3.255 dev eth1:1 label eth1:1 +-/sbin/ip link set dev eth1:1 up +- ++/sbin/ip addr add 1.5.3.4/255.255.255.0 broadcast 1.5.3.255 dev eth1:1 label eth1:1 ; /sbin/ip link set dev eth1:1 up ; + echo hihi + echo hellolo + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +@@ -24,16 +20,12 @@ if test -d /sys/class/net/eth2 && ! ip link show eth2.2 >/dev/null 2>&1; + + ifup: configuring interface eth2.2=eth2.2 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 2.3.4.5/255.255.255.0 broadcast 2.3.4.255 dev eth2.2 label eth2.2 +-/sbin/ip link set dev eth2.2 up +- ++/sbin/ip addr add 2.3.4.5/255.255.255.0 broadcast 2.3.4.255 dev eth2.2 label eth2.2 ; /sbin/ip link set dev eth2.2 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + if test -d /sys/class/net/eth2 && ! ip link show eth2.2 >/dev/null 2>&1; then if test `cat /sys/class/net/eth2/type` -eq 32; then echo 0x2 > /sys/class/net/eth2/create_child; else /sbin/ip link set up dev eth2; /sbin/ip link add link eth2 name eth2.2 type vlan id 2; fi; fi + + ifup: configuring interface eth2.2:3=eth2.2:3 (inet) + /bin/run-parts --exit-on-error --verbose /etc/network/if-pre-up.d +-/sbin/ip addr add 3.4.5.6/255.255.254.0 broadcast 3.4.5.255 dev eth2.2:3 label eth2.2:3 +-/sbin/ip link set dev eth2.2:3 up +- ++/sbin/ip addr add 3.4.5.6/255.255.254.0 broadcast 3.4.5.255 dev eth2.2:3 label eth2.2:3 ; /sbin/ip link set dev eth2.2:3 up ; + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d + /bin/run-parts --exit-on-error --verbose /etc/network/if-up.d +-- +2.34.1 + diff --git a/networking/ifupdown/debian/trixie/deb_patches/series b/networking/ifupdown/debian/trixie/deb_patches/series new file mode 100644 index 000000000..2e34d96d7 --- /dev/null +++ b/networking/ifupdown/debian/trixie/deb_patches/series @@ -0,0 +1,4 @@ +0001-Fix-detection-logic.patch +0002-Fix-long-labels-cause-command-to-fail.patch +0003-filter-out-interface-label-when-setting-MTU.patch +0004-Check-for-existing-IP-before-adding.patch diff --git a/networking/ifupdown/debian/trixie/meta_data.yaml b/networking/ifupdown/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..d040cadaa --- /dev/null +++ b/networking/ifupdown/debian/trixie/meta_data.yaml @@ -0,0 +1,7 @@ +--- +debver: 0.8.36 +debname: ifupdown +archive: https://snapshot.debian.org/archive/debian/20220519T084715Z/pool/main/i/ifupdown/ +revision: + dist: $STX_DIST + PKG_GITREVCOUNT: true diff --git a/networking/iputils/debian/trixie/meta_data.yaml b/networking/iputils/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..8dab29207 --- /dev/null +++ b/networking/iputils/debian/trixie/meta_data.yaml @@ -0,0 +1,7 @@ +--- +debver: 20210202-1 +debname: iputils +archive: https://snapshot.debian.org/archive/debian/20220530T153822Z/pool/main/i/iputils/ +revision: + dist: $STX_DIST + PKG_GITREVCOUNT: true diff --git a/networking/iputils/debian/trixie/patches/0001-Revert-Add-strict-pattern-matching-on-response-when-.patch b/networking/iputils/debian/trixie/patches/0001-Revert-Add-strict-pattern-matching-on-response-when-.patch new file mode 100644 index 000000000..fdfe19519 --- /dev/null +++ b/networking/iputils/debian/trixie/patches/0001-Revert-Add-strict-pattern-matching-on-response-when-.patch @@ -0,0 +1,120 @@ +From e7384da3a54416a8f3ef6cab187452b165ef9aa1 Mon Sep 17 00:00:00 2001 +From: Petr Vorel +Date: Thu, 15 Apr 2021 07:48:03 +0200 +Subject: [PATCH] Revert "Add strict pattern matching on response when pattern + was provided" + +This reverts commit f7710a17c4d5994313a64583f511bcdb9559f2a9. + +Commit broke report of truncated packets: +$ ping -c2 -s100 google.com +PING google.com (142.250.185.238) 100(128) bytes of data. + +Running ping from both s20161105 (which does not contain f7710a1) and +reverted f7710a1 on master reports truncated packets: + +$ ping -c2 -s100 google.com +PING google.com (142.250.185.238) 100(128) bytes of data. +76 bytes from fra16s53-in-f14.1e100.net (142.250.185.238): icmp_seq=1 ttl=116 (truncated) +76 bytes from fra16s53-in-f14.1e100.net (142.250.185.238): icmp_seq=2 ttl=116 (truncated) + +There was unreachable code in gather_statistics() because +contains_pattern_in_payload() added in f7710a1 always found a mismatch +first. Due that all of these did not work: +* updating counters for statistics generation +* keeping track of timestamps and time-of-flight using the first section + of the payload +* checking for duplicate replies and report them +* printing