diff options
Diffstat (limited to 'src/charon/threads/kernel_interface.c')
| -rw-r--r-- | src/charon/threads/kernel_interface.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/charon/threads/kernel_interface.c b/src/charon/threads/kernel_interface.c index 43956b055..9ee788abf 100644 --- a/src/charon/threads/kernel_interface.c +++ b/src/charon/threads/kernel_interface.c @@ -1663,8 +1663,14 @@ static status_t add_policy(private_kernel_interface_t *this, return FAILED; } - if (direction == POLICY_FWD && mode != MODE_TRANSPORT && - src->get_family(src) != AF_INET6) + /* install a route, if: + * - we are NOT updating a policy + * - this is a forward policy (to just get one for each child) + * - we are in tunnel mode + * - we are not using IPv6 (does not work correctly yet!) + */ + if (policy->route == NULL && direction == POLICY_FWD && + mode != MODE_TRANSPORT && src->get_family(src) != AF_INET6) { policy->route = malloc_thing(route_entry_t); if (get_address_by_ts(this, dst_ts, &policy->route->src_ip) == SUCCESS) |