> This said, I see we have a "netbits_to_netmask(bits)" function in
> route.h -> please use that, it should be something like
>
> + if (af_family == AF_INET && local && !remote && prefixlen <= 30)
> + {
> + inet_address_t broadcast = *local;
> + broadcast.ipv4 |= ~netbits_to_netmask(prefixlen);
> + ...
>
> (maybe with an htonl() wrapped around)Thanks for pointing me to the netbits_to_netmask function. Using this function, the code looks so much cleaner. See the updated patch below. From 52b5f792cc3bbda0760cc8a3197331ad70ec9c85 Mon Sep 17 00:00:00 2001 From: Sebastian Marsching <[email protected]> Date: Fri, 12 Sep 2025 22:34:43 +0200 Subject: [PATCH] Bugfix: Set broadcast address on interface. This fixes a problem that was introduced in OpenVPN 2.5. Previously, the ifconfig utility was used for adding the local address to an interface. This utility automatically sets the correct broadcast address based on the given unicast address and netmask. Due to switching to iproute and Netlink, this does not happen automatically any longer, which means that applications that rely on broadcasts do not work correctly. This patch fixes this issue both when using iproute (by telling iproute to set the broadcast address based on the local address and prefix) and when using Netlink (by calculating the correct broadcast address and setting it). Signed-off-by: Sebastian Marsching <[email protected]> --- src/openvpn/networking_iproute2.c | 2 +- src/openvpn/networking_sitnl.c | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/src/openvpn/networking_iproute2.c b/src/openvpn/networking_iproute2.c index e9be3a45..773571d6 100644 --- a/src/openvpn/networking_iproute2.c +++ b/src/openvpn/networking_iproute2.c @@ -150,7 +150,7 @@ net_addr_v4_add(openvpn_net_ctx_t *ctx, const char *iface, const in_addr_t *addr const char *addr_str = print_in_addr_t(*addr, 0, &ctx->gc); - argv_printf(&argv, "%s addr add dev %s %s/%d", iproute_path, iface, addr_str, prefixlen); + argv_printf(&argv, "%s addr add dev %s %s/%d broadcast +", iproute_path, iface, addr_str, prefixlen); argv_msg(M_INFO, &argv); openvpn_execve_check(&argv, ctx->es, S_FATAL, "Linux ip addr add failed"); diff --git a/src/openvpn/networking_sitnl.c b/src/openvpn/networking_sitnl.c index 4210e92c..45e8b278 100644 --- a/src/openvpn/networking_sitnl.c +++ b/src/openvpn/networking_sitnl.c @@ -31,6 +31,7 @@ #include "misc.h" #include "networking.h" #include "proto.h" +#include "route.h" #include <errno.h> #include <string.h> @@ -760,6 +761,7 @@ sitnl_addr_set(int cmd, uint32_t flags, int ifindex, sa_family_t af_family, { struct sitnl_addr_req req; uint32_t size; + inet_address_t broadcast; int ret = -EINVAL; CLEAR(req); @@ -803,6 +805,13 @@ sitnl_addr_set(int cmd, uint32_t flags, int ifindex, sa_family_t af_family, SITNL_ADDATTR(&req.n, sizeof(req), IFA_LOCAL, local, size); } + if (af_family == AF_INET && local && !remote && prefixlen <= 30) + { + broadcast = *local; + broadcast.ipv4 |= htonl(~netbits_to_netmask(prefixlen)); + SITNL_ADDATTR(&req.n, sizeof(req), IFA_BROADCAST, &broadcast, size); + } + ret = sitnl_send(&req.n, 0, 0, NULL, NULL); if (ret == -EEXIST) { -- 2.50.0
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