basic info about the reply +* printing "(truncated)" if the reply was truncated +* checking the checksum +* validating the rest of the payload (bytes 17 and above) against the + ICMP request that was sent, and report any differences + +Fixes: f7710a1 ("Add strict pattern matching on response when pattern was provided") +Closes: https://github.com/iputils/iputils/issues/320 +Closes: https://github.com/iputils/iputils/pull/331 + +Reported-by: Paul Swirhun +Suggested-by: Paul Swirhun +Reviewed-by: Noah Meyerhans +Signed-off-by: Petr Vorel +(cherry picked from commit dff5d82dadab1b04400b2f9e1eb10a0d124868ed) +Signed-off-by: M. Vefa Bicakci +--- + ping/ping.c | 2 -- + ping/ping.h | 1 - + ping/ping6_common.c | 2 -- + ping/ping_common.c | 18 ------------------ + 4 files changed, 23 deletions(-) + +diff --git a/ping/ping.c b/ping/ping.c +index 38012c2c262c..6fcb44f2d7f5 100644 +--- a/ping/ping.c ++++ b/ping/ping.c +@@ -1549,8 +1549,6 @@ int ping4_parse_reply(struct ping_rts *rts, struct socket_st *sock, + return 1; + if (!is_ours(rts, sock, icp->un.echo.id)) + return 1; /* 'Twas not our ECHO */ +- if (!contains_pattern_in_payload(rts, (uint8_t *)(icp + 1))) +- return 1; /* 'Twas really not our ECHO */ + if (gather_statistics(rts, (uint8_t *)icp, sizeof(*icp), cc, + ntohs(icp->un.echo.sequence), + reply_ttl, 0, tv, pr_addr(rts, from, sizeof *from), +diff --git a/ping/ping.h b/ping/ping.h +index c8bbcf6a8728..86652bf6774f 100644 +--- a/ping/ping.h ++++ b/ping/ping.h +@@ -380,7 +380,6 @@ int is_ours(struct ping_rts *rts, socket_st *sock, uint16_t id); + extern int pinger(struct ping_rts *rts, ping_func_set_st *fset, socket_st *sock); + extern void sock_setbufs(struct ping_rts *rts, socket_st *, int alloc); + extern void setup(struct ping_rts *rts, socket_st *); +-extern int contains_pattern_in_payload(struct ping_rts *rts, uint8_t *ptr); + extern int main_loop(struct ping_rts *rts, ping_func_set_st *fset, socket_st*, + uint8_t *packet, int packlen); + extern int finish(struct ping_rts *rts); +diff --git a/ping/ping6_common.c b/ping/ping6_common.c +index 459f63e26bbf..fcb48beb065a 100644 +--- a/ping/ping6_common.c ++++ b/ping/ping6_common.c +@@ -823,8 +823,6 @@ int ping6_parse_reply(struct ping_rts *rts, socket_st *sock, + return 1; + if (!is_ours(rts, sock, icmph->icmp6_id)) + return 1; +- if (!contains_pattern_in_payload(rts, (uint8_t *)(icmph + 1))) +- return 1; /* 'Twas really not our ECHO */ + if (gather_statistics(rts, (uint8_t *)icmph, sizeof(*icmph), cc, + ntohs(icmph->icmp6_seq), + hops, 0, tv, pr_addr(rts, from, sizeof *from), +diff --git a/ping/ping_common.c b/ping/ping_common.c +index 33e6003366c3..357c39d79013 100644 +--- a/ping/ping_common.c ++++ b/ping/ping_common.c +@@ -553,24 +553,6 @@ void setup(struct ping_rts *rts, socket_st *sock) + } + } + +-/* +- * Return 0 if pattern in payload point to be ptr did not match the pattern that was sent +- */ +-int contains_pattern_in_payload(struct ping_rts *rts, uint8_t *ptr) +-{ +- size_t i; +- uint8_t *cp, *dp; +- +- /* check the data */ +- cp = ((u_char *)ptr) + sizeof(struct timeval); +- dp = &rts->outpack[8 + sizeof(struct timeval)]; +- for (i = sizeof(struct timeval); i < rts->datalen; ++i, ++cp, ++dp) { +- if (*cp != *dp) +- return 0; +- } +- return 1; +-} +- + int main_loop(struct ping_rts *rts, ping_func_set_st *fset, socket_st *sock, + uint8_t *packet, int packlen) + { +-- +2.29.2 + diff --git a/networking/iputils/debian/trixie/patches/0002-ping-Move-ping_rts-multicast.patch b/networking/iputils/debian/trixie/patches/0002-ping-Move-ping_rts-multicast.patch new file mode 100644 index 000000000..2bafac316 --- /dev/null +++ b/networking/iputils/debian/trixie/patches/0002-ping-Move-ping_rts-multicast.patch @@ -0,0 +1,37 @@ +From d62d37a1b9222983ed2a284cf9d4599961d6ce8f Mon Sep 17 00:00:00 2001 +From: Petr Vorel +Date: Mon, 18 Oct 2021 15:27:35 +0200 +Subject: [PATCH] ping: Move ping_rts->multicast + +as it's used for both IPv4 and IPv6. + +Signed-off-by: Petr Vorel +(cherry picked from commit 7a4ec7532871772cb22a3b2c42f6006f95f8b263) +Signed-off-by: M. Vefa Bicakci +--- + ping/ping.