diff options
Diffstat (limited to 'src/starter/confread.c')
| -rw-r--r-- | src/starter/confread.c | 60 |
1 files changed, 42 insertions, 18 deletions
diff --git a/src/starter/confread.c b/src/starter/confread.c index c4b8916ae..45fbb03cc 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -136,9 +136,8 @@ load_setup(starter_config_t *cfg, config_parsed_t *cfgp) } } -static void -kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token - , kw_list_t *kw, char *conn_name, starter_config_t *cfg) +static void kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token, + kw_list_t *kw, char *conn_name, starter_config_t *cfg) { err_t ugh = NULL; bool assigned = FALSE; @@ -188,31 +187,54 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token plog("# natip and sourceip cannot be defined at the same time"); goto err; } - if (streq(value, "%modeconfig") || streq(value, "%modecfg") || - streq(value, "%config") || streq(value, "%cfg")) + if (value[0] == '%') { - free(end->srcip); - end->srcip = NULL; + if (streq(value, "%modeconfig") || streq(value, "%modecfg") || + streq(value, "%config") || streq(value, "%cfg")) + { + /* request ip via config payload */ + end->sourceip = NULL; + end->sourceip_mask = 1; + } + else + { /* %poolname, strip %, serve ip requests */ + end->sourceip = clone_str(value+1); + end->sourceip_mask = 0; + } end->modecfg = TRUE; } else { + char *pos; ip_address addr; ip_subnet net; conn->tunnel_addr_family = ip_version(value); - if (strchr(value, '/')) + pos = strchr(value, '/'); + + if (pos) { /* CIDR notation, address pool */ ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &net); + if (ugh != NULL) + { + plog("# bad subnet: %s=%s [%s]", name, value, ugh); + goto err; + } + *pos = '\0'; + end->sourceip = clone_str(value); + end->sourceip_mask = atoi(pos + 1); } - else if (value[0] != '%') - { /* old style fixed srcip, a %poolname otherwise */ + else + { /* fixed srcip */ ugh = ttoaddr(value, 0, conn->tunnel_addr_family, &addr); - } - if (ugh != NULL) - { - plog("# bad addr: %s=%s [%s]", name, value, ugh); - goto err; + if (ugh != NULL) + { + plog("# bad addr: %s=%s [%s]", name, value, ugh); + goto err; + } + end->sourceip = clone_str(value); + end->sourceip_mask = (conn->tunnel_addr_family == AF_INET) ? + 32 : 128; } } conn->policy |= POLICY_TUNNEL; @@ -302,7 +324,9 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token if (streq(value, "%defaultroute")) { if (cfg->defaultroute.defined) + { end->nexthop = cfg->defaultroute.nexthop; + } else { plog("# default route not known: %s=%s", name, value); @@ -346,7 +370,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token end->has_port_wildcard = has_port_wildcard; break; case KW_NATIP: - if (end->srcip) + if (end->sourceip) { plog("# natip and sourceip cannot be defined at the same time"); goto err; @@ -358,7 +382,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token if (cfg->defaultroute.defined) { addrtot(&cfg->defaultroute.addr, 0, buf, sizeof(buf)); - end->srcip = clone_str(buf); + end->sourceip = clone_str(buf); } else { @@ -377,7 +401,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token plog("# bad addr: %s=%s [%s]", name, value, ugh); goto err; } - end->srcip = clone_str(value); + end->sourceip = clone_str(value); } end->has_natip = TRUE; conn->policy |= POLICY_TUNNEL; |