fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-09 22:50:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/libnm-core
History
Thomas Haller 115291a46f wireguard: don't let explicit gateway override WireGuard's peer route 
The profile's "ipv4.gateway" and "ipv6.gateway" has only one real
purpose: to define the next hop of a static default route.

Usually, when specifying a gateway in this way, the default route from
other addressing methods (like DHCPv4 or IPv6 autoconf) gets ignored.

If you have a WireGuard peer with "AllowedIPs=0.0.0.0/0" and
"wireguard.peer-routes" enabled, NetworkManager would automatically add
a route to the peer. Previously, if the user also set a gateway, that
route was suppressed.

That doesn't feel right. Note that configuring a gateway on a WireGuard
profile is likely to be wrong to begin with. At least, unless you take
otherwise care to avoid routing loops. If you take care, setting a
gateway may work, but it would feel clearer to instead just add an
explicit /0 manual route instead.

Also, note that usually you don't need a gateway anyway. WireGuard is a
Layer 3 (IP) tunnel, where the next hop is alway just the other side of
the tunnel. The next hop has little effect on the routes that you
configure on a WireGuard interface. What however matters is whether a
default route is present or not.

Also, an explicit gateway probably works badly with "ipv[46].ip4-auto-default-route",
because in that case the automatism should add a /0 peer-route route in a
separate routing table. The explicit gateway interferes with that too.

Nonetheless, without this patch it's not obvious why the /0 peer
route gets suppressed when a gateway is set. Don't allow for that, and
always add the peer-route.

