Default values for 'vs' interface

diff --git a/cmdline.c b/cmdline.c
index d4b4735a4e01d002cc696f6c5d2e98165731bf98..1b718b58d2f29abc3979963605c80462ea139780 100644 (file)
--- a/cmdline.c
+++ b/cmdline.c
@@ -282,12 +282,11 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
                .max_conns_per_ip = 0,
                .tmpfs_size = 4 * (1024 * 1024),
                .mount_proc = true,
-               .iface = NULL,
                .iface_no_lo = false,
-               .iface_vs_ip = "0.0.0.0",
-               .iface_vs_nm = "255.255.255.255",
+               .iface = NULL,
+               .iface_vs_ip = "192.168.255.2",
+               .iface_vs_nm = "255.255.255.0",
                .iface_vs_gw = "0.0.0.0",
-               .sbinip_fd = -1,
        };
        /*  *INDENT-OFF* */
 
@@ -351,8 +350,8 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
                {{"tmpfsmount", required_argument, NULL, 'T'}, "List of mountpoints to be mounted as RW/tmpfs inside the container. Can be specified multiple times. Supports 'dest' syntax"},
                {{"tmpfs_size", required_argument, NULL, 0x0602}, "Number of bytes to allocate for tmpfsmounts (default: 4194304)"},
                {{"disable_proc", no_argument, NULL, 0x0603}, "Disable mounting /proc in the jail"},
-               {{"iface", required_argument, NULL, 'I'}, "Interface which will be cloned (MACVTAP) and put inside the subprocess' namespace as 'vs'"},
                {{"iface_no_lo", no_argument, NULL, 0x700}, "Don't Bring up the 'lo' interface"},
+               {{"iface", required_argument, NULL, 'I'}, "Interface which will be cloned (MACVTAP) and put inside the subprocess' namespace as 'vs'"},
                {{"iface_vs_ip", required_argument, NULL, 0x701}, "IP of the 'vs' interface"},
                {{"iface_vs_nm", required_argument, NULL, 0x702}, "Netmask of the 'vs' interface"},
                {{"iface_vs_gw", required_argument, NULL, 0x703}, "Default GW for the 'vs' interface"},
@@ -560,12 +559,12 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
                                break;
                        }
                        break;
-               case 'I':
-                       nsjconf->iface = optarg;
-                       break;
                case 0x700:
                        nsjconf->iface_no_lo = true;
                        break;
+               case 'I':
+                       nsjconf->iface = optarg;
+                       break;
                case 0x701:
                        nsjconf->iface_vs_ip = optarg;
                        break;
@@ -622,9 +621,5 @@ bool cmdlineParse(int argc, char *argv[], struct nsjconf_t * nsjconf)
                return false;
        }
 
-       if ((nsjconf->sbinip_fd = open("/sbin/ip", O_RDONLY)) == -1) {
-               PLOG_E("No /sbin/ip on your system. Networking support is limited");
-       }
-
        return true;
 }

diff --git a/common.h b/common.h
index 2be3814c069fb35a43da1f4eba217fba6e0103ff..0f3eb88e59350a5077df1a9b2aa65180fa14539b 100644 (file)
--- a/common.h
+++ b/common.h
@@ -98,12 +98,11 @@ struct nsjconf_t {
        unsigned int max_conns_per_ip;
        size_t tmpfs_size;
        bool mount_proc;
-       char *iface;
        bool iface_no_lo;
+       const char *iface;
        const char *iface_vs_ip;
        const char *iface_vs_nm;
        const char *iface_vs_gw;
-       int sbinip_fd;
         TAILQ_HEAD(envlist, charptr_t) envs;
         TAILQ_HEAD(pidslist, pids_t) pids;
         TAILQ_HEAD(mountptslist, mounts_t) mountpts;

diff --git a/net.c b/net.c
index 8e5b1ee3cbfec9c21a88a712686c5d1f28ee692a..b2406df71bafb4c073516b334c4725d12eb30262 100644 (file)
--- a/net.c
+++ b/net.c
@@ -56,8 +56,8 @@ static bool netSystemSbinIp(struct nsjconf_t *nsjconf, char *const *argv)
                return false;
        }
        if (pid == 0) {
-               fexecve(nsjconf->sbinip_fd, argv, environ);
-               PLOG_E("fexecve('fd=%d')", nsjconf->sbinip_fd);
+               execve("/sbin/ip", argv, environ);
+               PLOG_E("execve('/sbin/ip'");
                _exit(1);
        }
 
@@ -97,7 +97,7 @@ bool netCloneMacVtapAndNS(struct nsjconf_t *nsjconf, int pid)
        snprintf(iface, sizeof(iface), "NS.TAP.%d", pid);
 
        char *const argv_add[] =
-           { "ip", "link", "add", "link", nsjconf->iface, iface, "type", "macvtap", NULL };
+           { "ip", "link", "add", "link", (char *)nsjconf->iface, iface, "type", "macvtap", NULL };
        if (netSystemSbinIp(nsjconf, argv_add) == false) {
                LOG_E("Couldn't create MACVTAP interface for '%s'", nsjconf->iface);
                return false;
@@ -342,6 +342,12 @@ bool netConfigureVs(struct nsjconf_t * nsjconf)
                return false;
        }
 
+       if (addr.s_addr == INADDR_ANY) {
+               LOG_I("Gateway address for '%s' is 0.0.0.0. Not adding the default route",
+                     IFACE_NAME);
+               return true;
+       }
+
        struct rtentry rt;
        memset(&rt, '\0', sizeof(rt));