Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1625?usp=email
to review the following change.
Change subject: Enable per-socket bind_dev via --local
......................................................................
Enable per-socket bind_dev via --local
A bind device can now be specified within a
--local statement allowing to bind
different sockets to different devices.
Change-Id: I6319c951327a9b994ffae0ba35270b0887455203
Signed-off-by: Gianmarco De Gregori <[email protected]>
---
M doc/man-sections/link-options.rst
M src/openvpn/options.c
M src/openvpn/options.h
M src/openvpn/socket.c
4 files changed, 19 insertions(+), 4 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/25/1625/1
diff --git a/doc/man-sections/link-options.rst
b/doc/man-sections/link-options.rst
index edda1ca..4b3200a 100644
--- a/doc/man-sections/link-options.rst
+++ b/doc/man-sections/link-options.rst
@@ -111,7 +111,7 @@
Valid syntax:
::
- local host|* [port] [protocol]
+ local host|* [port] [protocol] [bind device]
Local host name or IP address and port for bind. If specified, OpenVPN will
bind
to this address. If unspecified, OpenVPN will bind to all interfaces.
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index b8d0f5a..6958953 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -3830,6 +3830,7 @@
ASSERT(e);
e->port = o->ce.local_port;
e->proto = o->ce.proto;
+ e->bind_dev = o->bind_dev;
}
/* use the same listen list for every outgoing connection */
@@ -5972,7 +5973,7 @@
VERIFY_PERMISSION(OPT_P_UP);
options->ifconfig_nowarn = true;
}
- else if (streq(p[0], "local") && p[1] && !p[4])
+ else if (streq(p[0], "local") && p[1] && !p[5])
{
struct local_entry *e;
@@ -5998,6 +5999,17 @@
{
e->proto = ascii2proto(p[3]);
}
+#if defined(TARGET_LINUX)
+ if (p[4])
+ {
+ e->bind_dev = p[4];
+ }
+#else
+ if (p[4])
+ {
+ msg(M_WARN | M_ERRNO, "Note: bind_dev is ignored on non-Linux
systems");
+ }
+#endif
}
else if (streq(p[0], "remote-random") && !p[1])
{
@@ -6526,7 +6538,7 @@
}
}
}
-#ifdef TARGET_LINUX
+#if defined(TARGET_LINUX)
else if (streq(p[0], "bind-dev") && p[1])
{
VERIFY_PERMISSION(OPT_P_SOCKFLAGS);
diff --git a/src/openvpn/options.h b/src/openvpn/options.h
index 422820c..0c4d11c 100644
--- a/src/openvpn/options.h
+++ b/src/openvpn/options.h
@@ -101,6 +101,7 @@
const char *local;
const char *port;
int proto;
+ const char *bind_dev;
};
struct connection_entry
diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index 624ce4f..9c69ca4 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -1349,6 +1349,7 @@
const char *host = o->ce.local_list->array[sock_index]->local;
const char *port = o->ce.local_list->array[sock_index]->port;
int proto = o->ce.local_list->array[sock_index]->proto;
+ const char *bind_dev = o->ce.local_list->array[sock_index]->bind_dev;
const char *remote_host = o->ce.remote;
const char *remote_port = o->ce.remote_port;
@@ -1409,7 +1410,8 @@
#endif
sock->mark = o->mark;
- sock->bind_dev = o->bind_dev;
+ /* bind_dev from local_list will trump on the global option. */
+ sock->bind_dev = bind_dev ? bind_dev : o->bind_dev;
sock->info.proto = proto;
sock->info.af = o->ce.af;
sock->info.remote_float = o->ce.remote_float;
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1625?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings?usp=email
Gerrit-MessageType: newchange
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I6319c951327a9b994ffae0ba35270b0887455203
Gerrit-Change-Number: 1625
Gerrit-PatchSet: 1
Gerrit-Owner: its_Giaan <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
