summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--accel-pppd/ctrl/ipoe/ipoe.c24
-rw-r--r--accel-pppd/libnetlink/iputils.c37
-rw-r--r--accel-pppd/libnetlink/iputils.h3
-rw-r--r--drivers/ipoe/ipoe.c31
4 files changed, 87 insertions, 8 deletions
diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c
index fe5f2283..39f414ab 100644
--- a/accel-pppd/ctrl/ipoe/ipoe.c
+++ b/accel-pppd/ctrl/ipoe/ipoe.c
@@ -932,8 +932,10 @@ static void __ipoe_session_activate(struct ipoe_session *ses)
if (ses->ifindex == -1) {
if (serv->opt_ifcfg)
- ipaddr_add_peer(serv->ifindex, ses->router, 32, ses->yiaddr);
- } else
+ ipaddr_add_peer(serv->ifindex, ses->router, ses->yiaddr);
+ } else if (ses->ses.ipv4->peer_addr != ses->yiaddr)
+ ipaddr_add_peer(ses->ifindex, ses->router, ses->yiaddr);
+ else
ses->ctrl.dont_ifcfg = 0;
if (ses->serv->opt_mode == MODE_L2 && ses->serv->opt_ipv6 && sock6_fd != -1) {
@@ -1061,6 +1063,9 @@ static void ipoe_session_started(struct ap_session *s)
}
ses->dhcpv4->recv = ipoe_ses_recv_dhcpv4;
}
+
+ if (ses->ses.ipv4->peer_addr != ses->yiaddr)
+ iproute_add(ses->ifindex, ses->ses.ipv4->addr, ses->ses.ipv4->peer_addr, 0, conf_proto, 32);
}
static void ipoe_session_free(struct ipoe_session *ses)
@@ -1107,11 +1112,23 @@ static void ipoe_session_finished(struct ap_session *s)
struct ipoe_session *ses = container_of(s, typeof(*ses), ses);
struct ipoe_serv *serv = ses->serv;
struct unit_cache *uc;
+ struct ifreq ifr;
log_ppp_info1("ipoe: session finished\n");
if (ses->ifindex != -1) {
- if (uc_size < conf_unit_cache && !ipoe_nl_modify(ses->ifindex, 0, 0, 0, 0, NULL)) {
+ if (uc_size < conf_unit_cache) {
+ strcpy(ifr.ifr_name, s->ifname);
+ ioctl(sock_fd, SIOCGIFFLAGS, &ifr);
+ if (ifr.ifr_flags & IFF_UP) {
+ ifr.ifr_flags &= ~IFF_UP;
+ ioctl(sock_fd, SIOCSIFFLAGS, &ifr);
+ }
+
+ ipaddr_del_peer(ses->ifindex, ses->router, ses->yiaddr);
+
+ ipoe_nl_modify(ses->ifindex, 0, 0, 0, 0, NULL);
+
uc = mempool_alloc(uc_pool);
uc->ifindex = ses->ifindex;
pthread_mutex_lock(&uc_lock);
@@ -1141,7 +1158,6 @@ static void ipoe_session_finished(struct ap_session *s)
triton_event_fire(EV_CTRL_FINISHED, s);
if (s->ifindex == ses->serv->ifindex && strcmp(s->ifname, ses->serv->ifname)) {
- struct ifreq ifr;
int flags;
log_info2("ipoe: rename %s to %s\n", s->ifname, ses->serv->ifname);
diff --git a/accel-pppd/libnetlink/iputils.c b/accel-pppd/libnetlink/iputils.c
index 8bcee50d..1052b609 100644
--- a/accel-pppd/libnetlink/iputils.c
+++ b/accel-pppd/libnetlink/iputils.c
@@ -329,7 +329,7 @@ int __export ipaddr_add(int ifindex, in_addr_t addr, int mask)
return r;
}
-int __export ipaddr_add_peer(int ifindex, in_addr_t addr, int mask, in_addr_t peer_addr)
+int __export ipaddr_add_peer(int ifindex, in_addr_t addr, in_addr_t peer_addr)
{
struct ipaddr_req {
struct nlmsghdr n;
@@ -349,7 +349,7 @@ int __export ipaddr_add_peer(int ifindex, in_addr_t addr, int mask, in_addr_t pe
req.n.nlmsg_type = RTM_NEWADDR;
req.i.ifa_family = AF_INET;
req.i.ifa_index = ifindex;
- req.i.ifa_prefixlen = mask;
+ req.i.ifa_prefixlen = 32;
addattr32(&req.n, sizeof(req), IFA_LOCAL, addr);
addattr32(&req.n, sizeof(req), IFA_ADDRESS, peer_addr);
@@ -394,6 +394,39 @@ int __export ipaddr_del(int ifindex, in_addr_t addr, int mask)
return r;
}
+int __export ipaddr_del_peer(int ifindex, in_addr_t addr, in_addr_t peer)