Probably the profile's gateway setting is still wrong and causes the
profile not to work. But at least, you see all routes configured, and
it's clearer where the (wrong) default route to the gateway comes from.
2020-04-22 11:36:51 +02:00
..
tests nm-setting-bridge: add 'multicast-router' bridge option 2020-04-06 09:56:11 +02:00
meson.build license: Add license using SPDX identifiers to meson build files 2020-02-17 13:16:57 +01:00
nm-connection-private.h libnm: always return normalized-type from _nm_setting_ovs_interface_verify_interface_type() 2020-02-26 17:51:14 +01:00
nm-connection.c all: use nm_clear_pointer() instead of g_clear_pointer() 2020-03-23 11:22:38 +01:00
nm-connection.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-core-enum-types.c.template libnm-core: add ovs-dpdk setting 2019-06-14 12:10:20 +02:00
nm-core-enum-types.h.template build: use template files for enum types' sources generation 2017-12-18 11:25:06 +01:00
nm-core-internal.h bond: small cleanups 2020-04-10 17:46:22 +02:00
nm-core-types-internal.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-core-types.h libnm-core,cli: add VRF setting 2020-01-14 09:49:01 +01:00
nm-crypto-gnutls.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-crypto-impl.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-crypto-nss.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-crypto.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-crypto.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-dbus-interface.h core,libnm: add VRF support 2020-01-14 09:51:56 +01:00
nm-dbus-utils.c libnm: drop unused _nm_dbus_proxy_call_sync() helper 2019-12-03 16:32:08 +01:00
nm-errors.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-errors.h license: relicense "libnm-core/nm-errors.h" under LGPL-2.1+ 2020-02-16 15:55:55 +01:00
nm-json.c libnm/license: relicense "libnm-core/nm-json.[hc]" under LGPL-2.1+ 2019-11-06 17:30:25 +01:00
nm-json.h libnm/license: relicense "libnm-core/nm-json.[hc]" under LGPL-2.1+ 2019-11-06 17:30:25 +01:00
nm-property-compare.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-property-compare.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-6lowpan.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-6lowpan.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-8021x.c Add domain_match mode for wifi certificate domain comparison 2020-03-23 20:31:09 +01:00
nm-setting-8021x.h Add domain_match mode for wifi certificate domain comparison 2020-03-23 20:31:09 +01:00
nm-setting-adsl.c libnm-core: minor cleanup checks in "nm-setting-adsl.c"'s verify() 2020-03-17 08:02:54 +01:00
nm-setting-adsl.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-bluetooth.c libnm-core: fix wording for 'nm_sett_info_propert_type_mac_addrees' 2020-03-19 16:59:07 +01:00
nm-setting-bluetooth.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-bond.c bond: small cleanups 2020-04-10 17:46:22 +02:00
nm-setting-bond.h nm-setting-bond: add API to libnm to get the normalized bond option value 2020-03-06 10:39:00 +01:00
nm-setting-bridge-port.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-bridge-port.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-bridge.c nm-setting-bridge: add 'multicast-querier' bridge option 2020-04-06 09:56:11 +02:00
nm-setting-bridge.h nm-setting-bridge: add 'multicast-querier' bridge option 2020-04-06 09:56:11 +02:00
nm-setting-cdma.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-cdma.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-connection.c libnm: validate "connection.interface-name" at one place only 2020-02-26 17:51:14 +01:00
nm-setting-connection.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-dcb.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-dcb.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-dummy.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-dummy.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ethtool.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ethtool.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-generic.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-generic.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-gsm.c libnm/doc: fix gtk-doc for deprecated markers in libnm 2020-03-23 09:32:04 +01:00
nm-setting-gsm.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-infiniband.c all: use nm_clear_g_free() instead of g_clear_pointer() 2020-03-23 11:05:34 +01:00
nm-setting-infiniband.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ip-config.c dns: add trust-ad DNS option only if all contributing settings agree 2020-04-20 15:54:43 +02:00
nm-setting-ip-config.h libnm-core: add 'no-reload' and 'trust-ad' resolv.conf options 2020-04-20 11:28:29 +02:00
nm-setting-ip-tunnel.c all: use nm_utils_ifname_valid_kernel() instead of nm_utils_is_valid_iface_name() 2020-02-17 15:27:35 +01:00
nm-setting-ip-tunnel.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ip4-config.c ifcfg-rh: add support for DHCP hostname flags 2019-11-28 17:56:35 +01:00
nm-setting-ip4-config.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ip6-config.c libnm,cli,ifcfg-rh: add ipv6.ra-timeout configuration option 2020-02-17 14:43:13 +01:00
nm-setting-ip6-config.h libnm,cli,ifcfg-rh: add ipv6.ra-timeout configuration option 2020-02-17 14:43:13 +01:00
nm-setting-macsec.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-macsec.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-macvlan.c all: use nm_utils_ifname_valid_kernel() instead of nm_utils_is_valid_iface_name() 2020-02-17 15:27:35 +01:00
nm-setting-macvlan.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-match.c libnm-core: remove trailing dot from setting description 2020-03-23 11:42:57 +01:00
nm-setting-match.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-olpc-mesh.c libnm-core: fix wording for 'nm_sett_info_propert_type_mac_addrees' 2020-03-19 16:59:07 +01:00
nm-setting-olpc-mesh.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ovs-bridge.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-ovs-bridge.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ovs-dpdk.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-ovs-dpdk.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ovs-interface.c libnm: validate "connection.interface-name" at one place only 2020-02-26 17:51:14 +01:00
nm-setting-ovs-interface.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ovs-patch.c all: use nm_utils_ipaddr_is_valid() instead of nm_utils_ipaddr_valid() 2020-01-28 11:17:41 +01:00
nm-setting-ovs-patch.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ovs-port.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-ovs-port.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-ppp.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-ppp.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-pppoe.c all: use nm_utils_ifname_valid_kernel() instead of nm_utils_is_valid_iface_name() 2020-02-17 15:27:35 +01:00
nm-setting-pppoe.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-private.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-proxy.c libnm/proxy: use int type for proxy.method property 2019-12-24 07:48:35 +01:00
nm-setting-proxy.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-serial.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-serial.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-sriov.c libnm-core: slightly improve sriov setting documentation 2020-03-23 11:42:57 +01:00
nm-setting-sriov.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-tc-config.c libnm-core: remove trailing dot from setting description 2020-03-23 11:42:57 +01:00
nm-setting-tc-config.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-team-port.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-team-port.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-team.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-team.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-tun.c libnm: don't have G_PARAM_CONSTRUCT properties in NMSetting instances 2019-12-24 07:47:50 +01:00
nm-setting-tun.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-user.c all: use nm_clear_pointer() instead of g_clear_pointer() 2020-03-23 11:22:38 +01:00
nm-setting-user.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-vlan.c all: use nm_utils_ifname_valid_kernel() instead of nm_utils_is_valid_iface_name() 2020-02-17 15:27:35 +01:00
nm-setting-vlan.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-vpn.c libnm: convert vpn-secrets to D-Bus in stable order 2020-04-04 19:51:34 +02:00
nm-setting-vpn.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-vrf.c libnm-core: remove trailing dot from setting description 2020-03-23 11:42:57 +01:00
nm-setting-vrf.h libnm-core,cli: add VRF setting 2020-01-14 09:49:01 +01:00
nm-setting-vxlan.c all: use nm_utils_ifname_valid_kernel() instead of nm_utils_is_valid_iface_name() 2020-02-17 15:27:35 +01:00
nm-setting-vxlan.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wifi-p2p.c all: use nm_clear_pointer() instead of g_clear_pointer() 2020-03-23 11:22:38 +01:00
nm-setting-wifi-p2p.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wimax.c libnm-core: fix wording for 'nm_sett_info_propert_type_mac_addrees' 2020-03-19 16:59:07 +01:00
nm-setting-wimax.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wired.c libnm-core: fix wording for 'nm_sett_info_propert_type_mac_addrees' 2020-03-19 16:59:07 +01:00
nm-setting-wired.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wireguard.c wireguard: don't let explicit gateway override WireGuard's peer route 2020-04-22 11:36:51 +02:00
nm-setting-wireguard.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wireless-security.c all: use g_ascii_strcasecmp() instead of the locale dependent strcasecmp() 2020-02-11 15:23:06 +01:00
nm-setting-wireless-security.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wireless.c libnm/doc: fix gtk-doc for deprecated markers in libnm 2020-03-23 09:32:04 +01:00
nm-setting-wireless.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wpan.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting-wpan.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-setting.c libnm-core,cli: add VRF setting 2020-01-14 09:49:01 +01:00
nm-setting.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-simple-connection.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-simple-connection.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-team-utils.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-team-utils.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-utils-private.h nm-setting-bridge: add 'group-address' bridge option 2020-04-06 09:56:11 +02:00
nm-utils.c libnm: cleanup _nm_utils_dns_option_validate() 2020-04-20 15:54:43 +02:00
nm-utils.h libnm/utils: add OWE security type 2019-12-05 14:00:10 +01:00
nm-version.h release: bump version to 1.25.0 (development) 2020-04-10 18:08:10 +02:00
nm-vpn-dbus-interface.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-vpn-editor-plugin.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-vpn-editor-plugin.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-vpn-plugin-info.c all: use nm_clear_pointer() instead of g_clear_pointer() 2020-03-23 11:22:38 +01:00
nm-vpn-plugin-info.h libnm: hide NMVpnPluginInfo structs from public API 2020-03-14 18:04:05 +01:00