diff options
author | Thomas Haller <thaller@redhat.com> | 2014-11-04 15:05:24 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2014-11-07 15:23:12 +0100 |
commit | eb61cdc6c5df248c6c42eeaa8ba54a9fe24ef809 (patch) | |
tree | 737e359933dc898814f584b32d6ab3f721385675 /src | |
parent | ff40ccf8994ab5a45f88bc95bd0ef7467c0810e0 (diff) | |
download | NetworkManager-eb61cdc6c5df248c6c42eeaa8ba54a9fe24ef809.tar.gz |
policy: set default routes for VPN via NMDefaultRouteManager
Signed-off-by: Thomas Haller <thaller@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/nm-default-route-manager.c | 22 | ||||
-rw-r--r-- | src/nm-default-route-manager.h | 2 | ||||
-rw-r--r-- | src/nm-policy.c | 86 |
3 files changed, 17 insertions, 93 deletions
diff --git a/src/nm-default-route-manager.c b/src/nm-default-route-manager.c index 49831375ee..f5b671a32a 100644 --- a/src/nm-default-route-manager.c +++ b/src/nm-default-route-manager.c @@ -523,10 +523,6 @@ _ipx_update_default_route (const VTableIP *vtable, NMDefaultRouteManager *self, } } } - - /* FIXME: for now, only track the default route for VPN. - * Enable actual configuration of the route later. */ - never_default = TRUE; } } g_assert (!default_route || default_route->plen == 0); @@ -790,7 +786,6 @@ _ipx_get_best_config (const VTableIP *vtable, gboolean ignore_never_default, NMDevice *preferred_device, const char **out_ip_iface, - int *out_ip_ifindex, NMActiveConnection **out_ac, NMDevice **out_device, NMVpnConnection **out_vpn) @@ -803,6 +798,15 @@ _ipx_get_best_config (const VTableIP *vtable, g_return_val_if_fail (NM_IS_DEFAULT_ROUTE_MANAGER (self), NULL); + if (out_ip_iface) + *out_ip_iface = NULL; + if (out_ac) + *out_ac = NULL; + if (out_device) + *out_device = NULL; + if (out_vpn) + *out_vpn = NULL; + priv = NM_DEFAULT_ROUTE_MANAGER_GET_PRIVATE (self); /* If a VPN connection is active, it is preferred */ @@ -855,8 +859,6 @@ _ipx_get_best_config (const VTableIP *vtable, *out_ac = active; if (out_ip_iface) *out_ip_iface = nm_vpn_connection_get_ip_iface (candidate); - if (out_ip_ifindex) - *out_ip_ifindex = nm_vpn_connection_get_ip_ifindex (candidate); break; } @@ -878,8 +880,6 @@ _ipx_get_best_config (const VTableIP *vtable, *out_ac = NM_ACTIVE_CONNECTION (req); if (out_ip_iface) *out_ip_iface = nm_device_get_ip_iface (device); - if (out_ip_ifindex) - *out_ip_ifindex = nm_device_get_ip_ifindex (device); } } @@ -892,7 +892,6 @@ nm_default_route_manager_ip4_get_best_config (NMDefaultRouteManager *self, gboolean ignore_never_default, NMDevice *preferred_device, const char **out_ip_iface, - int *out_ip_ifindex, NMActiveConnection **out_ac, NMDevice **out_device, NMVpnConnection **out_vpn) @@ -903,7 +902,6 @@ nm_default_route_manager_ip4_get_best_config (NMDefaultRouteManager *self, ignore_never_default, preferred_device, out_ip_iface, - out_ip_ifindex, out_ac, out_device, out_vpn); @@ -915,7 +913,6 @@ nm_default_route_manager_ip6_get_best_config (NMDefaultRouteManager *self, gboolean ignore_never_default, NMDevice *preferred_device, const char **out_ip_iface, - int *out_ip_ifindex, NMActiveConnection **out_ac, NMDevice **out_device, NMVpnConnection **out_vpn) @@ -926,7 +923,6 @@ nm_default_route_manager_ip6_get_best_config (NMDefaultRouteManager *self, ignore_never_default, preferred_device, out_ip_iface, - out_ip_ifindex, out_ac, out_device, out_vpn); diff --git a/src/nm-default-route-manager.h b/src/nm-default-route-manager.h index 6961979404..6f49d3130a 100644 --- a/src/nm-default-route-manager.h +++ b/src/nm-default-route-manager.h @@ -65,7 +65,6 @@ NMIP4Config *nm_default_route_manager_ip4_get_best_config (NMDefaultRouteManager gboolean ignore_never_default, NMDevice *preferred_device, const char **out_ip_iface, - int *out_ip_ifindex, NMActiveConnection **out_ac, NMDevice **out_device, NMVpnConnection **out_vpn); @@ -74,7 +73,6 @@ NMIP6Config *nm_default_route_manager_ip6_get_best_config (NMDefaultRouteManager gboolean ignore_never_default, NMDevice *preferred_device, const char **out_ip_iface, - int *out_ip_ifindex, NMActiveConnection **out_ac, NMDevice **out_device, NMVpnConnection **out_vpn); diff --git a/src/nm-policy.c b/src/nm-policy.c index 0a90965892..e31ba13e11 100644 --- a/src/nm-policy.c +++ b/src/nm-policy.c @@ -382,7 +382,6 @@ static NMIP4Config * get_best_ip4_config (NMPolicy *self, gboolean ignore_never_default, const char **out_ip_iface, - int *out_ip_ifindex, NMActiveConnection **out_ac, NMDevice **out_device, NMVpnConnection **out_vpn) @@ -394,7 +393,6 @@ get_best_ip4_config (NMPolicy *self, ignore_never_default, priv->default_device4, out_ip_iface, - out_ip_ifindex, out_ac, out_device, out_vpn); @@ -408,7 +406,7 @@ update_ip4_dns (NMPolicy *policy, NMDnsManager *dns_mgr) NMVpnConnection *vpn = NULL; NMDnsIPConfigType dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE; - ip4_config = get_best_ip4_config (policy, TRUE, &ip_iface, NULL, NULL, NULL, &vpn); + ip4_config = get_best_ip4_config (policy, TRUE, &ip_iface, NULL, NULL, &vpn); if (ip4_config) { if (vpn) dns_type = NM_DNS_IP_CONFIG_TYPE_VPN; @@ -428,16 +426,12 @@ update_ip4_routing (NMPolicy *policy, gboolean force_update) NMConnection *connection = NULL; NMVpnConnection *vpn = NULL; NMActiveConnection *best_ac = NULL; - NMIP4Config *ip4_config = NULL; const char *ip_iface = NULL; - int ip_ifindex = -1; - guint32 gw_addr = 0; /* Note that we might have an IPv4 VPN tunneled over an IPv6-only device, * so we can get (vpn != NULL && best == NULL). */ - ip4_config = get_best_ip4_config (policy, FALSE, &ip_iface, &ip_ifindex, &best_ac, &best, &vpn); - if (!ip4_config) { + if (!get_best_ip4_config (policy, FALSE, &ip_iface, &best_ac, &best, &vpn)) { gboolean changed; changed = (priv->default_device4 != NULL); @@ -452,8 +446,6 @@ update_ip4_routing (NMPolicy *policy, gboolean force_update) if (!force_update && best && (best == priv->default_device4)) return; - gw_addr = nm_ip4_config_get_gateway (ip4_config); - if (best) { const GSList *connections, *iter; @@ -468,32 +460,9 @@ update_ip4_routing (NMPolicy *policy, gboolean force_update) } } - if (vpn) { - in_addr_t int_gw = nm_vpn_connection_get_ip4_internal_gateway (vpn); - int mss = nm_ip4_config_get_mss (ip4_config); - guint32 route_metric = nm_vpn_connection_get_ip4_route_metric (vpn); - - /* If no VPN interface, use the parent interface */ - if (ip_ifindex <= 0) - ip_ifindex = nm_device_get_ip_ifindex (nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn))); - - if (!nm_platform_ip4_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN, - 0, 0, int_gw, - route_metric, mss)) { - if (int_gw) { - (void) nm_platform_ip4_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN, - int_gw, 32, 0, - route_metric, mss); - if (!nm_platform_ip4_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN, - 0, 0, int_gw, - route_metric, mss)) - nm_log_err (LOGD_IP4 | LOGD_VPN, "Failed to set IPv4 default route via VPN."); - } else - nm_log_err (LOGD_IP4 | LOGD_VPN, "Failed to set IPv4 default