Ukukhululwa okuzinzile kwe-interface kuyatholakala ukuze kube lula ukusetha imingcele yenethiwekhi - I-NetworkManager 1.40.0. Ama-plugin osekelo lwe-VPN (i-Libreswan, i-OpenConnect, i-Openswan, i-SSTP, njll.) athuthukiswa njengengxenye yomjikelezo wawo wokuthuthuka.
Okuqanjiwe okuyinhloko kwe-NetworkManager 1.40:
- Isixhumi esibonakalayo somugqa womyalo we-nmcli sisebenzisa ifulegi elithi “--offline”, elivumela ukucubungula amaphrofayela okuxhumana ngefomethi yefayela elingukhiye ngaphandle kokufinyelela inqubo yangemuva ye-NetworkManager. Ikakhulukazi, lapho udala, ubonisa, ususa futhi ushintsha izilungiselelo ezihlobene nesixhumi esibonakalayo senethiwekhi, umyalo othi "nmcli uxhumano" manje ungasebenza ngaphandle kokufinyelela inqubo yangemuva ye-NetworkManager nge-D-Bus. Isibonelo, lapho ukhipha umyalo othi “nmcli —uxhumano olungaxhunyiwe ku-inthanethi engeza…”, insiza ye-nmcli ngeke ithumele isicelo enqubweni yangemuva yokwengeza iphrofayili yokuxhuma, kodwa izokhipha ngokuqondile ukumisa ibhulokhi ehambisanayo yezilungiselelo ngefomethi yefayela elingukhiye, ikuvumela ukuthi usebenzise i-nmcli emibhalweni ukuze ukhiqize futhi uguqule amaphrofayili okuxhumana. Ukuze wenze kusebenze, iphrofayili edaliwe ingagcinwa kuhla lwemibhalo /etc/NetworkManager/system-connections. # Lungiselela ukulondoloza amafayela anamalungelo "600" (atholakala kumnikazi kuphela). umask 077 # Khiqiza iphrofayili ngefomethi yefayela elingukhiye. nmcli --uxhumano olungaxhunyiwe ku-inthanethi engeza uhlobo lwe-ethernet con-name my-profile \ | tee /etc/NetworkManager/system-connections/my-profile.nmconnection # Shintsha iphrofayili nmcli —uxhumano olungaxhunyiwe ku-inthanethi guqula uxhumano.mptcp-flags ivuliwe, isiginali \ < /etc/NetworkManager/system-connections/my-profile.nmconnection \ | tee /etc/NetworkManager/system-connections/my-profile.nmconnection~ mv /etc/NetworkManager/system-connections/my-profile.nmconnection~ \ /etc/NetworkManager/system-connections/my-profile.nmconnection # Ngemva kokubhala kabusha iphrofayela kudiski, layisha kabusha izilungiselelo NetworkManager nmcli uxhumano lokulayisha kabusha
- Ukwesekwa okwengeziwe kwe-MPTCP (Multipath TCP), okunwetshiwe kwephrothokholi ye-TCP yokuhlela ukusebenza koxhumano lwe-TCP nokulethwa kwamaphakethe ngesikhathi esisodwa emizileni eminingana ngokusebenzisa ukuxhumana kwenethiwekhi okuhlukile okuhlotshaniswa namakheli e-IP ahlukene. I-NetworkManager manje ingaphatha amakheli e-IP akhangisiwe noma asetshenziswe ekugelezeni okwengeziwe kwe-MPTCP, okuhlanganisa ukulungisa lawa makheli ngokuzenzakalelayo, ngendlela efanayo nendlela inqubo ye-mptcpd ekwenza ngayo. I-NetworkManager iphinde isekele ukunika amandla i-MPTCP ku-kernel ngokusetha i-sysctl /proc/sys/net/mptcp/enabled nokusetha imikhawulo ecaciswe umyalo "we-ip mptcp limits". Ukuze ulawule ukucutshungulwa kwe-MPTCP, kuhlongoziwe indawo entsha ethi “connection.mptcp-flags”, ongavumela ngayo i-MPTCP bese ukhetha amapharamitha okunikezwa kwekheli (isiginali, ukugeleza okuncane, ikhophi yasenqolobaneni, i-fullmesh). Ngokuzenzakalelayo, i-MPTCP inikwa amandla ngokuzenzakalelayo ku-NetworkManager uma i-sysctl/proc/sys/net/mptcp/enabled isethwe ku-kernel.
- Kungenzeka ukuthi ubhale imingcele ebophezela ikheli le-IP le-DHCP (i-DHCP yokuqashisa) kufayela /run/NetworkManager/devices/$IFINDEX (ulwazi lugcinwe ezigabeni [dhcp4] kanye ne-[dhcp6]), okukuvumela ukuthi unqume ukubopha kalula. ukufunda ifayela ngaphandle kokufinyelela ku-D -Bus noma sebenzisa umyalo othi “nmcli -f all device show eth0”.
- Ipharamitha ye-ipv4.link-local yengezwe kuphrofayela yokuxhumana ukuze ibophe izixhumanisi zasendaweni ze-IPv4 kumakheli e-intranethi 169.254.0.0/16 (IPv4LL, Link-local). Ngaphambilini, amakheli e-IPv4LL ayengacaciswa ngesandla (ipv4.method=link-local) noma atholwe nge-DHCP.
- Kwengezwe ipharamitha ethi "ipv6.mtu" ukuze kulungiselelwe i-MTU (Iyunithi Yokudlulisa Okuphezulu) ye-IPv6.
- Ikhodi esusiwe kusukela ekusetshenzisweni kweklayenti le-DHCPv4 engasetshenziswa ngokusekelwe kukhodi evela ku-systemd. Ukuqaliswa kwe-n-dhcp4 okuvela kuphakheji ye-nettools kudala kwasetshenziswa njengeklayenti le-DHCP.
- Inikwe amandla ukuqala kabusha kwe-DHCP uma ikheli le-MAC kudivayisi lishintsha.
Source: opennet.ru