diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2016-06-10 18:15:42 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2016-06-10 18:15:42 +0200 |
| commit | 96b1fab53ce7f7b4b6c5e2a0bb85c3f3f14be62c (patch) | |
| tree | 1b19c6494e2142a8faacd3c87c8cb67e67d03fc4 /src/libcharon/kernel | |
| parent | 436f64d5bcc3946387dd95265d83d8764fe37797 (diff) | |
| parent | b52e540f43c8a97ea3343e12a1cc33b6dc3d3fbc (diff) | |
| download | strongswan-96b1fab53ce7f7b4b6c5e2a0bb85c3f3f14be62c.tar.bz2 strongswan-96b1fab53ce7f7b4b6c5e2a0bb85c3f3f14be62c.tar.xz | |
Merge branch 'interface-for-routes'
Changes how the interface for routes installed with policies is
determined. In most cases we now use the interface over which we reach the
other peer, not the interface on which the local address (or the source IP) is
installed. However, that might be the same interface depending on the
configuration (i.e. in practice there will often not be a change).
Routes are not installed anymore for drop policies and for policies with
protocol/port selectors.
Fixes #809, #824, #1347.
Diffstat (limited to 'src/libcharon/kernel')
| -rw-r--r-- | src/libcharon/kernel/kernel_interface.c | 5 | ||||
| -rw-r--r-- | src/libcharon/kernel/kernel_interface.h | 4 | ||||
| -rw-r--r-- | src/libcharon/kernel/kernel_net.h | 8 |
3 files changed, 11 insertions, 6 deletions
diff --git a/src/libcharon/kernel/kernel_interface.c b/src/libcharon/kernel/kernel_interface.c index 0a0081c22..7b39a020c 100644 --- a/src/libcharon/kernel/kernel_interface.c +++ b/src/libcharon/kernel/kernel_interface.c @@ -524,13 +524,14 @@ METHOD(kernel_interface_t, get_source_addr, host_t*, } METHOD(kernel_interface_t, get_nexthop, host_t*, - private_kernel_interface_t *this, host_t *dest, int prefix, host_t *src) + private_kernel_interface_t *this, host_t *dest, int prefix, host_t *src, + char **iface) { if (!this->net) { return NULL; } - return this->net->get_nexthop(this->net, dest, prefix, src); + return this->net->get_nexthop(this->net, dest, prefix, src, iface); } METHOD(kernel_interface_t, get_interface, bool, diff --git a/src/libcharon/kernel/kernel_interface.h b/src/libcharon/kernel/kernel_interface.h index 50f6d9829..225b40932 100644 --- a/src/libcharon/kernel/kernel_interface.h +++ b/src/libcharon/kernel/kernel_interface.h @@ -285,10 +285,12 @@ struct kernel_interface_t { * @param dest target destination address * @param prefix prefix length if dest is a subnet, -1 for auto * @param src source address to check, or NULL + * @param[out] iface allocated name of the interface to reach dest, if + * available (optional) * @return next hop address, NULL if unreachable */ host_t* (*get_nexthop)(kernel_interface_t *this, host_t *dest, - int prefix, host_t *src); + int prefix, host_t *src, char **iface); /** * Get the interface name of a local address. Interfaces that are down or diff --git a/src/libcharon/kernel/kernel_net.h b/src/libcharon/kernel/kernel_net.h index 4f3063deb..1d78d6edd 100644 --- a/src/libcharon/kernel/kernel_net.h +++ b/src/libcharon/kernel/kernel_net.h @@ -1,7 +1,7 @@ /* - * Copyright (C) 2008-2012 Tobias Brunner + * Copyright (C) 2008-2016 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -88,10 +88,12 @@ struct kernel_net_t { * @param dest target destination address * @param prefix prefix length if dest is a subnet, -1 for auto * @param src source address to check, or NULL + * @param[out] iface allocated name of the interface to reach dest, if + * available (optional) * @return next hop address, NULL if unreachable */ host_t* (*get_nexthop)(kernel_net_t *this, host_t *dest, int prefix, - host_t *src); + host_t *src, char **iface); /** * Get the interface name of a local address. Interfaces that are down or |