Re: [strongSwan-dev] install_virtual_ip option not working with kernel-pfroute

Mon, 10 Aug 2015 08:05:25 -0700 

Hello,

Could you please send me some feedback on this patch?

Emeric

----- Mail original -----
De: "Emeric POUPON" <[email protected]>
À: [email protected]
Envoyé: Lundi 11 Mai 2015 15:08:10
Objet: [strongSwan-dev] install_virtual_ip option not working with      
kernel-pfroute

Hello,

I noticed the option "install_virtual_ip" is not working on my setup (FreeBSD).
Actually, the "kernel-pfroute" plugin that is used do not implement that 
setting.

It would be fine to get it on this plugin too.

As an example, I have reapplied some code from the kernel_netlink plugin in 
order to make it work:

diff --git a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c 
b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
index 0f78022..df80c29 100644
--- a/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
+++ b/src/libhydra/plugins/kernel_pfroute/kernel_pfroute_net.c
@@ -408,6 +408,11 @@ struct private_kernel_pfroute_net_t
         * Time in ms to wait for IP addresses to appear/disappear
         */
        int vip_wait;
+
+       /**
+        * whether to actually install virtual IPs
+        */
+       bool install_virtual_ip;
 };
 
 
@@ -1197,6 +1202,11 @@ METHOD(kernel_net_t, add_ip, status_t,
        tun_device_t *tun;
        bool timeout = FALSE;
 
+       if (!this->install_virtual_ip)
+       {       /* disabled by config */
+               return SUCCESS;
+       }
+
        tun = tun_device_create(NULL);
        if (!tun)
        {
@@ -1271,6 +1281,11 @@ METHOD(kernel_net_t, del_ip, status_t,
        host_t *addr;
        bool timeout = FALSE, found = FALSE;
 
+       if (!this->install_virtual_ip)
+       {       /* disabled by config */
+               return SUCCESS;
+       }
+
        this->lock->write_lock(this->lock);
        enumerator = this->tuns->create_enumerator(this->tuns);
        while (enumerator->enumerate(enumerator, &tun))
@@ -1848,6 +1863,8 @@ kernel_pfroute_net_t *kernel_pfroute_net_create()
                .roam_lock = spinlock_create(),
                .vip_wait = lib->settings->get_int(lib->settings,
                                                
"%s.plugins.kernel-pfroute.vip_wait", 1000, lib->ns),
+               .install_virtual_ip = lib->settings->get_bool(lib->settings,
+                                               "%s.install_virtual_ip", TRUE, 
lib->ns),
        );
        timerclear(&this->last_route_reinstall);
        timerclear(&this->next_roam);




Regards,

Emeric
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev

Reply via email to