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ping/ping.h b/ping/ping.h +index 86652bf6774f..8fb36670b1f1 100644 +--- a/ping/ping.h ++++ b/ping/ping.h +@@ -192,6 +192,7 @@ struct ping_rts { + struct sockaddr_in6 source6; + struct sockaddr_in6 whereto6; + struct sockaddr_in6 firsthop6; ++ int multicast; + + /* Used only in ping.c */ + int ts_type; +@@ -201,7 +202,6 @@ struct ping_rts { + int optlen; + int settos; /* Set TOS, Precedence or other QOS options */ + int broadcast_pings; +- int multicast; + struct sockaddr_in source; + + /* Used only in ping_common.c */ +-- +2.29.2 + diff --git a/networking/iputils/debian/trixie/patches/0003-ping-Print-reply-from-Subnet-Router-anycast-address.patch b/networking/iputils/debian/trixie/patches/0003-ping-Print-reply-from-Subnet-Router-anycast-address.patch new file mode 100644 index 000000000..8747bdae1 --- /dev/null +++ b/networking/iputils/debian/trixie/patches/0003-ping-Print-reply-from-Subnet-Router-anycast-address.patch @@ -0,0 +1,134 @@ +From 1a869e19893de4a561c3c9420637feccb59cfa1c Mon Sep 17 00:00:00 2001 +From: Petr Vorel +Date: Mon, 18 Oct 2021 15:13:44 +0200 +Subject: [PATCH] ping: Print reply from Subnet-Router anycast address + +by detecting Subnet-Router address for 64 bit prefix and suppress +address comparison check. + +5e052ad ("ping: discard packets with wrong source address") correctly +hid replies with wrong source address to comply RFC 1122 (Section +3.2.1.3: "The IP source address in an ICMP Echo Reply MUST be the same +as the specific-destination address"). + +While change in 5e052ad works for broadcast and multicast addresses and +some of anycast addresses, it does not work for (at least) Subnet-Router +anycast address): + + # VETH1_IPV6=fd00:dead:beef:1234::1 + # VPEER1_IPV6=fd00:dead:beef:1234::2 + # ip netns add ns-ipv6 + # ip li add name veth1 type veth peer name vpeer1 + # ip -6 addr add $VETH1_IPV6/64 dev veth1 + # ip li set dev veth1 up + # ip li set dev vpeer1 netns ns-ipv6 + # ip netns exec ns-ipv6 ip li set dev lo up + # ip netns exec ns-ipv6 ip -6 addr add $VPEER1_IPV6/64 dev vpeer1 + # ip netns exec ns-ipv6 ip li set vpeer1 up + # ip netns exec ns-ipv6 ip -6 route add default dev vpeer1 via $VETH1_IPV6 + # sysctl -w net.ipv6.conf.all.forwarding=1 + + $ ping -c1 ff02::1 # anycast - all nodes + PING ff02::1(ff02::1) 56 data bytes + 64 bytes from fe80::9c9c:ffff:fe14:e9d2%vpeer1: icmp_seq=1 ttl=64 time=0.064 ms + + $ ping -c1 ff02::2 # anycast - all routers + PING ff02::2(ff02::2) 56 data bytes + 64 bytes from fe80::5496:9ff:fef5:8f01%vpeer1: icmp_seq=1 ttl=64 time=0.088 ms + + $ ping -c1 -W5 fd00:dead:beef:1234:: # Subnet-Router anycast + PING fd00:dead:beef:1234::(fd00:dead:beef:1234::) 56 data bytes + +Subnet-Router anycast address works for both busybox ping (without +printing the real source address) and fping: + + $ busybox ping -c1 fd00:dead:beef:1234:: + PING fd00:dead:beef:1234:: (fd00:dead:beef:1234::): 56 data bytes + 64 bytes from fd00:dead:beef:1234::1: seq=0 ttl=64 time=0.122 ms + + $ fping -c1 fd00:dead:beef:1234:: + [<- fd00:dead:beef:1234::1]fd00:dead:beef:1234:: : [0], 64 bytes, 0.096 ms (0.096 avg, 0% loss) + +RFC 4291 specifies Subnet-Router anycast address as [1]: + + The Subnet-Router anycast address is predefined. Its format is as + follows: + | n bits | 128-n bits | + +------------------------------------------------+----------------+ + | subnet prefix | 00000000000000 | + +------------------------------------------------+----------------+ + + The "subnet prefix" in an anycast address is the prefix that + identifies a specific link. This anycast address is syntactically + the same as a unicast address for an interface on the link with the + interface identifier set to zero. + +=> to detect Subnet-Router anycast address we need to know prefix, which +we don't know, thus detect it for prefix 64 (the default IPv6 prefix). + +[1] https://datatracker.ietf.org/doc/html/rfc4291#section-2.6.1 + +Fixes: 5e052ad ("ping: discard packets with wrong source address") +Closes: https://github.com/iputils/iputils/issues/371 + +Reported-by: Tim Sandquist +Signed-off-by: Petr Vorel +(cherry picked from commit 15a5e5c7aace5a7a782ff802988e04ed4c1148a5) +Signed-off-by: M. Vefa Bicakci +--- + ping/ping.h | 1 + + ping/ping6_common.c | 12 +++++++++++- + 2 files changed, 12 insertions(+), 1 deletion(-) + +diff --git a/ping/ping.h b/ping/ping.h +index 8fb36670b1f1..e357d73a9a10 100644 +--- a/ping/ping.h ++++ b/ping/ping.h +@@ -212,6 +212,7 @@ struct ping_rts { + #endif + + /* Used only in ping6_common.c */ ++ int subnet_router_anycast; /* Subnet-Router anycast (RFC 4291) */ + struct sockaddr_in6 firsthop; + unsigned char cmsgbuf[4096]; + size_t cmsglen; +diff --git a/ping/ping6_common.c