Re: Searching for documentation how to add an interface to a bridge via DBus API
On Thu, 2017-12-07 at 15:55 +, thilo.ceston...@ts.fujitsu.com wrote: > Hi! > > So I found the settings.connection interface and can delete a > existing > ethernet <=> bridge connection. > > So adding a connection is probably what I want. > > Is it sufficient to create a dict with e.g. "id"=>"eth0" and > "master"=>"br0" to > create a connection of the ethernet device eth0 to the bridge br0? > > Or what settings do I need to serve? Hi, yes, you need to create a connection profile for each slave. You also need to activate it (or it might auto-activate when you create it -- and if you configured that). check what you created with `nmcli connection show "$CON"`. Maybe see examples: https://cgit.freedesktop.org/NetworkManager/NetworkM anager/tree/examples/python/dbus best, Thomas > > Cheers, > Thilo > > Am Donnerstag, den 07.12.2017, 13:44 + schrieb > thilo.ceston...@ts.fujitsu.com: > > Hi all! > > > > I'm trying to add an ethernet device to a bridge via DBus API. > > > > gdbus-codegen generated me three functions for a bridge device: > > > > network_manager_device_bridge_get_slaves > > network_manager_device_bridge_dup_slaves > > network_manager_device_bridge_set_slaves > > > > get_slaves and dup_slaves working well. But set_slaves don't, as > > the slave- > > property is readonly. > > > > My question is, how can I add an interface to a bridge via DBus > > API. I could > > find an hint anywhere or I didn't understand it to an hint :). > > > > Could someone point me please in the right direction? > > > > Thanks! > > > > Cheers, > > Thilo > > ___ > > networkmanager-list mailing list > > networkmanager-list@gnome.org > > https://mail.gnome.org/mailman/listinfo/networkmanager-list > > ___ > networkmanager-list mailing list > networkmanager-list@gnome.org > https://mail.gnome.org/mailman/listinfo/networkmanager-list signature.asc Description: This is a digitally signed message part ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: signal for (De)ActivateConnection?
On Thu, 2017-12-07 at 22:44 +0100, Michael Hirmke wrote: > Hi Thomas, > > thx for your answer. > > [...] > > > And update of NM shouldn't change behavior for you. Can you detail > > what > > causes the breaking? > > I'm not sure, I just noticed a few days ago, that my script doesn't > work > any more and that I don't get a DeviceAdd signal any more. > > To answer your last question about what I want to achieve: > I want to run certain GUI programs depending on certain network > connections coming up or going down. So I wrote a perl script around > the > Net::DBus module. This script gets started via KDE autostart and > waits > for signals telling it what is going on regarding network > connections. > > [...] > > > /org/freedesktop/NetworkManager/Devices/* is different from > > /org/freedesktop/NetworkManager/ActiveConnection/* is different > > from > > /org/freedesktop/NetworkManager/Settings/* > > I know, but I don't know how to bring the bits and pieces together. > When I started scripting, I thought that I'd need the DeviceAdd and > DeviceRemoved signals to achieve my goal, but in the meantime I begin > to > understand, that I have to wait for connections coming up. > I didn't find an appropriate example, though. > > > An ActiveConnection connects the connection profile with the > > networking > > device, while the profile is activated on a device.. > > DeviceAdded/DeviceRemove notifies you about devices. A > > PropertyChanged > > signal for property ActiveConnections, notifies you about a change > > in > > the list of all active connections (which is add or removal). > > So how do I find out, that the PropertyChanged signal comes from a > network connection coming up or going down? > > > VPN connections for NetworkManager are a bit wired. VPN connections > > are > > a subclass of active connections. > > If you have a tun/tap based VPN (like OpenVPN), then the VPN's > > device > > is not the tun/tap device, but instead the device with the default > > route. As you see with `nmcli device`. > > No, there isn't a device, though I'm quite sure it was in earlier > versions of NetworkManager (or perhaps strongswan). > > > You don't say what you want to do, but usually you need to look at > > one > > or more D-Bus objects and their state. > > You would look at the presence and state of the active-connection > > (or > > VPN connection), in addition to the state of the device. However, > > as > > said, in case of VPNs, the device is not what you might expect it > > is. > > Do I need to check for devices at all? > > > See the D-Bus API documentation: > > https://developer.gnome.org/NetworkManager/stable/spec.html > > Yes, this is my main source, but I don't understand everything > described > there 8-< > Hi, sounds a bit like you want to perform some action when a particular connection profile activates/deactivates. First, you need to know which a connection profile you care about, that is, you need its /org/freedesktop/NetworkManager/Settings/* path. You need to call GetSettings() on each of the profiles, to match what you are looking for (for example, matching the connection.id). When a connection is activated, it has an active-connection that references it. Usually there is at most one such active-connection, but while re-activating a connection there can be multiple once (one that is about to deactivate, and once that is about to activate). Anyway, you need to monitor these active connections for whether they reference the profile you care about. The Manager's PropertyChanged event for ActiveConnections notifies you when active-connection come to be and cease to exist. The ActiveConnection basically ties the profile to the networking device. and as said, an active VPN connection is a bit odd, they are active- connections too (with an additional org.freedesktop.NetworkManager.VPN.Connection interface). I would inspect the state with the "d-feet" GUI. You could also use libnm via GObject introspection (e.g. from Perl or Python). That might be more convenient to use, then a plain D-Bus library (the latter works of course too). We don't have any perl examples, only Python: https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/examples/python best, Thomas signature.asc Description: This is a digitally signed message part ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Running scripts
On Fri, 2017-12-08 at 00:44 +0200, Mika Leppänen wrote: > I am using a VPN provider with NetworkManager. I am trying to make a > "killswitch" script that runs "/sbin/iptables -A OUTPUT -m owner > --uid-owner mtl ! -o tun0 -j DROP" when VPN connection is made and > "iptables -F; iptables -X; iptables -Z" when I disconnect the VPN. > My > username is mtl. Is this possible any way with NetworkManager? Hi, Yes, write a dispatcher script, put it to /etc/NetworkManager/dispatcher.d. In the script, figure out what's happening by the command line argument and the environment variables. See `man NetworkManager` for documentation. Ensure you got it enabled via `systemctl enable NetworkManager- dispatcher.service` (should be by default). If you enable debug logging of NetworkManager, the dispatcher service will log in details the environment variables and the called scripts. You might need to restart the dispatcher service for the change of the logging level to take effect. best, Thomas signature.asc Description: This is a digitally signed message part ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Running scripts
I am using a VPN provider with NetworkManager. I am trying to make a "killswitch" script that runs "/sbin/iptables -A OUTPUT -m owner --uid-owner mtl ! -o tun0 -j DROP" when VPN connection is made and "iptables -F; iptables -X; iptables -Z" when I disconnect the VPN. My username is mtl. Is this possible any way with NetworkManager? -- Mika Leppänen -- mika.leppa...@iki.fi ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: signal for (De)ActivateConnection?
