Add bridge configuration

This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2014-10-07 02:18:35 -04:00
parent 9d1b393670
commit 0f2f0b41bf
2 changed files with 89 additions and 0 deletions

View File

@ -0,0 +1,87 @@
From 92f6fa8c02e7721120e712b8cc1d250ce940f51c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 7 Oct 2014 01:49:10 -0400
Subject: [PATCH] fedora: add bridge sysctl configuration
Udev rule is added to load those settings when the bridge
module is loaded.
https://bugzilla.redhat.com/show_bug.cgi?id=634736
---
Makefile.am | 8 ++++++--
rules/.gitignore | 1 +
rules/99-bridge.rules.in | 9 +++++++++
sysctl.d/50-bridge.conf | 4 ++++
4 files changed, 20 insertions(+), 2 deletions(-)
create mode 100644 rules/99-bridge.rules.in
create mode 100644 sysctl.d/50-bridge.conf
diff --git a/Makefile.am b/Makefile.am
index e52db1793b..41e94575ef 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -445,7 +445,8 @@ CLEANFILES += \
$(nodist_zshcompletion_DATA)
dist_sysctl_DATA = \
- sysctl.d/50-default.conf
+ sysctl.d/50-default.conf \
+ sysctl.d/50-bridge.conf
dist_systemunit_DATA = \
units/graphical.target \
@@ -3281,7 +3282,8 @@ dist_udevrules_DATA += \
rules/95-udev-late.rules
nodist_udevrules_DATA += \
- rules/99-systemd.rules
+ rules/99-systemd.rules \
+ rules/99-bridge.rules
dist_udevhwdb_DATA = \
hwdb/20-pci-vendor-model.hwdb \
@@ -3306,10 +3308,12 @@ sharepkgconfig_DATA = \
EXTRA_DIST += \
rules/99-systemd.rules.in \
+ rules/99-bridge.rules.in \
src/udev/udev.pc.in
CLEANFILES += \
rules/99-systemd.rules \
+ rules/99-bridge.rules \
src/udev/udev.pc
EXTRA_DIST += \
diff --git a/rules/.gitignore b/rules/.gitignore
index 93a50ddd80..46c7f3ce91 100644
--- a/rules/.gitignore
+++ b/rules/.gitignore
@@ -1 +1,2 @@
/99-systemd.rules
+/99-bridge.rules
diff --git a/rules/99-bridge.rules.in b/rules/99-bridge.rules.in
new file mode 100644
index 0000000000..f46f96bd2e
--- /dev/null
+++ b/rules/99-bridge.rules.in
@@ -0,0 +1,9 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+# Apply sysctl settings to bridges
+ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="@rootlibexecdir@/systemd-sysctl --prefix=/net/bridge"
diff --git a/sysctl.d/50-bridge.conf b/sysctl.d/50-bridge.conf
new file mode 100644
index 0000000000..b586bf15fa
--- /dev/null
+++ b/sysctl.d/50-bridge.conf
@@ -0,0 +1,4 @@
+# Disable netfilter on bridges.
+net.bridge.bridge-nf-call-ip6tables = 0
+net.bridge.bridge-nf-call-iptables = 0
+net.bridge.bridge-nf-call-arptables = 0

View File

@ -573,6 +573,7 @@ Patch0531: 0531-Update-TODO.patch
Patch0532: 0532-proc-sys-prefixes-are-not-necessary-for-sysctl-anymo.patch
Patch0533: 0533-core-don-t-allow-enabling-if-unit-is-masked.patch
Patch0534: 0534-fedora-disable-resolv.conf-symlink.patch
Patch0535: 0535-fedora-add-bridge-sysctl-configuration.patch
# kernel-install patch for grubby, drop if grubby is obsolete
@ -1225,6 +1226,7 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
%{_prefix}/lib/tmpfiles.d/etc.conf
%{_prefix}/lib/sysctl.d/50-default.conf
%{_prefix}/lib/sysctl.d/50-coredump.conf
%{_prefix}/lib/sysctl.d/50-bridge.conf
%{_prefix}/lib/sysusers.d/basic.conf
%{_prefix}/lib/sysusers.d/systemd.conf
%{_prefix}/lib/sysusers.d/systemd-remote.conf