b/ping/ping6_common.c +index fcb48beb065a..d0d2d8489a26 100644 +--- a/ping/ping6_common.c ++++ b/ping/ping6_common.c +@@ -101,6 +101,7 @@ int ping6_run(struct ping_rts *rts, int argc, char **argv, struct addrinfo *ai, + struct socket_st *sock) + { + int hold, packlen; ++ size_t i; + unsigned char *packet; + char *target; + struct icmp6_filter filter; +@@ -247,6 +248,15 @@ int ping6_run(struct ping_rts *rts, int argc, char **argv, struct addrinfo *ai, + rts->pmtudisc = IPV6_PMTUDISC_DO; + } + ++ /* detect Subnet-Router anycast at least for the default prefix 64 */ ++ rts->subnet_router_anycast = 1; ++ for (i = 8; i < sizeof(struct in6_addr); i++) { ++ if (rts->whereto6.sin6_addr.s6_addr[i]) { ++ rts->subnet_router_anycast = 0; ++ break; ++ } ++ } ++ + if (rts->pmtudisc >= 0) { + if (setsockopt(sock->fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER, &rts->pmtudisc, + sizeof rts->pmtudisc) == -1) +@@ -818,7 +828,7 @@ int ping6_parse_reply(struct ping_rts *rts, socket_st *sock, + } + + if (icmph->icmp6_type == ICMP6_ECHO_REPLY) { +- if (!rts->multicast && ++ if (!rts->multicast && !rts->subnet_router_anycast && + memcmp(&from->sin6_addr.s6_addr, &rts->whereto6.sin6_addr.s6_addr, 16)) + return 1; + if (!is_ours(rts, sock, icmph->icmp6_id)) +-- +2.29.2 + diff --git a/networking/iputils/debian/trixie/patches/0004-ping-Print-reply-with-wrong-source-with-warning.patch b/networking/iputils/debian/trixie/patches/0004-ping-Print-reply-with-wrong-source-with-warning.patch new file mode 100644 index 000000000..c3b0213cf --- /dev/null +++ b/networking/iputils/debian/trixie/patches/0004-ping-Print-reply-with-wrong-source-with-warning.patch @@ -0,0 +1,150 @@ +From 77241783e710b28fa898da48e9aa0bef2db7971d Mon Sep 17 00:00:00 2001 +From: Petr Vorel +Date: Fri, 15 Oct 2021 17:38:51 +0200 +Subject: [PATCH] ping: Print reply with wrong source with warning + +5e052ad ("ping: discard packets with wrong source address") correctly +hid replies with wrong source address to comply RFC 1122 (Section +3.2.1.3: "The IP source address in an ICMP Echo Reply MUST be the same +as the specific-destination address"). + +This caused to hide reply when pinging Subnet-Router anycast address. +Although it was fixed in the previous commit, relax this to admit the +reply but print warning "DIFFERENT ADDRESS!". ping is diagnostic program, +with insisting on RFC we force people to use tcpdump to see replies. + +Link: https://github.com/iputils/iputils/issues/371 + +Reviewed-by: Matteo Croce +Signed-off-by: Petr Vorel +(cherry picked from commit 5f6bec5ab57cc8beaa78f5756a0ffbdf01f28d36) +Signed-off-by: M. Vefa Bicakci +--- + ping/ping.c | 10 ++++++---- + ping/ping.h | 3 ++- + ping/ping6_common.c | 13 ++++++++----- + ping/ping_common.c | 6 +++++- + 4 files changed, 21 insertions(+), 11 deletions(-) + +diff --git a/ping/ping.c b/ping/ping.c +index 6fcb44f2d7f5..3bd9e3179459 100644 +--- a/ping/ping.c ++++ b/ping/ping.c +@@ -1504,6 +1504,7 @@ int ping4_parse_reply(struct ping_rts *rts, struct socket_st *sock, + int reply_ttl; + uint8_t *opts, *tmp_ttl; + int olen; ++ int wrong_source = 0; + + /* Check the IP header */ + ip = (struct iphdr *)buf; +@@ -1544,15 +1545,16 @@ int ping4_parse_reply(struct ping_rts *rts, struct socket_st *sock, + csfailed = in_cksum((unsigned short *)icp, cc, 0); + + if (icp->type == ICMP_ECHOREPLY) { +- if (!rts->broadcast_pings && !rts->multicast && +- from->sin_addr.s_addr != rts->whereto.sin_addr.s_addr) +- return 1; + if (!is_ours(rts, sock, icp->un.echo.id)) + return 1; /* 'Twas not our ECHO */ ++ ++ if (!rts->broadcast_pings && !rts->multicast && ++ from->sin_addr.s_addr != rts->whereto.sin_addr.s_addr) ++ wrong_source = 1; + if (gather_statistics(rts, (uint8_t *)icp, sizeof(*icp), cc, + ntohs(icp->un.echo.sequence), + reply_ttl, 0, tv, pr_addr(rts, from, sizeof *from), +- pr_echo_reply, rts->multicast)) { ++ pr_echo_reply, rts->multicast, wrong_source)) { + fflush(stdout); + return 0; + } +diff --git a/ping/ping.h b/ping/ping.h +index e357d73a9a10..a5f05f4f0e36 100644 +--- a/ping/ping.h ++++ b/ping/ping.h +@@ -389,7 +389,8 @@ extern void common_options(int ch); + extern int gather_statistics(struct ping_rts *rts, uint8_t *icmph, int icmplen, + int cc, uint16_t seq, int hops, + int csfailed, struct timeval *tv, char *from, +- void (*pr_reply)(uint8_t *ptr, int cc), int multicast); ++ void (*pr_reply)(uint8_t *ptr, int cc), int multicast, ++ int