forked from Minki/linux
35a256fee5
Add support to allow non-local binds similar to how this was done for IPv4. Non-local binds are very useful in emulating the Internet in a box, etc. This add the ip_nonlocal_bind sysctl under ipv6. Testing: Set up nonlocal binding and receive routing on a host, e.g.: ip -6 rule add from ::/0 iif eth0 lookup 200 ip -6 route add local 2001:0:0:1::/64 dev lo proto kernel scope host table 200 sysctl -w net.ipv6.ip_nonlocal_bind=1 Set up routing to 2001:0:0:1::/64 on peer to go to first host ping6 -I 2001:0:0:1::1 peer-address -- to verify Signed-off-by: Tom Herbert <tom@herbertland.com> Signed-off-by: David S. Miller <davem@davemloft.net>
95 lines
2.2 KiB
C
95 lines
2.2 KiB
C
/*
|
|
* ipv6 in net namespaces
|
|
*/
|
|
|
|
#include <net/inet_frag.h>
|
|
|
|
#ifndef __NETNS_IPV6_H__
|
|
#define __NETNS_IPV6_H__
|
|
#include <net/dst_ops.h>
|
|
|
|
struct ctl_table_header;
|
|
|
|
struct netns_sysctl_ipv6 {
|
|
#ifdef CONFIG_SYSCTL
|
|
struct ctl_table_header *hdr;
|
|
struct ctl_table_header *route_hdr;
|
|
struct ctl_table_header *icmp_hdr;
|
|
struct ctl_table_header *frags_hdr;
|
|
struct ctl_table_header *xfrm6_hdr;
|
|
#endif
|
|
int bindv6only;
|
|
int flush_delay;
|
|
int ip6_rt_max_size;
|
|
int ip6_rt_gc_min_interval;
|
|
int ip6_rt_gc_timeout;
|
|
int ip6_rt_gc_interval;
|
|
int ip6_rt_gc_elasticity;
|
|
int ip6_rt_mtu_expires;
|
|
int ip6_rt_min_advmss;
|
|
int flowlabel_consistency;
|
|
int auto_flowlabels;
|
|
int icmpv6_time;
|
|
int anycast_src_echo_reply;
|
|
int ip_nonlocal_bind;
|
|
int fwmark_reflect;
|
|
int idgen_retries;
|
|
int idgen_delay;
|
|
int flowlabel_state_ranges;
|
|
};
|
|
|
|
struct netns_ipv6 {
|
|
struct netns_sysctl_ipv6 sysctl;
|
|
struct ipv6_devconf *devconf_all;
|
|
struct ipv6_devconf *devconf_dflt;
|
|
struct inet_peer_base *peers;
|
|
struct netns_frags frags;
|
|
#ifdef CONFIG_NETFILTER
|
|
struct xt_table *ip6table_filter;
|
|
struct xt_table *ip6table_mangle;
|
|
struct xt_table *ip6table_raw;
|
|
#ifdef CONFIG_SECURITY
|
|
struct xt_table *ip6table_security;
|
|
#endif
|
|
struct xt_table *ip6table_nat;
|
|
#endif
|
|
struct rt6_info *ip6_null_entry;
|
|
struct rt6_statistics *rt6_stats;
|
|
struct timer_list ip6_fib_timer;
|
|
struct hlist_head *fib_table_hash;
|
|
struct fib6_table *fib6_main_tbl;
|
|
struct dst_ops ip6_dst_ops;
|
|
unsigned int ip6_rt_gc_expire;
|
|
unsigned long ip6_rt_last_gc;
|
|
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
|
|
struct rt6_info *ip6_prohibit_entry;
|
|
struct rt6_info *ip6_blk_hole_entry;
|
|
struct fib6_table *fib6_local_tbl;
|
|
struct fib_rules_ops *fib6_rules_ops;
|
|
#endif
|
|
struct sock **icmp_sk;
|
|
struct sock *ndisc_sk;
|
|
struct sock *tcp_sk;
|
|
struct sock *igmp_sk;
|
|
struct sock *mc_autojoin_sk;
|
|
#ifdef CONFIG_IPV6_MROUTE
|
|
#ifndef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES
|
|
struct mr6_table *mrt6;
|
|
#else
|
|
struct list_head mr6_tables;
|
|
struct fib_rules_ops *mr6_rules_ops;
|
|
#endif
|
|
#endif
|
|
atomic_t dev_addr_genid;
|
|
atomic_t fib6_sernum;
|
|
};
|
|
|
|
#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6)
|
|
struct netns_nf_frag {
|
|
struct netns_sysctl_ipv6 sysctl;
|
|
struct netns_frags frags;
|
|
};
|
|
#endif
|
|
|
|
#endif
|