There was a logic error in the code (based on the comment) that would request the kernel to dump the entire routing table over to us in cases completely unrelated to the issue.
This change corrects the issue by only requesting a dump when the issue mentioned in the comment occurs; namely when it's IPv6, the kernel of the system is < 3.0 and we actually have a candidate to check for. Signed-off-by: Oliver <[email protected]> --- src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c index 4e5e02d..c7e5403 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c @@ -1698,8 +1698,7 @@ static host_t *get_route(private_kernel_netlink_net_t *this, host_t *dest, chunk = chunk_from_thing(this->routing_mark.value); netlink_add_attribute(hdr, RTA_MARK, chunk, sizeof(request)); } - else if (family == AF_INET || this->rta_prefsrc_for_ipv6 || - this->routing_table || match_net) + else if (family == AF_INET6 && !this->rta_prefsrc_for_ipv6 && candidate) { /* kernels prior to 3.0 do not support RTA_PREFSRC for IPv6 routes. * as we want to ignore routes with virtual IPs we cannot use DUMP * if these routes are not installed in a separate table */ -- 2.3.6 _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