wrong_source); + extern void print_timestamp(struct ping_rts *rts); + void fill(struct ping_rts *rts, char *patp, unsigned char *packet, size_t packet_size); + +diff --git a/ping/ping6_common.c b/ping/ping6_common.c +index d0d2d8489a26..4712928b9c75 100644 +--- a/ping/ping6_common.c ++++ b/ping/ping6_common.c +@@ -802,6 +802,7 @@ int ping6_parse_reply(struct ping_rts *rts, socket_st *sock, + struct cmsghdr *c; + struct icmp6_hdr *icmph; + int hops = -1; ++ int wrong_source = 0; + + for (c = CMSG_FIRSTHDR(msg); c; c = CMSG_NXTHDR(msg, c)) { + if (c->cmsg_level != IPPROTO_IPV6) +@@ -828,16 +829,18 @@ int ping6_parse_reply(struct ping_rts *rts, socket_st *sock, + } + + if (icmph->icmp6_type == ICMP6_ECHO_REPLY) { +- if (!rts->multicast && !rts->subnet_router_anycast && +- memcmp(&from->sin6_addr.s6_addr, &rts->whereto6.sin6_addr.s6_addr, 16)) +- return 1; + if (!is_ours(rts, sock, icmph->icmp6_id)) + return 1; ++ ++ if (!rts->multicast && !rts->subnet_router_anycast && ++ memcmp(&from->sin6_addr.s6_addr, &rts->whereto6.sin6_addr.s6_addr, 16)) ++ wrong_source = 1; ++ + if (gather_statistics(rts, (uint8_t *)icmph, sizeof(*icmph), cc, + ntohs(icmph->icmp6_seq), + hops, 0, tv, pr_addr(rts, from, sizeof *from), + pr_echo_reply, +- rts->multicast)) { ++ rts->multicast, wrong_source)) { + fflush(stdout); + return 0; + } +@@ -850,7 +853,7 @@ int ping6_parse_reply(struct ping_rts *rts, socket_st *sock, + seq, + hops, 0, tv, pr_addr(rts, from, sizeof *from), + pr_niquery_reply, +- rts->multicast)) ++ rts->multicast, 0)) + return 0; + } else { + int nexthdr; +diff --git a/ping/ping_common.c b/ping/ping_common.c +index 357c39d79013..03362590ce18 100644 +--- a/ping/ping_common.c ++++ b/ping/ping_common.c +@@ -711,7 +711,8 @@ int main_loop(struct ping_rts *rts, ping_func_set_st *fset, socket_st *sock, + int gather_statistics(struct ping_rts *rts, uint8_t *icmph, int icmplen, + int cc, uint16_t seq, int hops, + int csfailed, struct timeval *tv, char *from, +- void (*pr_reply)(uint8_t *icmph, int cc), int multicast) ++ void (*pr_reply)(uint8_t *icmph, int cc), int multicast, ++ int wrong_source) + { + int dupflag = 0; + long triptime = 0; +@@ -804,10 +805,13 @@ restamp: + printf(_(" time=%ld.%03ld ms"), triptime / 1000, + triptime % 1000); + } ++ + if (dupflag && (!multicast || rts->opt_verbose)) + printf(_(" (DUP!)")); + if (csfailed) + printf(_(" (BAD CHECKSUM!)")); ++ if (wrong_source) ++ printf(_(" (DIFFERENT ADDRESS!)")); + + /* check the data */ + cp = ((unsigned char *)ptr) + sizeof(struct timeval); +-- +2.29.2 + diff --git a/networking/iputils/debian/trixie/patches/series b/networking/iputils/debian/trixie/patches/series new file mode 100644 index 000000000..41dc3d55f --- /dev/null +++ b/networking/iputils/debian/trixie/patches/series @@ -0,0 +1,4 @@ +0001-Revert-Add-strict-pattern-matching-on-response-when-.patch +0002-ping-Move-ping_rts-multicast.patch +0003-ping-Print-reply-from-Subnet-Router-anycast-address.patch +0004-ping-Print-reply-with-wrong-source-with-warning.patch diff --git a/networking/lldpd/debian/trixie/deb_patches/debian-configure-lldp-initscript.patch b/networking/lldpd/debian/trixie/deb_patches/debian-configure-lldp-initscript.patch new file mode 100644 index 000000000..4436dcbd1 --- /dev/null +++ b/networking/lldpd/debian/trixie/deb_patches/debian-configure-lldp-initscript.patch @@ -0,0 +1,23 @@ +From yue.tao@windriver.com + +Subject: install the i40e-lldp-configure.sh to /etc/init.d. The script allows +a user to enable and disable the internal LLDP agent. + +--- a/debian/rules ++++ b/debian/rules +@@ -9,3 +9,8 @@ override_dh_auto_configure: + --with-snmp \ + --with-xml \ + --with-systemdsystemunitdir=/lib/systemd/system ++ ++override_dh_install: ++ install -d -m 755 debian/tmp/etc/init.d ++ install -m 755 i40e-lldp-configure.sh debian/tmp/etc/init.d ++ dh_install +--- a/debian/lldpd.install ++++ b/debian/lldpd.install +@@ -5,3 +5,4 @@ debian/tmp/usr/sbin/lldp* + debian/tmp/usr/share/bash-completion/completions/* + debian/tmp/usr/share/zsh/vendor-completions/* + debian/tmp/etc/lldpd.d/* ++debian/tmp/etc/init.d/* diff --git a/networking/lldpd/debian/trixie/deb_patches/series b/networking/lldpd/debian/trixie/deb_patches/series new file mode 100644 index 000000000..cf72e1b5d --- /dev/null +++ b/networking/lldpd/debian/trixie/deb_patches/series @@ -0,0 +1 @@ +debian-configure-lldp-initscript.patch diff --git a/networking/lldpd/debian/trixie/meta_data.yaml