Systemd Gains IP Forwarding, IP Masquerading & Basic Firewall Controls
Written by Michael Larabel in systemd on 14 January 2015 at 05:00 AM EST. Add A Comment
The systemd project is off to a quick start in 2015 with already seeing over 200 commits (granted, in 2014 systemd development skyrocketed with nearly 5,000 commits). With the newest work that's landed, the networkd component to systemd has been improved with new features.

Among the additions to systemd this week are IP forwarding and masquerading support. Systemd's .network files now have IPForward and IPMasquerade options. This is the minimal support needed and these settings get turned on by default for container network interfaces. The IP forwarding option controls the forwarding sysctl setting of the network interface and the masquerading controls a firewall rule for exposing traffic coming from that interface as coming from the localhost to all other interfaces.

Also added on Tuesday was minimal firewall manipulation helpers for systemd's networkd. The firewall manipulation helpers are used for establishing NAT rules. This support in systemd is provided by libiptc, the library used for communicating with the Linux kernel's Netfilter and changing iptables firewall rule-sets.

In general, systemd has seen a lot of network-related activity recently. Those wishing to follow systemd development on a daily basis can keep tabs via the systemd Git viewer. These latest changes will be found in systemd 219, which will probably be released soon.
Related News
About The Author
Author picture

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter or contacted via

Popular News This Week