From 48db5806f3a99f6cac526fecd6df5a090b53c192 Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Thu, 5 Jan 2017 13:59:50 +0100 Subject: [PATCH] vpn: add device route to VPN gateway if parent has no gateway We set a dedicated route to reach the VPN gateway only if the parent device has a gateway. If the parent device doesn't have a gateway (for example in case of GSM connections) and the VPN gets the default route, the VPN gateway will be contacted through the VPN itself, which obviously doesn't work. Set up a device route if the parent device doesn't provide a gateway. https://bugzilla.redhat.com/show_bug.cgi?id=1403660 (cherry picked from commit ae5adc9e21c642a198868b519b2a278b0b108ab8) --- src/vpn-manager/nm-vpn-connection.c | 30 +++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/src/vpn-manager/nm-vpn-connection.c b/src/vpn-manager/nm-vpn-connection.c index 1441c3c68e..78f6c71063 100644 --- a/src/vpn-manager/nm-vpn-connection.c +++ b/src/vpn-manager/nm-vpn-connection.c @@ -683,12 +683,9 @@ add_ip4_vpn_gateway_route (NMIP4Config *config, NMDevice *parent_device, guint32 /* Set up a route to the VPN gateway's public IP address through the default * network device if the VPN gateway is on a different subnet. */ - parent_config = nm_device_get_ip4_config (parent_device); g_return_if_fail (parent_config != NULL); parent_gw = nm_ip4_config_get_gateway (parent_config); - if (!parent_gw) - return; route_metric = nm_device_get_ip4_route_metric (parent_device); @@ -696,6 +693,9 @@ add_ip4_vpn_gateway_route (NMIP4Config *config, NMDevice *parent_device, guint32 route.network = vpn_gw; route.plen = 32; route.gateway = parent_gw; + /* Set up a device route if the parent device has no gateway */ + if (!parent_gw) + route.ifindex = nm_device_get_ip_ifindex (parent_device); /* If the VPN gateway is in the same subnet as one of the parent device's * IP addresses, don't add the host route to it, but a route through the @@ -708,18 +708,20 @@ add_ip4_vpn_gateway_route (NMIP4Config *config, NMDevice *parent_device, guint32 route.metric = route_metric; nm_ip4_config_add_route (config, &route); - /* Ensure there's a route to the parent device's gateway through the - * parent device, since if the VPN claims the default route and the VPN - * routes include a subnet that matches the parent device's subnet, - * the parent device's gateway would get routed through the VPN and fail. - */ - memset (&route, 0, sizeof (route)); - route.network = parent_gw; - route.plen = 32; - route.rt_source = NM_IP_CONFIG_SOURCE_VPN; - route.metric = route_metric; + if (parent_gw) { + /* Ensure there's a route to the parent device's gateway through the + * parent device, since if the VPN claims the default route and the VPN + * routes include a subnet that matches the parent device's subnet, + * the parent device's gateway would get routed through the VPN and fail. + */ + memset (&route, 0, sizeof (route)); + route.network = parent_gw; + route.plen = 32; + route.rt_source = NM_IP_CONFIG_SOURCE_VPN; + route.metric = route_metric; - nm_ip4_config_add_route (config, &route); + nm_ip4_config_add_route (config, &route); + } } static void