Gitiles
Code Review Sign In
review.blissroms.org / platform_system_netd / 8b9cdd27dea02e13dd4b142b80bae9caebc515ae
commit8b9cdd27dea02e13dd4b142b80bae9caebc515ae[log] [tgz]
authorChiachang Wang <chiachangwang@google.com>Thu Jan 27 10:43:28 2022 +0800
committerChiachang Wang <chiachangwang@google.com>Thu Jan 27 10:43:56 2022 +0800
treed0d770bc61c55c81ca3da6864e8eb284ecbfb9ff
parente7bf5f50cf05a2fa000654df4363905959270e37 [diff]
[ELR#6] Add rules into local exclusion table

The local table will match the locally connected routes. Add
those rules when the VPN network is created. The local connected
rules are the link-local address for v6 and the link-local
(169.254.0.0/16) for v4. These rules are hardcoded but it should
depend on what actual subnet the network is which will be
addressed in the following patches.

Sample rule output:

24000:	from all fwmark 0xc0066/0xcffff lookup ipsec1
25000:	from all fwmark 0x0/0x10000 iif lo lookup wlan0_local
27000:	from all fwmark 0x66/0xffff lookup wlan0

$ adb shell ip ro sh table wlan0_local
adb shell ip ro sh table wlan0_local
169.254.0.0/16 dev wlan0 proto static scope link

$ adb shell ip -6 ro sh table wlan0_local
fd00::/10 dev wlan0 proto static metric 1024 pref medium

Bug: 184750836
Test: cd system/netd ; atest
Test: atest HostsideVpnTests
Change-Id: Idb2188b05c2568c72c155a39d3c9f1cb6e3fa150
3 files changed
tree: d0d770bc61c55c81ca3da6864e8eb284ecbfb9ff
  1. bpf_progs/
  2. client/
  3. include/
  4. libnetdbpf/
  5. netutils_wrappers/
  6. server/
  7. tests/
  8. .clang-format ⇨ ../../build/soong/scripts/system-clang-format
  9. .editorconfig
  10. Android.bp
  11. NOTICE
  12. OWNERS
  13. PREUPLOAD.cfg
  14. TEST_MAPPING