Hi Thomas, thx for your answer. [...] >And update of NM shouldn't change behavior for you. Can you detail what >causes the breaking? I'm not sure, I just noticed a few days ago, that my script doesn't work any more and that I don't get a DeviceAdd signal any more. To answer your last question about what I want to achieve: I want to run certain GUI programs depending on certain network connections coming up or going down. So I wrote a perl script around the Net::DBus module. This script gets started via KDE autostart and waits for signals telling it what is going on regarding network connections. [...] >/org/freedesktop/NetworkManager/Devices/* is different from >/org/freedesktop/NetworkManager/ActiveConnection/* is different from >/org/freedesktop/NetworkManager/Settings/* I know, but I don't know how to bring the bits and pieces together. When I started scripting, I thought that I'd need the DeviceAdd and DeviceRemoved signals to achieve my goal, but in the meantime I begin to understand, that I have to wait for connections coming up. I didn't find an appropriate example, though. >An ActiveConnection connects the connection profile with the networking >device, while the profile is activated on a device.. >DeviceAdded/DeviceRemove notifies you about devices. A PropertyChanged >signal for property ActiveConnections, notifies you about a change in >the list of all active connections (which is add or removal). So how do I find out, that the PropertyChanged signal comes from a network connection coming up or going down? >VPN connections for NetworkManager are a bit wired. VPN connections are >a subclass of active connections. >If you have a tun/tap based VPN (like OpenVPN), then the VPN's device >is not the tun/tap device, but instead the device with the default >route. As you see with `nmcli device`. No, there isn't a device, though I'm quite sure it was in earlier versions of NetworkManager (or perhaps strongswan). >You don't say what you want to do, but usually you need to look at one >or more D-Bus objects and their state. >You would look at the presence and state of the active-connection (or >VPN connection), in addition to the state of the device. However, as >said, in case of VPNs, the device is not what you might expect it is. Do I need to check for devices at all? >See the D-Bus API documentation: > https://developer.gnome.org/NetworkManager/stable/spec.html Yes, this is my main source, but I don't understand everything described there 8-< >best, >Thomas Bye. Michael. -- Michael Hirmke ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Searching for documentation how to add an interface to a bridge via DBus API
Hi! So I found the settings.connection interface and can delete a existing ethernet <=> bridge connection. So adding a connection is probably what I want. Is it sufficient to create a dict with e.g. "id"=>"eth0" and "master"=>"br0" to create a connection of the ethernet device eth0 to the bridge br0? Or what settings do I need to serve? Cheers, Thilo Am Donnerstag, den 07.12.2017, 13:44 + schrieb thilo.ceston...@ts.fujitsu.com: > Hi all! > > I'm trying to add an ethernet device to a bridge via DBus API. > > gdbus-codegen generated me three functions for a bridge device: > > network_manager_device_bridge_get_slaves > network_manager_device_bridge_dup_slaves > network_manager_device_bridge_set_slaves > > get_slaves and dup_slaves working well. But set_slaves don't, as the slave- > property is readonly. > > My question is, how can I add an interface to a bridge via DBus API. I could > find an hint anywhere or I didn't understand it to an hint :). > > Could someone point me please in the right direction? > > Thanks! > > Cheers, > Thilo > ___ > networkmanager-list mailing list > networkmanager-list@gnome.org > https://mail.gnome.org/mailman/listinfo/networkmanager-list smime.p7s Description: S/MIME cryptographic signature ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
Searching for documentation how to add an interface to a bridge via DBus API
Hi all! I'm trying to add an ethernet device to a bridge via DBus API. gdbus-codegen generated me three functions for a bridge device: network_manager_device_bridge_get_slaves network_manager_device_bridge_dup_slaves network_manager_device_bridge_set_slaves get_slaves and dup_slaves working well. But set_slaves don't, as the slave- property is readonly. My question is, how can I add an interface to a bridge via DBus API. I could find an hint anywhere or I didn't understand it to an hint :). Could someone point me please in the right direction? Thanks! Cheers, Thilo smime.p7s Description: S/MIME cryptographic signature ___ networkmanager-list mailing list networkmanager-list@gnome.org https://mail.gnome.org/mailman/listinfo/networkmanager-list
