options: enable IPv4 redirection logic only if really required

If no IPv4 redirection flag is set, do not enable the IPv4 redirection logic at all so that it won't bother adding any useless IPv4 route. Trac: #208 Signed-off-by: Antonio Quartulli <antonio@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20200608153239.2260-1-a@unstable.cc> URL: https://www.mail-archive.com/search?l=mid&q=20200608153239.2260-1-a@unstable.cc Signed-off-by: Gert Doering <gert@greenie.muc.de>
2024-09-20 03:52:28 +02:00 · 2020-06-08 17:32:39 +02:00 · 2020-06-08 17:32:39 +02:00 · 070319c135
commit 070319c135
parent 25266ebba9
1 changed files with 13 additions and 2 deletions
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@ -6542,6 +6542,18 @@ add_option(struct options *options,
        int j;
        VERIFY_PERMISSION(OPT_P_ROUTE);
        rol_check_alloc(options);
+
+        if (options->routes->flags & RG_ENABLE)
+        {
+            msg(M_WARN,
+                "WARNING: You have specified redirect-gateway and "
+                "redirect-private at the same time (or the same option "
+                "multiple times). This is not well supported and may lead to "
+                "unexpected results");
+        }
+
+        options->routes->flags |= RG_ENABLE;
+
        if (streq(p[0], "redirect-gateway"))
        {
            options->routes->flags |= RG_REROUTE_GW;
@ -6579,7 +6591,7 @@ add_option(struct options *options,
            }
            else if (streq(p[j], "!ipv4"))
            {
-                options->routes->flags &= ~RG_REROUTE_GW;
+                options->routes->flags &= ~(RG_REROUTE_GW | RG_ENABLE);
            }
            else
            {
@ -6591,7 +6603,6 @@ add_option(struct options *options,
        /* we need this here to handle pushed --redirect-gateway */
        remap_redirect_gateway_flags(options);
 #endif
-        options->routes->flags |= RG_ENABLE;
    }
    else if (streq(p[0], "block-ipv6") && !p[1])
    {