|
|
27639a |
This implements the --nohostroute option that routing.c talks about. It
|
|
|
27639a |
prevents pptp from adding a host route towards the VPN server and would
|
|
|
27639a |
usually be used with either "Split tunneling" or the --rtmark option.
|
|
|
27639a |
Also document it appropriately.
|
|
|
27639a |
|
|
|
27639a |
(routing.c had it as --no-host-route, however the dashes are
|
|
|
27639a |
inconsistent with --nobuffer and --nolaunchpppd)
|
|
|
27639a |
|
|
|
27639a |
Signed-off-by: David Lamparter <david.lamparter@adyton.net>
|
|
|
27639a |
Cc: David Lamparter <equinox@diac24.net>
|
|
|
27639a |
Cc: Franco Fichtner <franco.fichtner@adyton.net>
|
|
|
27639a |
---
|
|
|
27639a |
Attached code is put into public domain affirmed by both me
|
|
|
27639a |
(David Lamparter, the author) as well as my employer (Adyton
|
|
|
27639a |
Systems AG) who paid for it to be written. Assigning copyright
|
|
|
27639a |
to the FSF is impossible under German law.
|
|
|
27639a |
|
|
|
27639a |
David Lamparter | Software Developer | Adyton Systems AG
|
|
|
27639a |
Mozartstr. 3 | 04107 Leipzig | Germany
|
|
|
27639a |
phone +49 341.39 299 343 | fax +49 341.39 299 343-9
|
|
|
27639a |
trade register: Amtsgericht Leipzig HRB26578
|
|
|
27639a |
|
|
|
27639a |
ChangeLog | 6 ++++++
|
|
|
27639a |
NEWS | 1 +
|
|
|
27639a |
pptp.8 | 27 +++++++++++++++++++++++++++
|
|
|
27639a |
pptp.c | 5 +++++
|
|
|
27639a |
pptp_callmgr.c | 7 +++++--
|
|
|
27639a |
routing.c | 2 +-
|
|
|
27639a |
6 files changed, 45 insertions(+), 3 deletions(-)
|
|
|
27639a |
|
|
|
27639a |
diff --git a/pptp.8 b/pptp.8
|
|
|
27639a |
index 2da66c9..017b5db 100644
|
|
|
27639a |
--- a/pptp.8
|
|
|
27639a |
+++ b/pptp.8
|
|
|
27639a |
@@ -92,6 +92,11 @@ can be used with
|
|
|
27639a |
|
|
|
27639a |
(requires root privileges or the CAP_NET_ADMIN capability.)
|
|
|
27639a |
.TP
|
|
|
27639a |
+.B \-\-nohostroute
|
|
|
27639a |
+Do not configure a host route pointing towards the PPTP server.
|
|
|
27639a |
+(cf. ROUTING below)
|
|
|
27639a |
+
|
|
|
27639a |
+.TP
|
|
|
27639a |
.B \-\-loglevel <level>
|
|
|
27639a |
Sets the debugging level (0=low, 1=default, 2=high)
|
|
|
27639a |
|
|
|
27639a |
@@ -115,6 +120,28 @@ Default is 100. Has no effect if test-type is zero. The result of
|
|
|
27639a |
test types 2 and 3 are undefined if this value is less than ten.
|
|
|
27639a |
|
|
|
27639a |
|
|
|
27639a |
+.SH "ROUTING"
|
|
|
27639a |
+When PPTP is used in conjunction with a default route on top of the
|
|
|
27639a |
+tunnel (or just any route encompassing the PPTP server),
|
|
|
27639a |
+the mechanics of routing would cause the PPTP packets themselves
|
|
|
27639a |
+to be routed over the tunnel. This would result in an encapsulation
|
|
|
27639a |
+loop, destroying connectivity.
|
|
|
27639a |
+
|
|
|
27639a |
+.B pptp
|
|
|
27639a |
+by default works around this by looking up the route towards the
|
|
|
27639a |
+PPTP server at startup and configures a host route with that data.
|
|
|
27639a |
+This essentially "freezes" routing for PPTP packets at the startup
|
|
|
27639a |
+configuration. This behaviour can be disabled with
|
|
|
27639a |
+.B --nohostroute
|
|
|
27639a |
+if undesired (like when using
|
|
|
27639a |
+.B --rtmark
|
|
|
27639a |
+to implement policy routing).
|
|
|
27639a |
+
|
|
|
27639a |
+.B NB:
|
|
|
27639a |
+the route added by
|
|
|
27639a |
+.B pptp
|
|
|
27639a |
+is currently not deleted at exit!
