Enhancement #2057
Firewall: enhance DHCP configuration on red interfaces
Status: | CLOSED | Start date: | 07/15/2013 | |
---|---|---|---|---|
Priority: | Normal | Due date: | 07/19/2013 | |
Assignee: | - | % Done: | 100% | |
Category: | nethserver-firewall-base | |||
Target version: | v6.4-beta2 | |||
Resolution: | NEEDINFO: | No |
Description
When DHCP protocol is enabled on a red interface, the system should:
- check for new DHCP lease even if red interface disconnects
- avoid overwrite of /etc/resolv.conf with DHCP client data
- correctly set gateway for all interfaces
Related issues
Associated revisions
web ui: handle persistent_dhclient and peer_dns options. Refs #2057
interface-config-write: skip interface without ipaddress and netmask. Refs #2057
web ui: fix peerdns propr typo. Refs #2057
web ui: fix peerdns propr typo. Refs #2057
History
#1 Updated by Giacomo Sanchietti about 8 years ago
- Status changed from NEW to TRIAGED
- % Done changed from 0 to 20
To disable /etc/resolv.conf overwrite, set peer_dns
to n
.
To enable dhclient retry on errors, set persistent_dhclient
to y
.
#2 Updated by Giacomo Sanchietti about 8 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#3 Updated by Giacomo Sanchietti about 8 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 70
#4 Updated by Giacomo Sanchietti about 8 years ago
- Status changed from MODIFIED to ON_QA
- % Done changed from 70 to 80
Packages in testing:
- nethserver-base-1.2.5-1.ns6.noarch.rpm
- nethserver-firewall-base-1.0.3
- install packages listed above
- configure a red interface with static/dhcp protocol
- check /etc/resolv.conf is not overwritten
- check dhclient is launched without
-1
option
#5 Updated by Davide Principi about 8 years ago
- Assignee deleted (
Giacomo Sanchietti)
ON_QA: Assignee reset
#6 Updated by Davide Principi about 8 years ago
- Due date set to 07/19/2013
- Assignee set to Davide Principi
- Start date set to 07/15/2013
#7 Updated by Davide Principi about 8 years ago
- File networks.dump.txt added
- Status changed from ON_QA to ON_DEV
- Assignee deleted (
Davide Principi) - % Done changed from 80 to 30
REJECTED
Testing environmenteth0
configured by Anaconda,eth{1,2,3}
added later- RPMs:
# rpm -qa | grep -F .ns6 nethserver-php-1.1.0-1.ns6.noarch nethserver-smartd-1.0.0-1.ns6.noarch nethserver-yum-1.1.0-1.ns6.noarch nethserver-base-1.3.1-1.ns6.noarch nethserver-nethgui-1.2.1-1.ns6.noarch nethserver-firewall-base-1.0.3-1.ns6.noarch nethserver-httpd-admin-1.0.4-1.ns6.noarch nethserver-grub-1.0.1-1.ns6.noarch nethserver-openssh-1.0.2-1.ns6.noarch nethserver-lib-1.2.0-1.ns6.noarch postfix-2.9.6-2.ns6.x86_64 nethserver-ntp-1.0.4-1.ns6.noarch nethserver-shorewall-1.0.0-1.ns6.noarch
After configuring eth1
from NetworkAdapter UI module, /etc/resolv.conf
has been overwritten and dhclient
is running as
/sbin/dhclient -q -lf /var/lib/dhclient/dhclient-eth1.leases -pf /var/run/dhclient-eth1.pid eth1
See also the attached networks
database dump: networks.dump.txt
- NetworksDB is updated by NetworkAdapter UI module in
initialize()
. Can udev do the job instead ? See Enhancement #2075
#8 Updated by Davide Principi about 8 years ago
- File ifcfg-ethX.txt added
#9 Updated by Giacomo Sanchietti about 8 years ago
- Assignee set to Giacomo Sanchietti
#10 Updated by Giacomo Sanchietti about 8 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
Changes:
- update interface to manage
peerdns
: valid values areyes
andno
- update shorewall templates to use new syntax for COMMENT and FORMAT commands
#11 Updated by Giacomo Sanchietti about 8 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
New package in nethserver-testing repository:
- nethserver-firewall-base-1.0.4-1
#12 Updated by Davide Principi about 8 years ago
- Assignee set to Davide Principi
#13 Updated by Davide Principi about 8 years ago
- Status changed from ON_QA to VERIFIED
- Assignee deleted (
Davide Principi) - % Done changed from 70 to 90
VERIFIED
- /etc/resolv.conf has not been overwritten
- dhclient is running without -1 option
# ps -C dhclient -o command | tail COMMAND /sbin/dhclient -q -lf /var/lib/dhclient/dhclient-eth1.leases -pf /var/run/dhclient-eth1.pid eth1
#14 Updated by Davide Principi about 8 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
Moved to nethserver-updates repository