summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Haller <thaller@redhat.com>2014-11-04 15:05:24 +0100
committerThomas Haller <thaller@redhat.com>2014-11-07 15:23:12 +0100
commiteb61cdc6c5df248c6c42eeaa8ba54a9fe24ef809 (patch)
tree737e359933dc898814f584b32d6ab3f721385675
parentff40ccf8994ab5a45f88bc95bd0ef7467c0810e0 (diff)
downloadNetworkManager-eb61cdc6c5df248c6c42eeaa8ba54a9fe24ef809.tar.gz
policy: set default routes for VPN via NMDefaultRouteManager
Signed-off-by: Thomas Haller <thaller@redhat.com>
Diffstat
-rw-r--r--src/nm-default-route-manager.c22
-rw-r--r--src/nm-default-route-manager.h2
-rw-r--r--src/nm-policy.c86
3 files changed, 17 insertions, 93 deletions
diff --git a/src/nm-default-route-manager.c b/src/nm-default-route-manager.c
index 49831375ee..f5b671a32a 100644
--- a/src/nm-default-route-manager.c
+++ b/src/nm-default-route-manager.c
@@ -523,10 +523,6 @@ _ipx_update_default_route (const VTableIP *vtable, NMDefaultRouteManager *self,
}
}
}
-
- /* FIXME: for now, only track the default route for VPN.
- * Enable actual configuration of the route later. */
- never_default = TRUE;
}
}
g_assert (!default_route || default_route->plen == 0);
@@ -790,7 +786,6 @@ _ipx_get_best_config (const VTableIP *vtable,
gboolean ignore_never_default,
NMDevice *preferred_device,
const char **out_ip_iface,
- int *out_ip_ifindex,
NMActiveConnection **out_ac,
NMDevice **out_device,
NMVpnConnection **out_vpn)
@@ -803,6 +798,15 @@ _ipx_get_best_config (const VTableIP *vtable,
g_return_val_if_fail (NM_IS_DEFAULT_ROUTE_MANAGER (self), NULL);
+ if (out_ip_iface)
+ *out_ip_iface = NULL;
+ if (out_ac)
+ *out_ac = NULL;
+ if (out_device)
+ *out_device = NULL;
+ if (out_vpn)
+ *out_vpn = NULL;
+
priv = NM_DEFAULT_ROUTE_MANAGER_GET_PRIVATE (self);
/* If a VPN connection is active, it is preferred */
@@ -855,8 +859,6 @@ _ipx_get_best_config (const VTableIP *vtable,
*out_ac = active;
if (out_ip_iface)
*out_ip_iface = nm_vpn_connection_get_ip_iface (candidate);
- if (out_ip_ifindex)
- *out_ip_ifindex = nm_vpn_connection_get_ip_ifindex (candidate);
break;
}
@@ -878,8 +880,6 @@ _ipx_get_best_config (const VTableIP *vtable,
*out_ac = NM_ACTIVE_CONNECTION (req);
if (out_ip_iface)
*out_ip_iface = nm_device_get_ip_iface (device);
- if (out_ip_ifindex)
- *out_ip_ifindex = nm_device_get_ip_ifindex (device);
}
}
@@ -892,7 +892,6 @@ nm_default_route_manager_ip4_get_best_config (NMDefaultRouteManager *self,
gboolean ignore_never_default,
NMDevice *preferred_device,
const char **out_ip_iface,
- int *out_ip_ifindex,
NMActiveConnection **out_ac,
NMDevice **out_device,
NMVpnConnection **out_vpn)
@@ -903,7 +902,6 @@ nm_default_route_manager_ip4_get_best_config (NMDefaultRouteManager *self,
ignore_never_default,
preferred_device,
out_ip_iface,
- out_ip_ifindex,
out_ac,
out_device,
out_vpn);
@@ -915,7 +913,6 @@ nm_default_route_manager_ip6_get_best_config (NMDefaultRouteManager *self,
gboolean ignore_never_default,
NMDevice *preferred_device,
const char **out_ip_iface,
- int *out_ip_ifindex,
NMActiveConnection **out_ac,
NMDevice **out_device,
NMVpnConnection **out_vpn)
@@ -926,7 +923,6 @@ nm_default_route_manager_ip6_get_best_config (NMDefaultRouteManager *self,
ignore_never_default,
preferred_device,
out_ip_iface,
- out_ip_ifindex,
out_ac,
out_device,
out_vpn);
diff --git a/src/nm-default-route-manager.h b/src/nm-default-route-manager.h
index 6961979404..6f49d3130a 100644
--- a/src/nm-default-route-manager.h
+++ b/src/nm-default-route-manager.h
