- Status Closed
- Percent Complete
- Task Type Bug Report
- Category Any
-
Assigned To
Emulatorman - Operating System Hyperbola GNU/Linux-libre
- Severity Critical
- Priority Very High
- Reported Version Any
- Due in Version Starfix
-
Due Date
Undecided
- Votes
- Private
FS#1126 - [netifrc] fix "net_veth" and "net_macsec" initscripts
Description:
- “net_veth” and “net_macsec” initscripts contains some issues.
Additional info:
- netifrc 0.6.0-2.backports1
/etc/conf.d/net_veth
-# Source Interface (host) -IFSRC=interface_host +# Source Interface (host), example: IFSRC=veh0 +IFSRC=veh0 # Set custom parameters on Source Interface IFCTS= -# Destination Interface (guest) -IFDST=interface_guest +# Destination Interface (guest), example: IFDST=veg0 +IFDST=veg0 # Set custom parameters on Destination Interface IFCTD=
/etc/conf.d/net_macsec
-# Source Interface (host) -IFSRC=interface_host -# Network init service dependency from Source Interface -#IFDEP=net.interface_host -# Destination Interface (macsec/guest) -IFDST=interface_macsec +# Source Interface (host), example: IFSRC=eth0 +IFSRC=eth0 +# Network init service dependency from Source Interface, example: IFDEP=net.eth0 +IFDEP= +# Destination Interface (macsec/guest), example: IFDST=macsec0 +IFDST=macsec0 # Set custom parameters on MACsec Interface IFCTD= --- IFPAR="cipher gcm-aes-128 icvlen 16 encrypt on protect off replay off send_sci on - validate strict" + validate disabled" --- -# Add receive channels and/or receive association keys (RXSC), examples: -# -# [sci_<0..ffffffffffffffff(hex)>|port_<1..65535(dec)>_address_<00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>][_<on/off>] -# -# sci_0 -# sci_ffffffffffffffff_on -# port_1_address_00:00:00:00:00:00 -# port_2_address_ff:ff:ff:ff:ff:ff_off -# -# [sci_<0..ffffffffffffffff(hex)>_|port_<1..65535(dec)>_address_<00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>_]sa_<0..3(dec)>_[pn_<1..4294967295(dec)>_][<on/off>_]key_<00..ff(hex)>_<00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)> -# -# sa_0_key_00_00000000000000000000000000000000 -# sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0 -# sa_2_key_on_32_de_de00de00de00de00de00de00de00de00 -# sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1 -# sci_0_sa_0_key_00_00000000000000000000000000000000 -# sci_32_sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0 -# sci_451_sa_2_key_on_32_de_de00de00de00de00de00de00de00de00 -# sci_7438f_sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1 -# port_1_address_00:00:00:00:00:00_sa_0_key_00_00000000000000000000000000000000 -# port_2_address_ff:ff:ff:ff:ff:ff_sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0 -# port_3_address_00:00:00:ff:ff:ff_sa_2_key_on_32_de_de00de00de00de00de00de00de00de00 -# port_4_address_ff:ff:ff:00:00:00_sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1 +# Add receive channels and/or receive association keys (RXSC), examples: +# +# "[sci <0..ffffffffffffffff(hex)>|port <1..65535(dec)> address <00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>][ <on/off>]" +# +# "sci 0" +# "sci ffffffffffffffff on" +# "port 1 address 00:00:00:00:00:00" +# "port 2 address ff:ff:ff:ff:ff:ff off" +# +# "[sci <0..ffffffffffffffff(hex)> |port <1..65535(dec)> address <00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)> ]sa <0..3(dec)> [pn <1..4294967295(dec)> ][<on/off> ]key <00..ff(hex)> <00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>" +# +# "sci 0 sa 0 key 00 00000000000000000000000000000000" +# "sci 32 sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0" +# "sci 451 sa 2 on key de de00de00de00de00de00de00de00de00" +# "sci 7438f sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1" +# "port 1 address 00:00:00:00:00:00 sa 0 key 00 00000000000000000000000000000000" +# "port 2 address ff:ff:ff:ff:ff:ff sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0" +# "port 3 address 00:00:00:ff:ff:ff sa 2 on key de de00de00de00de00de00de00de00de00" +# "port 4 address ff:ff:ff:00:00:00 sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1" +# +# IFRSC=("port 1 address 00:00:00:00:00:00 on" +# "port 1 address 00:00:00:00:00:00 sa 0 pn 1 on key 00 00000000000000000000000000000000" +# "sci ffffffffffff0001 on" +# "sci ffffffffffff0001 sa 0 pn 1 on key 00 ffffffffffffffffffffffffffffffff") IFRSC=() -# Add trasmition association keys (TXSC) , examples: -# sa_<0..3(dec)>_[pn_<1..4294967295(dec)>_][<on/off>_]key_<00..ff(hex)>_<00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)> -# -# sa_0_key_00_00000000000000000000000000000000 -# sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0 -# sa_2_key_on_32_de_de00de00de00de00de00de00de00de00 -# sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1 +# Add trasmition association keys (TXSC) , examples: +# "sa <0..3(dec)> [pn <1..4294967295(dec)> ][<on/off> ]key <00..ff(hex)> <00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>" +# +# "sa 0 key 00 00000000000000000000000000000000" +# "sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0" +# "sa 2 on key de de00de00de00de00de00de00de00de00" +# "sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1" +# +# IFTSC=("sa 0 pn 1 on key 00 00000000000000000000000000000000") IFTSC=()
/etc/init.d/net_macsec
if [[ $IFRSC ]]; then - for mac_rxsc in ${IFRSC[@]}; do - ip macsec add $IFDST rx ${mac_rxsc/_/ } + for mac_rxsc in "${IFRSC[@]}"; do + ip macsec add $IFDST rx $mac_rxsc done fi if [[ $IFTSC ]]; then - for mac_txsc in ${IFTSC[@]}; do - ip macsec add $IFDST tx ${mac_txsc/_/ } + for mac_txsc in "${IFTSC[@]}"; do + ip macsec add $IFDST tx $mac_txsc done fi
$ pacman -Si netifrc Repository : core Name : netifrc Version : 0.6.0-2.backports1 Description : Network interface management scripts Architecture : x86_64 URL : https://wiki.gentoo.org/wiki/Netifrc Licenses : BSD2 Groups : base Provides : None Depends On : eudev Optional Deps : iproute2: for interface handler, VPN, bridging and tunneling support (recommended) net-tools: for interface handler support bridge-utils: for bridging support linux-atm: for CLIP and RFC 2684 bridge support wpa_supplicant: for wireless networking support (recommended) wireless_tools: for wireless networking support dhcpcd: for DHCP support (recommended) dhclient: for DHCP support busybox: for DHCP support iputils: for APIPA support ifenslave: for bonding interfaces ppp: for PPP and ADSL support (recommended) rp-pppoe: for ADSL support macchanger: for changing MAC addresses ifplugd: for cable in/out detection Conflicts With : None Replaces : None Download Size : 66.18 KiB Installed Size : 373.00 KiB Packager : André Silva <emulatorman@hyperbola.info> Build Date : Tue 03 Jul 2018 12:16:13 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
- Boot “openrc” and/or start “net_{veth,macsec}” initscripts.
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task