b/networking/lldpd/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..df270278a --- /dev/null +++ b/networking/lldpd/debian/trixie/meta_data.yaml @@ -0,0 +1,6 @@ +--- +debver: 1.0.11-1+deb11u2 +archive: https://snapshot.debian.org/archive/debian/20230927T030735Z/pool/main/l/lldpd/ +revision: + dist: $STX_DIST + PKG_GITREVCOUNT: true diff --git a/networking/lldpd/debian/trixie/patches/lldpd-create-run-dir.patch b/networking/lldpd/debian/trixie/patches/lldpd-create-run-dir.patch new file mode 100644 index 000000000..538cc7fa1 --- /dev/null +++ b/networking/lldpd/debian/trixie/patches/lldpd-create-run-dir.patch @@ -0,0 +1,12 @@ +Index: lldpd-0.9.0/src/daemon/lldpd.service.in +=================================================================== +--- lldpd-0.9.0.orig/src/daemon/lldpd.service.in ++++ lldpd-0.9.0/src/daemon/lldpd.service.in +@@ -9,6 +9,7 @@ Type=notify + NotifyAccess=main + EnvironmentFile=-/etc/default/lldpd + EnvironmentFile=-/etc/sysconfig/lldpd ++ExecStartPre=/bin/mkdir -p /var/run/lldpd + ExecStart=@sbindir@/lldpd $DAEMON_ARGS $LLDPD_OPTIONS + Restart=on-failure + PrivateTmp=yes diff --git a/networking/lldpd/debian/trixie/patches/lldpd-i40e-disable.patch b/networking/lldpd/debian/trixie/patches/lldpd-i40e-disable.patch new file mode 100644 index 000000000..9f9913ca8 --- /dev/null +++ b/networking/lldpd/debian/trixie/patches/lldpd-i40e-disable.patch @@ -0,0 +1,230 @@ +Index: lldpd-0.9.0/src/daemon/lldpd.service.in +=================================================================== +--- lldpd-0.9.0.orig/src/daemon/lldpd.service.in ++++ lldpd-0.9.0/src/daemon/lldpd.service.in +@@ -10,6 +10,7 @@ NotifyAccess=main + EnvironmentFile=-/etc/default/lldpd + EnvironmentFile=-/etc/sysconfig/lldpd + ExecStartPre=/bin/mkdir -p /var/run/lldpd ++ExecStartPre=/etc/init.d/i40e-lldp-configure.sh stop + ExecStart=@sbindir@/lldpd $DAEMON_ARGS $LLDPD_OPTIONS + Restart=on-failure + PrivateTmp=yes +--- /dev/null ++++ b/i40e-lldp-configure.sh +@@ -0,0 +1,215 @@ ++#!/bin/bash ++################################################################################ ++# Copyright (c) 2021 Wind River Systems, Inc. ++# ++# SPDX-License-Identifier: Apache-2.0 ++# ++################################################################################ ++ ++# Certain i40e network devices (XL710 Fortville) have an internal firmware LLDP ++# agent enabled by default. This can prevent LLDP PDUs from being processed by ++# the driver and any upper layer agents. ++# ++# This script allows a user to enable and disable the internal LLDP agent. ++# ++# Note: debugfs must be enabled in the kernel ++# ++# Note: Devices with firmware 5.05 and 8.10 use the ethtool command ++# Devices with firmware 7.10 use the sysfs command ++# ++# To enable: ++# ./i40e-lldp-configure.sh start ++# ++# To disable: ++# ./i40e-lldp-configure.sh stop ++ ++PROGNAME=$(basename $0) ++DEBUGFS_PATH=/sys/kernel/debug ++DEBUGFS_I40_DEVICES_PATH=$DEBUGFS_PATH/i40e ++LLDP_COMMAND=lldp ++ ++function log { ++ local MSG="${PROGNAME}: $1" ++ logger -p notice "${MSG}" ++} ++ ++function err { ++ local MSG="${PROGNAME}: $1" ++ logger -p error "${MSG}" ++} ++ ++function configure_device { ++ local DEVICE=$1 ++ local ACTION=$2 ++ local DEVICE_PATH=${DEBUGFS_I40_DEVICES}/${DEVICE} ++ ++ if [ ! -d ${DEVICE_PATH} ]; then ++ return 1 ++ fi ++ ++ echo "${LLDP_COMMAND} ${ACTION}" > ${DEVICE_PATH}/command ++ RET=$? ++ ++ if [ ${RET} -ne 0 ]; then ++ err "Failed to ${ACTION} internal LLDP agent for device ${DEVICE}" ++ return ${RET} ++ fi ++ ++ log "${ACTION} internal LLDP agent for device ${DEVICE}" ++ return ${RET} ++} ++ ++function ethtool_device { ++ local DEVICE=$1 ++ local COMMAND=$2 ++ ++ ethtool --set-priv-flags ${DEVICE} disable-fw-lldp ${COMMAND} ++ RET=$? ++ ++ if [ ${RET} -ne 0 ]; then ++ err "Failed to set disable-fw-lldp ${COMMAND} for device ${DEVICE}" ++ return ${RET} ++ fi ++ ++ log "Set disable-fw-lldp ${COMMAND} for device ${DEVICE}" ++ return ${RET} ++} ++ ++ ++function is_debugfs_mounted { ++ if grep -qs "${DEBUGFS_PATH}" /proc/mounts; then ++ return 0 ++ fi ++ return 1 ++} ++ ++function mount_debugfs { ++ mount -t debugfs none ${DEBUGFS_PATH} ++} ++ ++function unmount_debugfs { ++ umount ${DEBUGFS_PATH} ++} ++ ++function find_device_interface_from_pciaddr { ++ INTERFACE="" ++ ++ #Get device PCI address from path ++ local PCI_ADDR=${DEVICE##*/} ++ ++ #Lookup the device directory ++ local