@@ -65,7 +65,6 @@ NMIP4Config *nm_default_route_manager_ip4_get_best_config (NMDefaultRouteManager
gboolean ignore_never_default,
NMDevice *preferred_device,
const char **out_ip_iface,
- int *out_ip_ifindex,
NMActiveConnection **out_ac,
NMDevice **out_device,
NMVpnConnection **out_vpn);
@@ -74,7 +73,6 @@ NMIP6Config *nm_default_route_manager_ip6_get_best_config (NMDefaultRouteManager
gboolean ignore_never_default,
NMDevice *preferred_device,
const char **out_ip_iface,
- int *out_ip_ifindex,
NMActiveConnection **out_ac,
NMDevice **out_device,
NMVpnConnection **out_vpn);
diff --git a/src/nm-policy.c b/src/nm-policy.c
index 0a90965892..e31ba13e11 100644
--- a/src/nm-policy.c
+++ b/src/nm-policy.c
@@ -382,7 +382,6 @@ static NMIP4Config *
get_best_ip4_config (NMPolicy *self,
gboolean ignore_never_default,
const char **out_ip_iface,
- int *out_ip_ifindex,
NMActiveConnection **out_ac,
NMDevice **out_device,
NMVpnConnection **out_vpn)
@@ -394,7 +393,6 @@ get_best_ip4_config (NMPolicy *self,
ignore_never_default,
priv->default_device4,
out_ip_iface,
- out_ip_ifindex,
out_ac,
out_device,
out_vpn);
@@ -408,7 +406,7 @@ update_ip4_dns (NMPolicy *policy, NMDnsManager *dns_mgr)
NMVpnConnection *vpn = NULL;
NMDnsIPConfigType dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE;
- ip4_config = get_best_ip4_config (policy, TRUE, &ip_iface, NULL, NULL, NULL, &vpn);
+ ip4_config = get_best_ip4_config (policy, TRUE, &ip_iface, NULL, NULL, &vpn);
if (ip4_config) {
if (vpn)
dns_type = NM_DNS_IP_CONFIG_TYPE_VPN;
@@ -428,16 +426,12 @@ update_ip4_routing (NMPolicy *policy, gboolean force_update)
NMConnection *connection = NULL;
NMVpnConnection *vpn = NULL;
NMActiveConnection *best_ac = NULL;
- NMIP4Config *ip4_config = NULL;
const char *ip_iface = NULL;
- int ip_ifindex = -1;
- guint32 gw_addr = 0;
/* Note that we might have an IPv4 VPN tunneled over an IPv6-only device,
* so we can get (vpn != NULL && best == NULL).
*/
- ip4_config = get_best_ip4_config (policy, FALSE, &ip_iface, &ip_ifindex, &best_ac, &best, &vpn);
- if (!ip4_config) {
+ if (!get_best_ip4_config (policy, FALSE, &ip_iface, &best_ac, &best, &vpn)) {
gboolean changed;
changed = (priv->default_device4 != NULL);
@@ -452,8 +446,6 @@ update_ip4_routing (NMPolicy *policy, gboolean force_update)
if (!force_update && best && (best == priv->default_device4))
return;
- gw_addr = nm_ip4_config_get_gateway (ip4_config);
-
if (best) {
const GSList *connections, *iter;
@@ -468,32 +460,9 @@ update_ip4_routing (NMPolicy *policy, gboolean force_update)
}
}
- if (vpn) {
- in_addr_t int_gw = nm_vpn_connection_get_ip4_internal_gateway (vpn);
- int mss = nm_ip4_config_get_mss (ip4_config);
- guint32 route_metric = nm_vpn_connection_get_ip4_route_metric (vpn);
-
- /* If no VPN interface, use the parent interface */
- if (ip_ifindex <= 0)
- ip_ifindex = nm_device_get_ip_ifindex (nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn)));
-
- if (!nm_platform_ip4_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN,
- 0, 0, int_gw,
- route_metric, mss)) {
- if (int_gw) {
- (void) nm_platform_ip4_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN,
- int_gw, 32, 0,
- route_metric, mss);
- if (!nm_platform_ip4_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN,
- 0, 0, int_gw,
- route_metric, mss))
- nm_log_err (LOGD_IP4 | LOGD_VPN, "Failed to set IPv4 default route via VPN.");
- } else
- nm_log_err (LOGD_IP4 | LOGD_VPN, "Failed to set IPv4 default route via VPN.");
- }
-
+ if (vpn)
