7035340b21
farp: Ignore SAs with 0.0.0.0/0 remote traffic selector
...
This is mostly to avoid hijacking the local LAN if the farp plugin is
inadvertently active on a roadwarrior.
Fixes #3116 .
2019-12-06 10:06:16 +01:00
202c204785
farp: Only cache IPv4 traffic selectors
...
Since ARP is IPv4 only there is no point caching IPv6 traffic
selectors/CHILD_SAs.
2019-12-06 09:58:29 +01:00
6138b8d629
farp: Only remove one tracked entry
...
Multiple CHILD_SAs sharing the same traffic selectors (e.g. during
make-before-break reauthentication) also have the same reqid assigned.
If all matching entries are removed we could end up without entry even
though an SA exists that still uses these traffic selectors.
Fixes #2373 .
2017-07-27 13:07:23 +02:00
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
553bb78730
child-sa: replace get_traffic_selectors() with create_ts_enumerator()
...
Not directly returning a linked list allows us to change the internals of
the CHILD_SA transparently.
2013-07-17 17:20:18 +02:00
12642a6831
Moved data structures to new collections subfolder
2012-10-24 16:00:49 +02:00
45f20f8a79
farp plugin sends ARP responses for any tunneled address, not only virtual IPs
2012-03-06 16:06:33 +01:00
360ef1606f
Fixed handling of IKE_SAs without a virtual IP in farp plugin
2010-03-30 10:24:47 +02:00
dc70a5bb0b
Use message hook to catch virtual IP, as it is not yet set in ike_updown
2010-03-25 14:39:32 +01:00
479a7b7d17
Added locking to farp listener
2010-03-25 14:39:32 +01:00
660e16f5b2
Added a listener to the farp plugin that keeps track of active virtual IPs
2010-03-25 14:39:32 +01:00
Tobias Brunner