Packages

  • Status Closed
  • Percent Complete
    100%
  • Task Type Bug Report
  • Category Any
  • Assigned To
    Emulatorman
  • Operating System Hyperbola GNU/Linux-libre
  • Severity Critical
  • Priority Very High
  • Reported Version Any
  • Due in Version Starfix
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Packages
Opened by coadde - 07/08/2018
Last edited by Emulatorman - 09/08/2018

FS#1126 - [netifrc] fix "net_veth" and "net_macsec" initscripts

Description:

  • “net_veth” and “net_macsec” initscripts contains some issues.

Additional info:

  • netifrc 0.6.0-2.backports1

/etc/conf.d/net_veth


-# Source Interface (host)
-IFSRC=interface_host
+# Source Interface (host), example: IFSRC=veh0
+IFSRC=veh0
 # Set custom parameters on Source Interface
 IFCTS=
-# Destination Interface (guest)
-IFDST=interface_guest
+# Destination Interface (guest), example: IFDST=veg0
+IFDST=veg0
 # Set custom parameters on Destination Interface
 IFCTD=

/etc/conf.d/net_macsec


-# Source Interface (host)
-IFSRC=interface_host
-# Network init service dependency from Source Interface
-#IFDEP=net.interface_host
-# Destination Interface (macsec/guest)
-IFDST=interface_macsec
+# Source Interface (host), example: IFSRC=eth0
+IFSRC=eth0
+# Network init service dependency from Source Interface, example: IFDEP=net.eth0
+IFDEP=
+# Destination Interface (macsec/guest), example: IFDST=macsec0
+IFDST=macsec0
 # Set custom parameters on MACsec Interface
 IFCTD=

---

 IFPAR="cipher gcm-aes-128
        icvlen 16
        encrypt on
        protect off
        replay off
        send_sci on
-       validate strict"
+       validate disabled"

---

-# Add receive channels and/or receive association keys (RXSC), examples:
-#
-# [sci_<0..ffffffffffffffff(hex)>|port_<1..65535(dec)>_address_<00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>][_<on/off>]
-#
-# sci_0
-# sci_ffffffffffffffff_on
-# port_1_address_00:00:00:00:00:00
-# port_2_address_ff:ff:ff:ff:ff:ff_off
-#
-# [sci_<0..ffffffffffffffff(hex)>_|port_<1..65535(dec)>_address_<00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>_]sa_<0..3(dec)>_[pn_<1..4294967295(dec)>_][<on/off>_]key_<00..ff(hex)>_<00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>
-#
-# sa_0_key_00_00000000000000000000000000000000
-# sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
-# sci_0_sa_0_key_00_00000000000000000000000000000000
-# sci_32_sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# sci_451_sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# sci_7438f_sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
-# port_1_address_00:00:00:00:00:00_sa_0_key_00_00000000000000000000000000000000
-# port_2_address_ff:ff:ff:ff:ff:ff_sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# port_3_address_00:00:00:ff:ff:ff_sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# port_4_address_ff:ff:ff:00:00:00_sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
+# Add receive channels and/or receive association keys (RXSC), examples:
+#
+# "[sci <0..ffffffffffffffff(hex)>|port <1..65535(dec)> address <00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)>][ <on/off>]"
+#
+# "sci 0"
+# "sci ffffffffffffffff on"
+# "port 1 address 00:00:00:00:00:00"
+# "port 2 address ff:ff:ff:ff:ff:ff off"
+#
+# "[sci <0..ffffffffffffffff(hex)> |port <1..65535(dec)> address <00:00:00:00:00:00..ff:ff:ff:ff:ff:ff(hex)> ]sa <0..3(dec)> [pn <1..4294967295(dec)> ][<on/off> ]key <00..ff(hex)> <00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>"
+#
+# "sci 0 sa 0 key 00 00000000000000000000000000000000"
+# "sci 32 sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0"
+# "sci 451 sa 2 on key de de00de00de00de00de00de00de00de00"
+# "sci 7438f sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1"
+# "port 1 address 00:00:00:00:00:00 sa 0 key 00 00000000000000000000000000000000"
+# "port 2 address ff:ff:ff:ff:ff:ff sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0"
+# "port 3 address 00:00:00:ff:ff:ff sa 2 on key de de00de00de00de00de00de00de00de00"
+# "port 4 address ff:ff:ff:00:00:00 sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1"
+#
+# IFRSC=("port 1 address 00:00:00:00:00:00 on"
+#        "port 1 address 00:00:00:00:00:00 sa 0 pn 1 on key 00 00000000000000000000000000000000"
+#        "sci ffffffffffff0001 on"
+#        "sci ffffffffffff0001 sa 0 pn 1 on key 00 ffffffffffffffffffffffffffffffff")
 IFRSC=()

