Gitiles
Code Review Sign In
review.blissroms.org / platform_system_netd / 0d5ae9805b1dcad074dd171dca62d5e3893d6a72
commit0d5ae9805b1dcad074dd171dca62d5e3893d6a72[log] [tgz]
authorchiachangwang <chiachangwang@google.com>Tue May 17 05:16:16 2022 +0000
committerchiachangwang <chiachangwang@google.com>Thu Jun 02 08:47:59 2022 +0000
tree54b09eb177e49a9a2d594858181876cc6f2a3942
parentcc77cdc20dbe0ab83b9c51cf3616fb258a2779e0 [diff]
Add app default local rule

Add an app default local rule prior to the VPN local route rule
to route the per app default local traffic.

If the routes setting for system default and app default are
overlapped with each other, the traffic may be routed
unexpectedly becuase the VPN local rules do not contain the
uid range information. The rule will match first before app
default rule. Thus, add an default local rule piror to the
VPN local route rule to address the issue.

Sample rule after applying the change:
 - App UID(99999)
 - Default(iface0), app default(iface1), vpn(tun0)

 25000:  ... 0x0/0x10000 iif lo uidrange 99998-99999 lookup iface1_local
 26000:  ... 0x0/0x10000 iif lo lookup iface0_local
 27000:  ... 0x0/0x30000 iif lo uidrange 99997-99998 lookup tun0
 28000:  ... 0xffdf/0xffff lookup iface0
 29000:  ... 0x0/0xffff iif lo uidrange 99998-99999 lookup iface1
 30000:  ... 0x0/0xffff iif lo lookup iface0

Bug: 184750836
Test: cd system/netd ; atest
Change-Id: Ic092398a0d89b0104afcee8e1f22dfa93fa408ae
3 files changed
tree: 54b09eb177e49a9a2d594858181876cc6f2a3942
  1. client/
  2. include/
  3. netutils_wrappers/
  4. server/
  5. tests/
  6. .clang-format ⇨ ../../build/soong/scripts/system-clang-format
  7. .editorconfig
  8. Android.bp
  9. NOTICE
  10. OWNERS
  11. PREUPLOAD.cfg
  12. TEST_MAPPING