SystemD a project announced in 2010 by Lennart Poettering to replace existing traditional boot systems in Linux such as SysV init, has grown too much within past few years. There are a lot of development work happening in systemD and in recent couple of weeks over 200 commits were seen. Latest development work has been on improving systemDs’s networking component and adding new features to it.
Latest feature added to systemD is minimal IP forwarding and masquerading support to its .network files. This adds two new settings to networkd’s .network files: IPForwarding=yes and IPMasquerade=yes. The former controls the “forwarding” sysctl setting of the interface, thus controlling whether IP forwarding shall be enabled on the specific interface. The latter controls whether a firewall rule shall be installed that exposes traffic coming from the interface as coming from the local host to all other interfaces.
This also enables both options by default for container network interfaces, thus making “systemd-nspawn –network-veth” have network connectivity out of the box.
Another patch added minimal firewall manipulation helpers for establishing NAT rules. This support in systemd is provided by libiptc, the library used for communicating with the Linux kernel’s Netfilter and changing iptables firewall rule-sets.
In general, systemd has seen a lot of network-related activity recently. Those wishing to follow systemd development on a daily basis can keep tabs via the systemd Git viewer. These latest changes will be found in systemd 219, which will probably be released soon.