-# Add trasmition association keys (TXSC) , examples:
-# sa_<0..3(dec)>_[pn_<1..4294967295(dec)>_][<on/off>_]key_<00..ff(hex)>_<00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>
-#
-# sa_0_key_00_00000000000000000000000000000000
-# sa_1_key_pn_1_01_f00f00f00f00f00f00f00f00f00f00f0
-# sa_2_key_on_32_de_de00de00de00de00de00de00de00de00
-# sa_3_key_pn_16345_off_a1_fca1fca1fca1fca1fca1fca1fca1fca1
+# Add trasmition association keys (TXSC) , examples:
+# "sa <0..3(dec)> [pn <1..4294967295(dec)> ][<on/off> ]key <00..ff(hex)> <00000000000000000000000000000000..ffffffffffffffffffffffffffffffff(hex)>"
+#
+# "sa 0 key 00 00000000000000000000000000000000"
+# "sa 1 pn 1 key 01 f00f00f00f00f00f00f00f00f00f00f0"
+# "sa 2 on key de de00de00de00de00de00de00de00de00"
+# "sa 3 pn 16345 off key a1 fca1fca1fca1fca1fca1fca1fca1fca1"
+#
+# IFTSC=("sa 0 pn 1 on key 00 00000000000000000000000000000000")
 IFTSC=()

/etc/init.d/net_macsec


                         if [[ $IFRSC ]]; then
-                                for mac_rxsc in ${IFRSC[@]}; do
-                                        ip macsec add $IFDST rx ${mac_rxsc/_/ }
+                                for mac_rxsc in "${IFRSC[@]}"; do
+                                        ip macsec add $IFDST rx $mac_rxsc
                                 done
                         fi
                         if [[ $IFTSC ]]; then
-                                for mac_txsc in ${IFTSC[@]}; do
-                                        ip macsec add $IFDST tx ${mac_txsc/_/ }
+                                for mac_txsc in "${IFTSC[@]}"; do
+                                        ip macsec add $IFDST tx $mac_txsc
                                 done
                         fi

$ pacman -Si netifrc
Repository      : core
Name            : netifrc
Version         : 0.6.0-2.backports1
Description     : Network interface management scripts
Architecture    : x86_64
URL             : https://wiki.gentoo.org/wiki/Netifrc
Licenses        : BSD2
Groups          : base
Provides        : None
Depends On      : eudev
Optional Deps   : iproute2: for interface handler, VPN, bridging and tunneling support (recommended)
                  net-tools: for interface handler support
                  bridge-utils: for bridging support
                  linux-atm: for CLIP and RFC 2684 bridge support
                  wpa_supplicant: for wireless networking support (recommended)
                  wireless_tools: for wireless networking support
                  dhcpcd: for DHCP support (recommended)
                  dhclient: for DHCP support
                  busybox: for DHCP support
                  iputils: for APIPA support
                  ifenslave: for bonding interfaces
                  ppp: for PPP and ADSL support (recommended)
                  rp-pppoe: for ADSL support
                  macchanger: for changing MAC addresses
                  ifplugd: for cable in/out detection
Conflicts With  : None
Replaces        : None
Download Size   : 66.18 KiB
Installed Size  : 373.00 KiB
Packager        : André Silva <emulatorman@hyperbola.info>
Build Date      : Tue 03 Jul 2018 12:16:13 AM -03
Validated By    : MD5 Sum  SHA-256 Sum  Signature

Steps to reproduce:

  • Boot “openrc” and/or start “net_{veth,macsec}” initscripts.
Closed by  Emulatorman
09.08.2018 18:30
Reason for closing:  Fixed
Date User Effort (H:M)
watch my effort tracking timers

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing