diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2014-06-20 08:51:07 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2014-06-20 16:10:40 +0200 |
| commit | 90854d289fefbb5575391bfb8e493cf69f6a5804 (patch) | |
| tree | deb680e0c5660225468e1f4277478086bf1fdf56 /src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c | |
| parent | 8661c56d3888abae531d39edfcb081f19ad479f0 (diff) | |
| download | strongswan-90854d289fefbb5575391bfb8e493cf69f6a5804.tar.bz2 strongswan-90854d289fefbb5575391bfb8e493cf69f6a5804.tar.xz | |
kernel-netlink: Install virtual IPv6 addresses as deprecated
This should prevent the kernel's IPv6 source address selection algorithm
from using this address unless it is forced to by our source route.
This is helpful if split tunneling is used.
Fixes #598.
Diffstat (limited to 'src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c')
| -rw-r--r-- | src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c index bb1941868..650a65534 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c @@ -1868,6 +1868,17 @@ static status_t manage_ipaddr(private_kernel_netlink_net_t *this, int nlmsg_type netlink_add_attribute(hdr, IFA_LOCAL, chunk, sizeof(request)); + if (ip->get_family(ip) == AF_INET6 && this->rta_prefsrc_for_ipv6) + { /* if source routes are possible we let the virtual IP get deprecated + * immediately (but mark it as valid forever) so it gets only used if + * forced by our route, and not by the default IPv6 address selection */ + struct ifa_cacheinfo cache = { + .ifa_valid = 0xFFFFFFFF, + .ifa_prefered = 0, + }; + netlink_add_attribute(hdr, IFA_CACHEINFO, chunk_from_thing(cache), + sizeof(request)); + } return this->socket->send_ack(this->socket, hdr); } |