Add syntax to disable MAC allocation
Adding `!' before an interface name will disable MAC allocation, falling back to driver mechanics. Alternatively adding `=' before an interface name causes the MAC address to be cloned (for ng_bridge(4) back-end only). While here, disable the auto-detection of wlan* since this knocks the host off; requiring the host that defines the jail to explicitly enable this feature by preceding the interface with `='.
This commit is contained in:
Devin Teske
parent
78954c3be3
commit
1ccea30f71
@ -257,7 +257,7 @@ mustberoot_to_continue()
|
||||
fi
|
||||
}
|
||||
|
||||
jib_addm_usage="addm [-b BRIDGE_NAME] NAME interface0 [interface1 ...]"
|
||||
jib_addm_usage="addm [-b BRIDGE_NAME] NAME [!]iface0 [[!]iface1 ...]"
|
||||
jib_addm_descr="Creates e0b_NAME [e1b_NAME ...]"
|
||||
jib_addm()
|
||||
{
|
||||
@ -278,9 +278,14 @@ jib_addm()
|
||||
mustberoot_to_continue
|
||||
|
||||
local iface eiface_devid_a eiface_devid_b
|
||||
local new num quad i=0
|
||||
local new no_derive num quad i=0
|
||||
for iface in $*; do
|
||||
|
||||
no_derive=
|
||||
case "$iface" in
|
||||
!*) iface=${iface#!} no_derive=1 ;;
|
||||
esac
|
||||
|
||||
# 1. Make sure the interface doesn't exist already
|
||||
ifconfig "e${i}a_$name" > /dev/null 2>&1 && continue
|
||||
|
||||
@ -309,9 +314,13 @@ jib_addm()
|
||||
# 6. Set the MAC address of the new interface using a sensible
|
||||
# algorithm to prevent conflicts on the network.
|
||||
#
|
||||
derive_mac -2 $iface "$name" eiface_devid_a eiface_devid_b
|
||||
ifconfig "e${i}a_$name" ether $eiface_devid_a > /dev/null 2>&1
|
||||
ifconfig "e${i}b_$name" ether $eiface_devid_b > /dev/null 2>&1
|
||||
eiface_devid_a= eiface_devid_b=
|
||||
[ "$no_derive" ] || derive_mac -2 $iface "$name" \
|
||||
eiface_devid_a eiface_devid_b
|
||||
if [ "$eiface_devid_a" -a "$eiface_devid_b" ]; then
|
||||
ifconfig "e${i}a_$name" ether $eiface_devid_a
|
||||
ifconfig "e${i}b_$name" ether $eiface_devid_b
|
||||
fi > /dev/null 2>&1
|
||||
|
||||
i=$(( $i + 1 )) # on to next e{i}b_name
|
||||
done # for iface
|
||||
|
||||
@ -259,7 +259,7 @@ mustberoot_to_continue()
|
||||
fi
|
||||
}
|
||||
|
||||
jng_bridge_usage="bridge [-b BRIDGE_NAME] NAME [=]iface0 [[=]iface1 ...]"
|
||||
jng_bridge_usage="bridge [-b BRIDGE_NAME] NAME [!|=]iface0 [[!|=]iface1 ...]"
|
||||
jng_bridge_descr="Create ng0_NAME [ng1_NAME ...]"
|
||||
jng_bridge()
|
||||
{
|
||||
@ -281,12 +281,14 @@ jng_bridge()
|
||||
mustberoot_to_continue
|
||||
|
||||
local iface parent eiface eiface_devid
|
||||
local new clone_mac num quad i=0
|
||||
local new clone_mac no_derive num quad i=0
|
||||
for iface in $*; do
|
||||
|
||||
clone_mac=
|
||||
no_derive=
|
||||
case "$iface" in
|
||||
=*) iface=${iface#=} clone_mac=1 ;;
|
||||
!*) iface=${iface#!} no_derive=1 ;;
|
||||
esac
|
||||
|
||||
# 0. Make sure the interface doesn't exist already
|
||||
@ -346,24 +348,15 @@ jng_bridge()
|
||||
# 6. Set the MAC address of the new interface using a sensible
|
||||
# algorithm to prevent conflicts on the network.
|
||||
#
|
||||
case "$iface" in
|
||||
wlan[0-9]*)
|
||||
parent=$( sysctl -n net.wlan.${iface#wlan}.%parent )
|
||||
case "$parent" in
|
||||
iwn[0-9]*)
|
||||
# iwn(4) supports only 1 virtual net at a time
|
||||
# NB: Cloning MAC allows new interface to work
|
||||
clone_mac=1 ;;
|
||||
esac
|
||||
esac
|
||||
eiface_devid=
|
||||
if [ "$clone_mac" ]; then
|
||||
eiface_devid=$(
|
||||
ifconfig $iface ether | awk '/ether/,$0=$2'
|
||||
)
|
||||
else
|
||||
eiface_devid=$( ifconfig $iface ether |
|
||||
awk '/ether/,$0=$2' )
|
||||
elif [ ! "$no_derive" ]; then
|
||||
derive_mac $iface "$name" eiface_devid
|
||||
fi
|
||||
ifconfig $eiface ether $eiface_devid
|
||||
[ "$eiface_devid" ] &&
|
||||
ifconfig $eiface ether $eiface_devid > /dev/null 2>&1
|
||||
|
||||
i=$(( $i + 1 )) # on to next ng{i}_name
|
||||
done # for iface
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user