diff options
| author | Gert Doering <gert@greenie.muc.de> | 2015-09-11 17:33:44 +0200 |
|---|---|---|
| committer | Gert Doering <gert@greenie.muc.de> | 2015-09-20 14:19:53 +0200 |
| commit | d227929b5db049ca6efbef9fb7d84be5e545b41d (patch) | |
| tree | 935bddbe382129c95bbdd95999d7240c43342b54 /src/openvpn | |
| parent | 1ff39cff4e644103607f0266cd4666dab18716c5 (diff) | |
| download | openvpn-d227929b5db049ca6efbef9fb7d84be5e545b41d.tar.gz openvpn-d227929b5db049ca6efbef9fb7d84be5e545b41d.tar.xz openvpn-d227929b5db049ca6efbef9fb7d84be5e545b41d.zip | |
Implement '--redirect-gateway ipv6'
Add "ipv6" and "!ipv4" sub-options to "--redirect-gateway" option.
This is done in the same way as in the OpenVPN 3 code base, so
"--redirect-gateway ipv6" will redirect both IPv4 and IPv6 - if you
want v6-only, use "--redirect-gateway ipv6 !ipv4".
The actual implementation is much simpler than for IPv4 - we just
add a few extra routes to the route_ipv6_option_list and leave it to
init_route_ipv6_list() to figure out whether there is an overlap with
IPv6 transport, and if yes, insert a host route to the VPN server
via the current IPv6 default gateway.
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1441985627-14822-8-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10086
Diffstat (limited to 'src/openvpn')
| -rw-r--r-- | src/openvpn/init.c | 15 | ||||
| -rw-r--r-- | src/openvpn/options.c | 7 |
2 files changed, 22 insertions, 0 deletions
diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 922308d..f568d87 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -1195,6 +1195,21 @@ do_init_route_ipv6_list (const struct options *options, if (options->route_default_metric) metric = options->route_default_metric; + /* redirect (IPv6) gateway to VPN? if yes, add a few more specifics + */ + if ( options->routes_ipv6->flags & RG_REROUTE_GW ) + { + char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL }; + int i; + + for (i=0; opt_list[i]; i++) + { + add_route_ipv6_to_option_list( options->routes_ipv6, + string_alloc (opt_list[i], options->routes_ipv6->gc), + NULL, NULL ); + } + } + if (!init_route_ipv6_list (route_ipv6_list, options->routes_ipv6, gw, diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 581db52..5ace1f3 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -5366,6 +5366,13 @@ add_option (struct options *options, options->routes->flags |= RG_BYPASS_DNS; else if (streq (p[j], "block-local")) options->routes->flags |= RG_BLOCK_LOCAL; + else if (streq (p[j], "ipv6")) + { + rol6_check_alloc (options); + options->routes_ipv6->flags |= RG_REROUTE_GW; + } + else if (streq (p[j], "!ipv4")) + options->routes->flags &= ~RG_REROUTE_GW; else { msg (msglevel, "unknown --%s flag: %s", p[0], p[j]); |