ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

kernel-pfkey: Use address in TS to determine interface for shunt routes

This commit is contained in:
Tobias Brunner 2014-06-26 16:38:28 +02:00
parent 60f5fb2318
commit f22add05f6
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
View File

@ -2230,19 +2230,22 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this,
{
route->gateway = hydra->kernel_interface->get_nexthop(
hydra->kernel_interface, dst, -1, src);
/* if the IP is virtual, we install the route over the interface it has
* been installed on. Otherwise we use the interface we use for IKE, as
* this is required for example on Linux. */
if (is_virtual)
{
src = route->src_ip;
}
}
else
{ /* for shunt policies */
route->gateway = hydra->kernel_interface->get_nexthop(
hydra->kernel_interface, policy->src.net,
policy->src.mask, route->src_ip);
}
/* if the IP is virtual, we install the route over the interface it has
* been installed on. Otherwise we use the interface we use for IKE, as
* this is required for example on Linux. */
if (is_virtual)
{
/* we don't have a source address, use the address we found */
src = route->src_ip;
}