default_device = nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn));
- } else
+ else
default_device = best;
update_default_ac (policy, best_ac, nm_active_connection_set_default);
@@ -512,7 +481,6 @@ static NMIP6Config *
get_best_ip6_config (NMPolicy *self,
gboolean ignore_never_default,
const char **out_ip_iface,
- int *out_ip_ifindex,
NMActiveConnection **out_ac,
NMDevice **out_device,
NMVpnConnection **out_vpn)
@@ -524,7 +492,6 @@ get_best_ip6_config (NMPolicy *self,
ignore_never_default,
priv->default_device6,
out_ip_iface,
- out_ip_ifindex,
out_ac,
out_device,
out_vpn);
@@ -538,7 +505,7 @@ update_ip6_dns (NMPolicy *policy, NMDnsManager *dns_mgr)
NMVpnConnection *vpn = NULL;
NMDnsIPConfigType dns_type = NM_DNS_IP_CONFIG_TYPE_BEST_DEVICE;
- ip6_config = get_best_ip6_config (policy, TRUE, &ip_iface, NULL, NULL, NULL, &vpn);
+ ip6_config = get_best_ip6_config (policy, TRUE, &ip_iface, NULL, NULL, &vpn);
if (ip6_config) {
if (vpn)
dns_type = NM_DNS_IP_CONFIG_TYPE_VPN;
@@ -558,16 +525,12 @@ update_ip6_routing (NMPolicy *policy, gboolean force_update)
NMConnection *connection = NULL;
NMVpnConnection *vpn = NULL;
NMActiveConnection *best_ac = NULL;
- NMIP6Config *ip6_config = NULL;
const char *ip_iface = NULL;
- int ip_ifindex = -1;
- const struct in6_addr *gw_addr;
/* Note that we might have an IPv6 VPN tunneled over an IPv4-only device,
* so we can get (vpn != NULL && best == NULL).
*/
- ip6_config = get_best_ip6_config (policy, FALSE, &ip_iface, &ip_ifindex, &best_ac, &best, &vpn);
- if (!ip6_config) {
+ if (!get_best_ip6_config (policy, FALSE, &ip_iface, &best_ac, &best, &vpn)) {
gboolean changed;
changed = (priv->default_device6 != NULL);
@@ -582,13 +545,6 @@ update_ip6_routing (NMPolicy *policy, gboolean force_update)
if (!force_update && best && (best == priv->default_device6))
return;
- /* If no better gateway is found, use ::; not all configurations will
- * have a gateway, especially WWAN/Point-to-Point connections.
- */
- gw_addr = nm_ip6_config_get_gateway (ip6_config);
- if (!gw_addr)
- gw_addr = &in6addr_any;
-
if (best) {
const GSList *connections, *iter;
@@ -603,35 +559,9 @@ update_ip6_routing (NMPolicy *policy, gboolean force_update)
}
}
- if (vpn) {
- const struct in6_addr *int_gw = nm_vpn_connection_get_ip6_internal_gateway (vpn);
- int mss = nm_ip6_config_get_mss (ip6_config);
- guint32 route_metric = nm_vpn_connection_get_ip6_route_metric (vpn);
-
- if (!int_gw)
- int_gw = &in6addr_any;
-
- /* If no VPN interface, use the parent interface */
- if (ip_ifindex <= 0)
- ip_ifindex = nm_device_get_ip_ifindex (nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn)));
-
- if (!nm_platform_ip6_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN,
- in6addr_any, 0, *int_gw,
- route_metric, mss)) {
- if (!IN6_IS_ADDR_UNSPECIFIED (int_gw)) {
- (void) nm_platform_ip6_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN,
- *int_gw, 128, in6addr_any,
- route_metric, mss);
- if (!nm_platform_ip6_route_add (ip_ifindex, NM_IP_CONFIG_SOURCE_VPN,
- in6addr_any, 0, *int_gw,
- route_metric, mss))
- nm_log_err (LOGD_IP6 | LOGD_VPN, "Failed to set IPv6 default route via VPN.");
- } else
- nm_log_err (LOGD_IP6 | LOGD_VPN, "Failed to set IPv6 default route via VPN.");
- }
-
+ if (vpn)
default_device6 = nm_active_connection_get_device (NM_ACTIVE_CONNECTION (vpn));
- } else
+ else
default_device6 = best;
update_default_ac (policy, best_ac, nm_active_connection_set_default6);
View Lorry Controller Status