route via VPN."); - } - + if (vpn) default_device = nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn)); - } else + else default_device = best; update_default_ac (policy, best_ac, nm_active_connection_set_default); @@ -512,7 +481,6 @@ static NMIP6Config * get_best_ip6_config (NMPolicy *self, gboolean ignore_never_default, const char **out_ip_iface, - int *out_ip_ifindex, NMActiveConnection **out_ac, NMDevice **out_device, NMVpnConnection **out_vpn) @@ -524,7 +492,6 @@ get_best_ip6_config (NMPolicy *self, ignore_never_default, priv->default_device6, out_ip_iface, - out_ip_ifindex, out_ac, out_device, out_vpn); @@ -538,7 +505,7 @@ update_ip6_dns (NMPolicy *policy, NMDnsManager *dns_mgr) NMVpnConnection *vpn = NULL; NMDnsIPConfigType dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE; - ip6_config = get_best_ip6_config (policy, TRUE, &ip_iface, NULL, NULL, NULL, &vpn); + ip6_config = get_best_ip6_config (policy, TRUE, &ip_iface, NULL, NULL, &vpn); if (ip6_config) { if (vpn) dns_type = NM_DNS_IP_CONFIG_TYPE_VPN; @@ -558,16 +525,12 @@ update_ip6_routing (NMPolicy *policy, gboolean force_update) NMConnection *connection = NULL; NMVpnConnection *vpn = NULL; NMActiveConnection *best_ac = NULL; - NMIP6Config *ip6_config = NULL; const char *ip_iface = NULL; - int ip_ifindex = -1; - const struct in6_addr *gw_addr; /* Note that we might have an IPv6 VPN tunneled over an IPv4-only device, * so we can get (vpn != NULL && best == NULL). */ - ip6_config = get_best_ip6_config (policy, FALSE, &ip_iface, &ip_ifindex, &best_ac, &best, &vpn); - if (!ip6_config) { + if (!get_best_ip6_config (policy, FALSE, &ip_iface, &best_ac, &best, &vpn)) { gboolean changed; changed = (priv->default_device6 != NULL); @@ -582,13 +545,6 @@ update_ip6_routing (NMPolicy *policy, gboolean force_update) if (!force_update && best && (best == priv->default_device6)) return; - /* If no better gateway is found, use ::; not all configurations will - * have a gateway, especially WWAN/Point-to-Point connections. - */ - gw_addr = nm_ip6_config_get_gateway (ip6_config); - if (!gw_addr) - gw_addr = &in6addr_any; - if (best) { const GSList *connections, *iter; @@ -603,35 +559,9 @@ update_ip6_routing (NMPolicy *policy, gboolean force_update) } } - if (vpn) { - const struct in6_addr *int_gw = nm_vpn_connection_get_ip6_internal_gateway (vpn); - int mss = nm_ip6_config_get_mss (ip6_config); - guint32 route_metric = nm_vpn_connection_get_ip6_route_metric (vpn); - - if (!int_gw) - int_gw = &in6addr_any; - - /* If no VPN interface, use the parent interface */ - if (ip_ifindex <= 0) - ip_ifindex = nm_device_get_ip_ifindex (nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn))); - - if (!nm_platform_ip6_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN, - in6addr_any, 0, *int_gw, - route_metric, mss)) { - if (!IN6_IS_ADDR_UNSPECIFIED (int_gw)) { - (void) nm_platform_ip6_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN, - *int_gw, 128, in6addr_any, - route_metric, mss); - if (!nm_platform_ip6_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN, - in6addr_any, 0, *int_gw, - route_metric, mss)) - nm_log_err (LOGD_IP6 | LOGD_VPN, "Failed to set IPv6 default route via VPN."); - } else - nm_log_err (LOGD_IP6 | LOGD_VPN, "Failed to set IPv6 default route via VPN."); - } - + if (vpn) default_device6 = nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn)); - } else + else default_device6 = best; update_default_ac (policy, best_ac, nm_active_connection_set_default6); |