|
|
|
27639a |
+
|
|
|
27639a |
.SH "QUIRKS"
|
|
|
27639a |
|
|
|
27639a |
.TP
|
|
|
27639a |
diff --git a/pptp.c b/pptp.c
|
|
|
27639a |
index 26b6006..a3d4ad6 100644
|
|
|
27639a |
--- a/pptp.c
|
|
|
27639a |
+++ b/pptp.c
|
|
|
27639a |
@@ -121,6 +121,7 @@ void usage(char *progname)
|
|
|
27639a |
#ifdef SO_MARK
|
|
|
27639a |
" --rtmark <n> Use specified policy routing mark for all packets\n"
|
|
|
27639a |
#endif
|
|
|
27639a |
+ " --nohostroute Do not add host route towards <hostname>\n"
|
|
|
27639a |
" --loglevel <level> Sets the debugging level (0=low, 1=default, 2=high)\n"
|
|
|
27639a |
" --test-type <type> Damage the packet stream by reordering\n"
|
|
|
27639a |
" --test-rate <n> Do the test every n packets\n",
|
|
|
27639a |
@@ -136,6 +137,7 @@ struct in_addr localbind = { .s_addr = INADDR_ANY };
|
|
|
27639a |
struct in_addr localbind = { INADDR_NONE };
|
|
|
27639a |
#endif
|
|
|
27639a |
int rtmark = 0;
|
|
|
27639a |
+int nohostroute = 0;
|
|
|
27639a |
static int signaled = 0;
|
|
|
27639a |
|
|
|
27639a |
/*** do nothing signal handler ************************************************/
|
|
|
27639a |
@@ -217,6 +219,7 @@ int main(int argc, char **argv, char **envp)
|
|
|
27639a |
{"test-type", 1, 0, 0},
|
|
|
27639a |
{"test-rate", 1, 0, 0},
|
|
|
27639a |
{"rtmark", 1, 0, 0},
|
|
|
27639a |
+ {"nohostroute", 0, 0, 0},
|
|
|
27639a |
{0, 0, 0, 0}
|
|
|
27639a |
};
|
|
|
27639a |
int option_index = 0;
|
|
|
27639a |
@@ -303,6 +306,8 @@ int main(int argc, char **argv, char **envp)
|
|
|
27639a |
"this binary was compiled.\n");
|
|
|
27639a |
exit(2);
|
|
|
27639a |
#endif
|
|
|
27639a |
+ } else if (option_index == 16) { /* --nohostroute */
|
|
|
27639a |
+ nohostroute = 1;
|
|
|
27639a |
}
|
|
|
27639a |
break;
|
|
|
27639a |
case '?': /* unrecognised option */
|
|
|
27639a |
diff --git a/pptp_callmgr.c b/pptp_callmgr.c
|
|
|
27639a |
index e6b6fd3..3c5b83d 100644
|
|
|
27639a |
--- a/pptp_callmgr.c
|
|
|
27639a |
+++ b/pptp_callmgr.c
|
|
|
27639a |
@@ -32,6 +32,7 @@
|
|
|
27639a |
|
|
|
27639a |
extern struct in_addr localbind; /* from pptp.c */
|
|
|
27639a |
extern int rtmark;
|
|
|
27639a |
+extern int nohostroute;
|
|
|
27639a |
|
|
|
27639a |
int open_inetsock(struct in_addr inetaddr);
|
|
|
27639a |
int open_unixsock(struct in_addr inetaddr);
|
|
|
27639a |
@@ -124,8 +125,10 @@ int callmgr_main(int argc, char **argv, char **envp)
|
|
|
27639a |
phonenr = argc == 3 ? argv[2] : NULL;
|
|
|
27639a |
if (inet_aton(argv[1], &inetaddr) == 0)
|
|
|
27639a |
fatal("Invalid IP address: %s", argv[1]);
|
|
|
27639a |
- routing_init(inet_ntoa(inetaddr));
|
|
|
27639a |
- routing_start();
|
|
|
27639a |
+ if (!nohostroute) {
|
|
|
27639a |
+ routing_init(inet_ntoa(inetaddr));
|
|
|
27639a |
+ routing_start();
|
|
|
27639a |
+ }
|
|
|
27639a |
/* Step 1: Open sockets. */
|
|
|
27639a |
if ((inet_sock = open_inetsock(inetaddr)) < 0)
|
|
|
27639a |
fatal("Could not open control connection to %s", argv[1]);
|
|
|
27639a |
diff --git a/routing.c b/routing.c
|
|
|
27639a |
index b132d64..7ef5724 100644
|
|
|
27639a |
--- a/routing.c
|
|
|
27639a |
+++ b/routing.c
|
|
|
27639a |
@@ -51,7 +51,7 @@ Design discussion.
|
|
|
27639a |
The primary task of this module is to add a host route to the PPTP
|
|
|
27639a |
server so that the kernel continues to deliver PPTP control and data
|
|
|
27639a |
connection packets to the server despite the new PPP interface that is
|
|
|
27639a |
-created. The flag --no-host-route is to disable this (not yet implemented).
|
|
|
27639a |
+created. The flag --nohostroute is to disable this.
|
|
|
27639a |
|
|
|
27639a |
A secondary task may be to implement all-to-tunnel routing if the
|
|
|
27639a |
appropriate flag is specified on the command line. The flag
|