From 6fbf4472ea785f3c75d278b1a7400534989bf26a Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 8 Aug 2012 15:39:07 +0200 Subject: [PATCH] Added option to prevent socket-default from setting the source address on outbound packets --- man/strongswan.conf.5.in | 3 +++ .../plugins/socket_default/socket_default_socket.c | 10 +++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/man/strongswan.conf.5.in b/man/strongswan.conf.5.in index 8fcba4a69..0c75bd026 100644 --- a/man/strongswan.conf.5.in +++ b/man/strongswan.conf.5.in @@ -496,6 +496,9 @@ is appended to this prefix to make it unique. The result has to be a valid interface name according to the rules defined by resolvconf. Also, it should have a high priority according to the order defined in interface-order(5). .TP +.BR charon.plugins.socket-default.set_source " [yes]" +Set source address on outbound packets, if possible. +.TP .BR charon.plugins.sql.database Database URI for charons SQL plugin .TP diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c index a7da2cc9c..c2b073418 100644 --- a/src/libcharon/plugins/socket_default/socket_default_socket.c +++ b/src/libcharon/plugins/socket_default/socket_default_socket.c @@ -116,6 +116,11 @@ struct private_socket_default_socket_t { * Maximum packet size to receive */ int max_packet; + + /** + * TRUE if the source address should be set on outbound packets + */ + bool set_source; }; METHOD(socket_t, receiver, status_t, @@ -352,7 +357,7 @@ METHOD(socket_t, sender, status_t, msg.msg_iovlen = 1; msg.msg_flags = 0; - if (!src->is_anyaddr(src)) + if (this->set_source && !src->is_anyaddr(src)) { if (family == AF_INET) { @@ -576,6 +581,9 @@ socket_default_socket_t *socket_default_socket_create() "%s.port_nat_t", CHARON_NATT_PORT, charon->name), .max_packet = lib->settings->get_int(lib->settings, "%s.max_packet", MAX_PACKET, charon->name), + .set_source = lib->settings->get_bool(lib->settings, + "%s.plugins.socket-default.set_source", TRUE, + charon->name), ); if (this->port && this->port == this->natt)