1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

modify /proc/sys only if needed

fixes #405

Signed-off-by: Tomas Kral <tomas.kral@gmail.com>
This commit is contained in:
Tomas Kral 2015-07-27 13:31:03 +02:00
parent 4cebc617d1
commit 5a259d55f0
3 changed files with 56 additions and 16 deletions

View file

@ -11,10 +11,19 @@ const (
) )
func setupIPForwarding() error { func setupIPForwarding() error {
// Get current IPv4 forward setup
ipv4ForwardData, err := ioutil.ReadFile(ipv4ForwardConf)
if err != nil {
return fmt.Errorf("Cannot read IP forwarding setup: %v", err)
}
// Enable IPv4 forwarding only if it is not already enabled
if ipv4ForwardData[0] != '1' {
// Enable IPv4 forwarding // Enable IPv4 forwarding
if err := ioutil.WriteFile(ipv4ForwardConf, []byte{'1', '\n'}, ipv4ForwardConfPerm); err != nil { if err := ioutil.WriteFile(ipv4ForwardConf, []byte{'1', '\n'}, ipv4ForwardConfPerm); err != nil {
return fmt.Errorf("Setup IP forwarding failed: %v", err) return fmt.Errorf("Setup IP forwarding failed: %v", err)
} }
}
return nil return nil
} }

View file

@ -131,10 +131,16 @@ func setupGatewayIPv4(config *networkConfiguration, i *bridgeInterface) error {
} }
func setupLoopbackAdressesRouting(config *networkConfiguration, i *bridgeInterface) error { func setupLoopbackAdressesRouting(config *networkConfiguration, i *bridgeInterface) error {
// Enable loopback adresses routing
sysPath := filepath.Join("/proc/sys/net/ipv4/conf", config.BridgeName, "route_localnet") sysPath := filepath.Join("/proc/sys/net/ipv4/conf", config.BridgeName, "route_localnet")
ipv4LoRoutingData, err := ioutil.ReadFile(sysPath)
if err != nil {
return fmt.Errorf("Cannot read IPv4 local routing setup: %v", err)
}
// Enable loopback adresses routing only if it isn't already enabled
if ipv4LoRoutingData[0] != '1' {
if err := ioutil.WriteFile(sysPath, []byte{'1', '\n'}, 0644); err != nil { if err := ioutil.WriteFile(sysPath, []byte{'1', '\n'}, 0644); err != nil {
return fmt.Errorf("Unable to enable local routing for hairpin mode: %v", err) return fmt.Errorf("Unable to enable local routing for hairpin mode: %v", err)
} }
}
return nil return nil
} }

View file

@ -14,6 +14,8 @@ var bridgeIPv6 *net.IPNet
const ( const (
bridgeIPv6Str = "fe80::1/64" bridgeIPv6Str = "fe80::1/64"
ipv6ForwardConfPerm = 0644 ipv6ForwardConfPerm = 0644
ipv6ForwardConfDefault = "/proc/sys/net/ipv6/conf/default/forwarding"
ipv6ForwardConfAll = "/proc/sys/net/ipv6/conf/all/forwarding"
) )
func init() { func init() {
@ -27,11 +29,17 @@ func init() {
} }
func setupBridgeIPv6(config *networkConfiguration, i *bridgeInterface) error { func setupBridgeIPv6(config *networkConfiguration, i *bridgeInterface) error {
// Enable IPv6 on the bridge
procFile := "/proc/sys/net/ipv6/conf/" + config.BridgeName + "/disable_ipv6" procFile := "/proc/sys/net/ipv6/conf/" + config.BridgeName + "/disable_ipv6"
ipv6BridgeData, err := ioutil.ReadFile(procFile)
if err != nil {
return fmt.Errorf("Cannot read IPv6 setup for bridge %v: %v", config.BridgeName, err)
}
// Enable IPv6 on the bridge only if it isn't already enabled
if ipv6BridgeData[0] != '0' {
if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, ipv6ForwardConfPerm); err != nil { if err := ioutil.WriteFile(procFile, []byte{'0', '\n'}, ipv6ForwardConfPerm); err != nil {
return fmt.Errorf("Unable to enable IPv6 addresses on bridge: %v", err) return fmt.Errorf("Unable to enable IPv6 addresses on bridge: %v", err)
} }
}
_, addrsv6, err := i.addresses() _, addrsv6, err := i.addresses()
if err != nil { if err != nil {
@ -70,12 +78,29 @@ func setupGatewayIPv6(config *networkConfiguration, i *bridgeInterface) error {
} }
func setupIPv6Forwarding(config *networkConfiguration, i *bridgeInterface) error { func setupIPv6Forwarding(config *networkConfiguration, i *bridgeInterface) error {
// Enable IPv6 forwarding // Get current IPv6 default forwarding setup
if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/default/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil { ipv6ForwardDataDefault, err := ioutil.ReadFile(ipv6ForwardConfDefault)
if err != nil {
return fmt.Errorf("Cannot read IPv6 default forwarding setup: %v", err)
}
// Enable IPv6 default forwarding only if it is not already enabled
if ipv6ForwardDataDefault[0] != '1' {
if err := ioutil.WriteFile(ipv6ForwardConfDefault, []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
logrus.Warnf("Unable to enable IPv6 default forwarding: %v", err) logrus.Warnf("Unable to enable IPv6 default forwarding: %v", err)
} }
if err := ioutil.WriteFile("/proc/sys/net/ipv6/conf/all/forwarding", []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil { }
// Get current IPv6 all forwarding setup
ipv6ForwardDataAll, err := ioutil.ReadFile(ipv6ForwardConfAll)
if err != nil {
return fmt.Errorf("Cannot read IPv6 all forwarding setup: %v", err)
}
// Enable IPv6 all forwarding only if it is not already enabled
if ipv6ForwardDataAll[0] != '1' {
if err := ioutil.WriteFile(ipv6ForwardConfAll, []byte{'1', '\n'}, ipv6ForwardConfPerm); err != nil {
logrus.Warnf("Unable to enable IPv6 all forwarding: %v", err) logrus.Warnf("Unable to enable IPv6 all forwarding: %v", err)
} }
}
return nil return nil
} }