DEVICE_PATH ++ DEVICE_PATH=$(find /sys/devices -type d -name ${PCI_ADDR}) ++ ++ if [ -z "${DEVICE_PATH}" ]; then ++ log "Unable to find interface for ${PCI_ADDR}" ++ else ++ #Get the interface name for device ++ INTERFACE=$(ls ${DEVICE_PATH}/net) ++ if [ -z "${INTERFACE}" ]; then ++ log "Unable to find interface for ${PCI_ADDR}" ++ else ++ log "Found interface ${INTERFACE} for PCI address ${PCI_ADDR}" ++ fi ++ fi ++ ++} ++ ++function scan_devices { ++ local ACTION=$1 ++ local DEBUGFS_MOUNTED="false" ++ local DEVICES=${DEBUGFS_I40_DEVICES_PATH}/* ++ ++ if [ "${ACTION}" = "start" ]; then ++ local ETHTOOL_COMMAND="off" ++ else ++ local ETHTOOL_COMMAND="on" ++ fi ++ ++ if is_debugfs_mounted; then ++ DEBUGFS_MOUNTED="true" ++ fi ++ ++ if [ ${DEBUGFS_MOUNTED} = "false" ]; then ++ mount_debugfs ++ RET=$? ++ if [ ${RET} -ne 0 ]; then ++ err "Failed to mount debugfs" ++ return ${RET} ++ fi ++ log "Mounted debugfs" ++ fi ++ ++ # Set option to prevent the below for loop from running once ++ # if there are no directories in the $DEVICES path. ++ # Save the initial state in order to reset later ++ shopt -q nullglob ++ NULLGLOB=$? ++ shopt -s nullglob ++ ++ for DEVICE in $DEVICES; do ++ find_device_interface_from_pciaddr ++ if [ ! -z "${INTERFACE}" ]; then ++ ethtool_device ${INTERFACE} ${ETHTOOL_COMMAND} ++ RET=$? ++ # Ethtool method does not work for some firmware versions ++ # Fall back to sysfs method if ethtool does not work ++ if [ ${RET} -ne 0 ]; then ++ # Sysfs method is not able to return 1 if it fails ++ configure_device ${DEVICE} ${ACTION} ++ fi ++ else ++ configure_device ${DEVICE} ${ACTION} ++ fi ++ done ++ ++ # Unset option if that was the original state ++ if [ "${NULLGLOB}" -eq 1 ]; then ++ shopt -u nullglob ++ fi ++ ++ if [ ${DEBUGFS_MOUNTED} = "false" ]; then ++ unmount_debugfs ++ RET=$? ++ if [ ${RET} -ne 0 ]; then ++ err "Failed to unmount debugfs" ++ return ${RET} ++ fi ++ log "Unmounted debugfs" ++ fi ++ ++ return 0 ++} ++ ++function start { ++ scan_devices start ++ return $? ++} ++ ++function stop { ++ scan_devices stop ++ return $? ++} ++ ++function status { ++ return 0 ++} ++ ++case "$1" in ++ start) ++ start ++ ;; ++ stop) ++ stop ++ ;; ++ restart) ++ stop ++ start ++ ;; ++ status) ++ status ++ ;; ++ *) ++ echo "Usage: $0 {start|stop|restart|status}" ++ exit 1 ++esac diff --git a/networking/lldpd/debian/trixie/patches/series b/networking/lldpd/debian/trixie/patches/series new file mode 100644 index 000000000..5e24af182 --- /dev/null +++ b/networking/lldpd/debian/trixie/patches/series @@ -0,0 +1,2 @@ +lldpd-create-run-dir.patch +lldpd-i40e-disable.patch diff --git a/networking/net-tools/debian/trixie/meta_data.yaml b/networking/net-tools/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..ffe7dad0c --- /dev/null +++ b/networking/net-tools/debian/trixie/meta_data.yaml @@ -0,0 +1,6 @@ +--- +debver: 1.60+git20181103.0eebece-1+deb11u2 +archive: https://snapshot.debian.org/archive/debian-security/20250531T173325Z/pool/updates/main/n/net-tools +revision: + dist: $STX_DIST + PKG_GITREVCOUNT: true diff --git a/networking/net-tools/debian/trixie/patches/net-tools-hostname-ipv6-shortname.patch b/networking/net-tools/debian/trixie/patches/net-tools-hostname-ipv6-shortname.patch new file mode 100644 index 000000000..cd487ca62 --- /dev/null +++ b/networking/net-tools/debian/trixie/patches/net-tools-hostname-ipv6-shortname.patch @@ -0,0 +1,36 @@ +From 142ae27a708465920db6280fb7f89138a48e4cd1 Mon Sep 17 00:00:00 2001 +From: Scott Little +Date: Mon, 2 Oct 2017 16:42:24 -0400 +Subject: [PATCH] net-tools: hostname ipv6 shortname + +These are not supported for IPv6 so just consume the option +and return the default hostname value + +Signed-off-by: Scott Little +Signed-off-by: Yue Tao +--- + hostname.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/hostname.c b/hostname.c +index 34e4ac7..fd3c5cb 100644 +--- a/hostname.c ++++ b/hostname.c +@@ -344,8 +344,13 @@ int main(int argc, char **argv) + break; + case 'a': + case 'f': +- case 'i': + case 's': ++ /* ++ * These are not supported for IPv6 so just consume the option ++ * and return the default hostname value ++ */ ++ break; ++ case 'i': + what = 1; + type = c; + break; +-- +2.25.1 + diff --git a/networking/net-tools/debian/trixie/patches/net-tools-ifconfig-no-ifstate-on-flush.patch b/networking/net-tools/debian/trixie/patches/net-tools-ifconfig-no-ifstate-on-flush.patch new file mode 100644 index 000000000..29d826c74 --- /dev/null +++ b/networking/net-tools/debian/trixie/patches/net-tools-ifconfig-no-ifstate-on-flush.patch @@ -0,0 +1,32 @@ +From 2467301a909ac9648d2903166edcac9badc510af Mon Sep 17 00:00:00 2001 +From: Scott Little +Date: Mon, 2 Oct 2017 16:42:25 -0400 +Subject: [PATCH] net-tools: ifconfig no ifstate on flush + +do not continue to change interface state if only flushing addresses + +Signed-off-by: Scott Little +Signed-off-by: Yue Tao +--- + ifconfig.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/ifconfig.c b/ifconfig.c +index 7c62d85..06092ed 100644 +--- a/ifconfig.c ++++ b/ifconfig.c +@@ -983,6 +983,11 @@ int main(int argc, char **argv) + exit(1); + } + r = ioctl(fd, SIOCSIFADDR, &ifr); ++ if (((struct sockaddr_in*)&sa)->sin_addr.s_addr == INADDR_ANY) { ++ /* do not continue to change interface state if only flushing addresses */ ++ spp++; ++ continue; ++ } + break; + #endif + #if HAVE_AFECONET +-- +2.25.1 + diff --git a/networking/net-tools/debian/trixie/patches/series b/networking/net-tools/debian/trixie/patches/series new file mode 100644 index 000000000..16804cc62 --- /dev/null +++ b/networking/net-tools/debian/trixie/patches/series @@ -0,0 +1,2 @@ +net-tools-hostname-ipv6-shortname.patch +net-tools-ifconfig-no-ifstate-on-flush.patch diff --git a/networking/openvswitch/debian/trixie/deb_patches/fix-openvswitch-vtep-race.patch b/networking/openvswitch/debian/trixie/deb_patches/fix-openvswitch-vtep-race.patch new file mode 100644 index 000000000..18ad124de --- /dev/null +++ b/networking/openvswitch/debian/trixie/deb_patches/fix-openvswitch-vtep-race.patch @@ -0,0 +1,31 @@ +From 32c9dd776dc75b3ddfe30311adc2657d5ae2901f Mon Sep 17 00:00:00 2001 +From: Charles Short +Date: Tue, 18 Oct 2022 10:51:41 -0400 +Subject: [PATCH 3/3] fix openvswitch-vtep race + +Don't try to stop openvswitch-switch if openvswitch-vtep is +disabled in the /etc/default/openvswitch-vtep. Otherwise systemd +timesout when the system is shutting down. + +Signed-off-by: Charles Short +--- + debian/openvswitch-vtep.init | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/debian/openvswitch-vtep.init b/debian/openvswitch-vtep.init +index 6200029dc..5bdea18e6 100644 +--- a/debian/openvswitch-vtep.init ++++ b/debian/openvswitch-vtep.init +@@ -56,6 +56,9 @@ start () { + } + + stop () { ++ if [ "$ENABLE_OVS_VTEP" = "false" ]; then ++ exit 0 ++ fi + /etc/init.d/openvswitch-switch stop + } + +-- +2.25.1 + diff --git a/networking/openvswitch/debian/trixie/deb_patches/series b/networking/openvswitch/debian/trixie/deb_patches/series new file mode 100644 index 000000000..1b2d57261 --- /dev/null +++ b/networking/openvswitch/debian/trixie/deb_patches/series @@ -0,0 +1 @@ +fix-openvswitch-vtep-race.patch diff --git a/networking/openvswitch/debian/trixie/docker/Dockerfile b/networking/openvswitch/debian/trixie/docker/Dockerfile new file mode 100644 index 000000000..9045bdfbd --- /dev/null +++ b/networking/openvswitch/debian/trixie/docker/Dockerfile @@ -0,0 +1,28 @@ +# Expected build arguments: +# BASE: specify base layer +# +ARG BASE + +FROM ${BASE} + +RUN apt-get -y update \ + && apt-get -y install \ + openvswitch-common \ + openvswitch-dbg \ + openvswitch-dev \ + openvswitch-ipsec \ + openvswitch-pki \ + openvswitch-switch \ + openvswitch-testcontroller \ + openvswitch-vtep \ + tini + +# Ensure that tini is located at the root /tini +RUN ln -s /usr/bin/tini /tini + +RUN rm -rf \ + /var/cache/debconf/* \ + /var/lib/apt/lists/* \ + /var/log/* \ + /tmp/* \ + /var/tmp/* diff --git a/networking/openvswitch/debian/trixie/meta_data.yaml b/networking/openvswitch/debian/trixie/meta_data.yaml new file mode 100644 index 000000000..2343cf059 --- /dev/null +++ b/networking/openvswitch/debian/trixie/meta_data.yaml @@ -0,0 +1,9 @@ +--- +debname: openvswitch +debver: 2.15.0+ds1-2+deb11u5 +archive: https://snapshot.debian.org/archive/debian-security/20240320T004512Z/pool/updates/main/o/openvswitch/ +revision: + dist: $STX_DIST + GITREVCOUNT: + BASE_SRCREV: a806d997496740f2cec02db121c609e3c743c003 + SRC_DIR: ${MY_REPO}/stx/integ/networking/openvswitch diff --git a/networking/openvswitch/debian/trixie/stx-ovs.stable_docker_image b/networking/openvswitch/debian/trixie/stx-ovs.stable_docker_image new file mode 100644 index 000000000..c5892097f --- /dev/null +++ b/networking/openvswitch/debian/trixie/stx-ovs.stable_docker_image @@ -0,0 +1,2 @@ +BUILDER=docker +LABEL=stx-ovs