commit 35f2972e9832d02fde1bd4957bc0a3a8a5996299 Author: Benjamin Collet Date: Sat Apr 7 21:40:38 2018 +0200 Initial commit diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..534eb0c --- /dev/null +++ b/LICENSE @@ -0,0 +1,23 @@ +The MIT License (MIT) + +Copyright (c) 2015 m0kct +Copyright (c) 2018 Benjmin Collet + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + diff --git a/README b/README new file mode 100644 index 0000000..28481bf --- /dev/null +++ b/README @@ -0,0 +1,19 @@ +# ifupdown-netns + +Some simple scripts to simplify configuring network namespaces on Debian-like +systems. Copy them into the corresponding directories under `/etc/network`. + +To configure an interface in a namespace: + +``` +auto eth1 +iface eth1 inet manual + netns myns +``` + +On invocation of `ifup` it will create the necessary directories under +`/etc/netns/` and an empty `/etc/netns//network/interfaces` file if +it doesn't already exist. + +If it does and the interface is configured it will invoke `ifup` inside the +namespace. diff --git a/if-down.d/netns b/if-down.d/netns new file mode 100755 index 0000000..efb8f8e --- /dev/null +++ b/if-down.d/netns @@ -0,0 +1,15 @@ +#!/bin/sh + +set -e + +if [ -n "${IF_NETNS}" ] +then + unshare -m /bin/sh <<-EOF +mount --make-rprivate / +mount --bind /run/network.${IF_NETNS} /run/network +if (ip netns exec ${IF_NETNS} ifquery --list | grep -qx ${IFACE}); then + ip netns exec ${IF_NETNS} ifdown ${IFACE} +fi +ip netns exec ${IF_NETNS} ip link set netns 1 dev ${IFACE} +EOF +fi diff --git a/if-pre-up.d/netns b/if-pre-up.d/netns new file mode 100755 index 0000000..7a14ca7 --- /dev/null +++ b/if-pre-up.d/netns @@ -0,0 +1,20 @@ +#!/bin/bash + +set -e + +if [ -n "${IF_NETNS}" ] +then + # Create netns if it doesn't already exist, and bring up the loopback + if ! (ip netns list | grep -qx ${IF_NETNS}) + then + mkdir -p /etc/netns/$IF_NETNS/network/{if-down.d,if-post-down.d,if-pre-up.d,if-up.d} + if [ ! -f /etc/netns/$IF_NETNS/network/interfaces ]; then + touch /etc/netns/$IF_NETNS/network/interfaces + fi + mkdir -p /run/network.${IF_NETNS} + rm -rf /run/network.${IF_NETNS}/* + ip netns add ${IF_NETNS} + ip netns exec ${IF_NETNS} ip link set lo up + fi + ip link set ${IFACE} netns ${IF_NETNS} +fi diff --git a/if-up.d/netns b/if-up.d/netns new file mode 100755 index 0000000..d7ae715 --- /dev/null +++ b/if-up.d/netns @@ -0,0 +1,13 @@ +#!/bin/sh + +set -e + +if [ -n "${IF_NETNS}" ]; then + unshare -m /bin/sh <<-EOF +mount --make-rprivate / +mount --bind /run/network.${IF_NETNS} /run/network +if (ip netns exec ${IF_NETNS} ifquery --list | grep -qx ${IFACE}); then + ip netns exec ${IF_NETNS} ifup ${IFACE} +fi +EOF +fi