From d227929b5db049ca6efbef9fb7d84be5e545b41d Mon Sep 17 00:00:00 2001
From: Gert Doering <gert@greenie.muc.de>
Date: Fri, 11 Sep 2015 17:33:44 +0200
Subject: Implement '--redirect-gateway ipv6'

Add "ipv6" and "!ipv4" sub-options to "--redirect-gateway" option.

This is done in the same way as in the OpenVPN 3 code base, so
"--redirect-gateway ipv6" will redirect both IPv4 and IPv6 - if you
want v6-only, use "--redirect-gateway ipv6 !ipv4".

The actual implementation is much simpler than for IPv4 - we just
add a few extra routes to the route_ipv6_option_list and leave it to
init_route_ipv6_list() to figure out whether there is an overlap with
IPv6 transport, and if yes, insert a host route to the VPN server
via the current IPv6 default gateway.

Signed-off-by: Gert Doering <gert@greenie.muc.de>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1441985627-14822-8-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10086
---
 src/openvpn/init.c    | 15 +++++++++++++++
 src/openvpn/options.c |  7 +++++++
 2 files changed, 22 insertions(+)

(limited to 'src/openvpn')

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 922308d..f568d87 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1195,6 +1195,21 @@ do_init_route_ipv6_list (const struct options *options,
   if (options->route_default_metric)
     metric = options->route_default_metric;
 
+  /* redirect (IPv6) gateway to VPN?  if yes, add a few more specifics
+   */
+  if ( options->routes_ipv6->flags & RG_REROUTE_GW )
+    {
+      char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL };
+      int i;
+
+      for (i=0; opt_list[i]; i++)
+	{
+	  add_route_ipv6_to_option_list( options->routes_ipv6,
+		      string_alloc (opt_list[i], options->routes_ipv6->gc),
+		      NULL, NULL );
+	}
+    }
+
   if (!init_route_ipv6_list (route_ipv6_list,
 			options->routes_ipv6,
 			gw,
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 581db52..5ace1f3 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -5366,6 +5366,13 @@ add_option (struct options *options,
 	    options->routes->flags |= RG_BYPASS_DNS;
 	  else if (streq (p[j], "block-local"))
 	    options->routes->flags |= RG_BLOCK_LOCAL;
+	  else if (streq (p[j], "ipv6"))
+	    {
+	      rol6_check_alloc (options);
+	      options->routes_ipv6->flags |= RG_REROUTE_GW;
+	    }
+	  else if (streq (p[j], "!ipv4"))
+	    options->routes->flags &= ~RG_REROUTE_GW;
 	  else
 	    {
 	      msg (msglevel, "unknown --%s flag: %s", p[0], p[j]);
-- 
cgit