Univention Bugzilla – Bug 33132
Support of VLAN, Bonding, Bridges: TUN/TAP not filtered out
Last modified: 2017-07-26 14:39:13 CEST
+++ This bug was initially created as a clone of Bug #30816 +++ +++ This bug was initially created as a clone of Bug #28389 +++ On a VM server the TUN/TAP interfaces are not filtered out: $ umc-command -U Administrator -P univention setup/net/interfaces ... RESULT : ['vnet0', 'vnet2', 'vnet1', 'eth0', 'eth1'] # cd /sys/class/net;diff -ur -x device -x subsystem -x power -x queues -x statistics eth0/ vnet0/ | grep -v ^diff diff: eth0//brport/flush: Keine Berechtigung diff: vnet0//brport/flush: Keine Berechtigung --- eth0//addr_assign_type 2013-11-05 15:52:57.663721325 +0100 +++ vnet0//addr_assign_type 2013-11-05 15:52:57.667721381 +0100 @@ -1 +1 @@ -0 +3 --- eth0//address 2013-11-05 09:32:45.425664331 +0100 +++ vnet0//address 2013-11-05 11:10:19.032518091 +0100 @@ -1 +1 @@ -bc:ae:c5:07:cc:5c +fe:54:00:0e:2c:7a --- eth0//brport/designated_port 2013-11-05 15:15:22.824131805 +0100 +++ vnet0//brport/designated_port 2013-11-05 15:54:34.473113929 +0100 @@ -1 +1 @@ -32769 +32770 --- eth0//brport/path_cost 2013-11-05 15:15:22.824131805 +0100 +++ vnet0//brport/path_cost 2013-11-05 15:54:34.473113929 +0100 @@ -1 +1 @@ -4 +100 --- eth0//brport/port_id 2013-11-05 15:15:22.824131805 +0100 +++ vnet0//brport/port_id 2013-11-05 15:54:34.473113929 +0100 @@ -1 +1 @@ -0x8001 +0x8002 --- eth0//brport/port_no 2013-11-05 15:15:22.824131805 +0100 +++ vnet0//brport/port_no 2013-11-05 15:54:34.473113929 +0100 @@ -1 +1 @@ -0x1 +0x2 Nur in vnet0/: group. --- eth0//ifindex 2013-11-05 09:33:17.472007247 +0100 +++ vnet0//ifindex 2013-11-05 11:10:19.032518091 +0100 @@ -1 +1 @@ -2 +6 --- eth0//iflink 2013-11-05 15:52:57.663721325 +0100 +++ vnet0//iflink 2013-11-05 15:52:57.667721381 +0100 @@ -1 +1 @@ -2 +6 --- eth0//operstate 2013-11-05 15:52:57.663721325 +0100 +++ vnet0//operstate 2013-11-05 15:52:57.667721381 +0100 @@ -1 +1 @@ -up +unknown Nur in vnet0/: owner. --- eth0//speed 2013-11-05 15:52:57.663721325 +0100 +++ vnet0//speed 2013-11-05 15:52:57.667721381 +0100 @@ -1 +1 @@ -1000 +10 Nur in vnet0/: tun_flags. --- eth0//tx_queue_len 2013-11-05 15:52:57.663721325 +0100 +++ vnet0//tx_queue_len 2013-11-05 15:52:57.667721381 +0100 @@ -1 +1 @@ -1000 +500 --- eth0//uevent 2013-11-05 09:32:35.552000257 +0100 +++ vnet0//uevent 2013-11-05 11:10:19.028518034 +0100 @@ -1,2 +1,2 @@ -INTERFACE=eth0 -IFINDEX=2 +INTERFACE=vnet0 +IFINDEX=6 As tun/tap files are highly dynamic and thus not configurable through the static "/etc/network/interfaces", I would filter out those interfaces having "/sys/class/net/$IFACE/tun_flags". index 81e54a5..64075bd 100644 --- ucs-3.2-0/base/univention-system-setup/umc/python/setup/util.py +++ ucs-3.2-0/base/univention-system-setup/umc/python/setup/util.py @@ -489,8 +489,8 @@ def detect_interfaces(): # filter out lo, etc. interfaces if open(os.path.join(pathname, 'type'), 'r').read().strip() not in ('1', '2', '3', '4', '5', '6', '7', '8', '15', '19'): continue - # filter out bridge, bond devices - if any(os.path.exists(os.path.join(pathname, path)) for path in ('bridge', 'bonding')): + # filter out bridge, bond, tun/tap interfaces + if any(os.path.exists(os.path.join(pathname, path)) for path in ('bridge', 'bonding', 'tun_flags')): continue # filter out vlan devices if '.' in dirname:
(In reply to Philipp Hahn from comment #0) > index 81e54a5..64075bd 100644 > --- ucs-3.2-0/base/univention-system-setup/umc/python/setup/util.py > +++ ucs-3.2-0/base/univention-system-setup/umc/python/setup/util.py > @@ -489,8 +489,8 @@ def detect_interfaces(): > # filter out lo, etc. interfaces > if open(os.path.join(pathname, 'type'), 'r').read().strip() not in ('1', > '2', '3', '4', '5', '6', '7', '8', '15', '19'): > continue > - # filter out bridge, bond devices > - if any(os.path.exists(os.path.join(pathname, path)) for path in > ('bridge', 'bonding')): > + # filter out bridge, bond, tun/tap interfaces > + if any(os.path.exists(os.path.join(pathname, path)) for path in > ('bridge', 'bonding', 'tun_flags')): > continue > # filter out vlan devices > if '.' in dirname: Applied rebased patch: r 80921 univention-system-setup (10.0.10-25) * Bug #33132: Applied patch from Philipp Hahn - Filter out tun/tap interfaces YAML: r 80922
OK: tunnel interfaces are filtered out. OK: YAML (adjusted in r80927)
<http://errata.software-univention.de/ucs/4.2/109.html>