fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-02-09 15:30:27 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

policy: enforce absence of default route on never-default VPN connections

Browse source 
Signed-off-by: Thomas Haller <thaller@redhat.com>
This commit is contained in:
Thomas Haller 2014-11-19 20:54:37 +01:00
parent 308a5e7953
commit a0f81f266b
1 changed files with 4 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
src/nm-default-route-manager.c
View file

@ -119,14 +119,10 @@ typedef struct {
* (synced && never_default) entires the absence of the default route
* is enforced. NMDefaultRouteManager will actively remove any default
* route on such ifindexes.
* This combination makes only sense for device sources.
* Also, for VPN sources in addition we track them so that a never-default
* VPN connection can be choosen by get_best_config() to receive the DNS configuration.
*
* (!synced && never_default): this combination makes only sense for VPN sources.
* If a VPN gets no default route, we still track it so that we can choose
* it for DNS configuration.
* Effectively, we ignore any default routes on such ifindexes and don't configure
* them ourselfes. The VPN is tracked with its configured priority (regardless
* of whether any default routes are actually present on the interface).
* (!synced && never_default): this combination makes no sense.
*/
gboolean synced;
gboolean never_default;
@ -302,10 +298,6 @@ _platform_route_sync_flush (const VTableIP *vtable, NMDefaultRouteManager *self,
for (j = 0; j < entries->len; j++) {
Entry *e = g_ptr_array_index (entries, j);
if ( e->never_default
&& !NM_IS_DEVICE (e->source.object))
continue;
if ( e->route.rx.ifindex == route->ifindex
&& e->synced) {
has_ifindex_synced = TRUE;
@ -400,10 +392,6 @@ _get_assumed_interface_metrics (const VTableIP *vtable, NMDefaultRouteManager *s
for (j = 0; j < entries->len; j++) {
Entry *e = g_ptr_array_index (entries, j);
if ( e->never_default
&& !NM_IS_DEVICE (e->source.object))
continue;
if ( e->synced
&& e->route.rx.ifindex == route->ifindex) {
ifindex_has_synced_entry = TRUE;
@ -765,7 +753,7 @@ _ipx_update_default_route (const VTableIP *vtable, NMDefaultRouteManager *self,
}
}
}
synced = default_route && !never_default;
synced = TRUE;
}
}
g_assert (!default_route || default_route->plen == 0);