aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/socket_default
diff options
context:
space:
mode:
authorTobias Brunner <tobias@strongswan.org>2013-08-13 16:58:33 +0200
committerTobias Brunner <tobias@strongswan.org>2013-10-11 15:32:44 +0200
commit80f8b3a6d86bb15b2dca73ad50371a54cb3e5cad (patch)
tree9c8de9837929796d4ff4a0f0580ad0ee2e40f13f /src/libcharon/plugins/socket_default
parent51fefe460609ff734d702388973d326d3976189f (diff)
downloadstrongswan-80f8b3a6d86bb15b2dca73ad50371a54cb3e5cad.tar.bz2
strongswan-80f8b3a6d86bb15b2dca73ad50371a54cb3e5cad.tar.xz
socket-default: Allow setting firewall mark on outbound packets
Diffstat (limited to 'src/libcharon/plugins/socket_default')
-rw-r--r--src/libcharon/plugins/socket_default/socket_default_socket.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
index 3aa09bef8..ea976dfe9 100644
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -611,6 +611,24 @@ static int open_socket(private_socket_default_socket_t *this,
return -1;
}
}
+#ifdef SO_MARK
+ { /* set optional MARK on socket (requires CAP_NET_ADMIN) */
+ char *fwmark;
+ mark_t mark;
+
+ fwmark = lib->settings->get_str(lib->settings,
+ "%s.plugins.socket-default.fwmark", NULL, charon->name);
+ if (fwmark && mark_from_string(fwmark, &mark))
+ {
+ if (setsockopt(skt, SOL_SOCKET, SO_MARK, &mark.value,
+ sizeof(mark.value)) < 0)
+ {
+ DBG1(DBG_NET, "unable to set SO_MARK on socket: %s",
+ strerror(errno));
+ }
+ }
+ }
+#endif
if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface,
skt, family))
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 00:48:49 +0000