+{
+ struct ipaddr_req {
+ struct nlmsghdr n;
+ struct ifaddrmsg i;
+ char buf[4096];
+ } req;
+ struct rtnl_handle *rth = net->rtnl_get();
+ int r = 0;
+
+ if (!rth)
+ return -1;
+
+ memset(&req, 0, sizeof(req) - 4096);
+
+ req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifaddrmsg));
+ req.n.nlmsg_flags = NLM_F_REQUEST;
+ req.n.nlmsg_type = RTM_DELADDR;
+ req.i.ifa_family = AF_INET;
+ req.i.ifa_index = ifindex;
+ req.i.ifa_prefixlen = 32;
+
+ addattr32(&req.n, sizeof(req), IFA_LOCAL, addr);
+ addattr32(&req.n, sizeof(req), IFA_ADDRESS, peer);
+
+ if (rtnl_talk(rth, &req.n, 0, 0, NULL, NULL, NULL, 0) < 0)
+ r = -1;
+
+ net->rtnl_put(rth);
+
+ return r;
+}
+
int __export iproute_add(int ifindex, in_addr_t src, in_addr_t dst, in_addr_t gw, int proto, int mask)
{
struct ipaddr_req {
diff --git a/accel-pppd/libnetlink/iputils.h b/accel-pppd/libnetlink/iputils.h
index a623197f..301cfed1 100644
--- a/accel-pppd/libnetlink/iputils.h
+++ b/accel-pppd/libnetlink/iputils.h
@@ -13,8 +13,9 @@ int iplink_vlan_del(int ifindex);
int iplink_vlan_get_vid(int ifindex, int *iflink);
int ipaddr_add(int ifindex, in_addr_t addr, int mask);
-int ipaddr_add_peer(int ifindex, in_addr_t addr, int mask, in_addr_t peer_addr);
+int ipaddr_add_peer(int ifindex, in_addr_t addr, in_addr_t peer_addr);
int ipaddr_del(int ifindex, in_addr_t addr, int mask);
+int ipaddr_del_peer(int ifindex, in_addr_t addr, in_addr_t peer);
int iproute_add(int ifindex, in_addr_t src, in_addr_t dst, in_addr_t gw, int proto, int mask);
int iproute_del(int ifindex, in_addr_t dst, int proto, int mask);
diff --git a/drivers/ipoe/ipoe.c b/drivers/ipoe/ipoe.c
index f1addcc8..ceab7c9b 100644
--- a/drivers/ipoe/ipoe.c
+++ b/drivers/ipoe/ipoe.c
@@ -138,6 +138,8 @@ static int ipoe_do_nat(struct sk_buff *skb, __be32 new_addr, int to_peer);
static int ipoe_queue_u(struct sk_buff *skb, __be32 addr);
static int ipoe_lookup1_u(__be32 addr, unsigned long *ts);
+static struct net *pick_net(struct sk_buff *skb);
+
static const struct net_device_ops ipoe_netdev_ops;
static struct genl_family ipoe_nl_family;
@@ -223,6 +225,33 @@ static int ipoe_check_exclude(__be32 addr)
return r;
}
+static int check_nat_required(struct sk_buff *skb, struct net_device *link)
+{
+ struct net *net = pick_net(skb);
+ struct rtable *rt;
+ struct flowi4 fl4;
+ struct iphdr *iph = ip_hdr(skb);
+ int r = 0;
+
+ if (!list_empty(&ipoe_networks))
+ return ipoe_check_network(iph->daddr) == 0;
+
+ memset(&fl4, 0, sizeof(fl4));
+ fl4.daddr = iph->daddr;
+ fl4.flowi4_tos = RT_TOS(0);
+ fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
+ rt = ip_route_output_key(net, &fl4);
+ if (IS_ERR(rt))
+ return 0;
+
+ if (rt->rt_gateway || (rt->dst.dev != link && rt->dst.dev != skb->dev))
+ r = 1;
+
+ ip_rt_put(rt);
+
+ return r;
+}
+
static int ipoe_do_nat(struct sk_buff *skb, __be32 new_addr, int to_peer)
{
struct iphdr *iph;
@@ -789,7 +818,7 @@ static rx_handler_result_t ipoe_recv(struct sk_buff **pskb)
else if (memcmp(eth->h_source, ses->hwaddr, ETH_ALEN))
goto drop;
- if (ses->addr > 1 && ipoe_do_nat(skb, ses->addr, 0))
+ if (ses->addr > 1 && check_nat_required(skb, ses->link_dev) && ipoe_do_nat(skb, ses->addr, 0))
goto drop;
skb->dev = ses->dev;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 06:10:48 +0000