:xMerge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next-switch-to-libloc

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
2026-04-15 21:43:00 +02:00 · 2020-07-03 18:48:30 +02:00
parent 45f4de2bbc 96253783d4
commit af7f9fc43d
128 changed files with 2419 additions and 2118 deletions
--- a/src/initscripts/system/cloud-init
+++ b/src/initscripts/system/cloud-init
@@ -13,6 +13,8 @@ case "${1}" in
 			scriptname="/etc/rc.d/helper/aws-setup"
 		elif running_on_azure; then
 			scriptname="/etc/rc.d/helper/azure-setup"
+		elif running_on_gcp; then
+			scriptname="/etc/rc.d/helper/gcp-setup"
 		else
 			# This system is not running in the cloud
 			exit 0
@@ -63,6 +65,11 @@ case "${1}" in
 			echo "This system is running on Microsoft Azure"
 			exit 0

+		# Check Google
+		elif running_on_gcp; then
+			echo "This system is running on Google Cloud"
+			exit 0
+
 		# The rest
 		else
 			echo "This system is NOT running in the cloud"
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -32,6 +32,10 @@ iptables_init() {
 	iptables -P FORWARD DROP
 	iptables -P OUTPUT ACCEPT

+	# Enable TRACE logging to syslog
+	modprobe nf_log_ipv4
+	sysctl -q -w net.netfilter.nf_log.2=nf_log_ipv4
+
 	# Empty LOG_DROP and LOG_REJECT chains
 	iptables -N LOG_DROP
 	iptables -A LOG_DROP   -m limit --limit 10/second -j LOG
@@ -96,6 +100,9 @@ iptables_init() {

 	# Conntrack helpers (https://home.regit.org/netfilter-en/secure-use-of-helpers/)

+	# GRE (always enabled)
+	modprobe nf_conntrack_proto_gre
+
 	# SIP
 	if [ "${CONNTRACK_SIP}" = "on" ]; then
 		modprobe nf_nat_sip
--- a/src/initscripts/system/functions
+++ b/src/initscripts/system/functions
@@ -822,4 +822,16 @@ running_on_azure() {
 	return 1
 }

+running_on_gcp() {
+	# Check if the BIOS vendor is "Google"
+	if [ -r "/sys/devices/virtual/dmi/id/bios_vendor" ]; then
+		local bios_vendor="$(</sys/devices/virtual/dmi/id/bios_vendor)"
+
+		[ "${bios_vendor}" = "Google" ] && return 0
+	fi
+
+	# We are not running on GCP
+	return 1
+}
+
 # End $rc_base/init.d/functions
--- a/src/initscripts/system/partresize
+++ b/src/initscripts/system/partresize
@@ -45,8 +45,8 @@ case "${1}" in
 				esac
 			fi

-			# Enable the serial console on all systems on Azure
-			if running_on_azure; then
+			# Enable the serial console on all systems on Azure and Google Compute Platform
+			if running_on_azure || running_on_gcp; then
 				scon="on"
 			fi