diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2018-06-04 09:59:21 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2018-06-04 09:59:21 +0200 |
| commit | 9207a0837c19c2f1bf9486d1621438693841039f (patch) | |
| tree | c5b31310d6d5b8db2904a3309c5c4ee81e7584f2 /src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | |
| parent | 3456101fa5dfd78d8b74c005b8dad281bb045398 (diff) | |
| parent | 51a71ee15c1bcf0e82f363a16898f571e211f9c3 (diff) | |
| download | vyos-strongswan-9207a0837c19c2f1bf9486d1621438693841039f.tar.gz vyos-strongswan-9207a0837c19c2f1bf9486d1621438693841039f.zip | |
Update upstream source from tag 'upstream/5.6.3'
Update to upstream version '5.6.3'
with Debian dir d2b13199c1ca302286cbf83878342276cb01d710
Diffstat (limited to 'src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c')
| -rw-r--r-- | src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index 79abe587a..80c484b47 100644 --- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -220,6 +220,11 @@ struct private_kernel_pfkey_ipsec_t bool install_routes; /** + * whether to install the route via internal interface + */ + bool route_via_internal; + + /** * mutex to lock access to the PF_KEY socket */ mutex_t *mutex_pfkey; @@ -2361,7 +2366,7 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this, /* if the IP is virtual, we install the route over the interface it has * been installed on. Otherwise we use the interface we use for IKE, as * this is required for example on Linux. */ - if (is_virtual) + if (is_virtual || this->route_via_internal) { free(route->if_name); route->if_name = NULL; @@ -3164,6 +3169,9 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create() .install_routes = lib->settings->get_bool(lib->settings, "%s.install_routes", TRUE, lib->ns), + .route_via_internal = lib->settings->get_bool(lib->settings, + "%s.plugins.kernel-pfkey.route_via_internal", + FALSE, lib->ns), ); if (streq(lib->ns, "starter")) |