summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2014-01-26 03:37:36 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2014-01-26 03:37:36 +0100
commit53d331406d6b1cbe934528f87023b87887993e0e (patch)
tree7d8406c0bfc3ec9521c49d60ad977765280d8ceb
parentcc498848b36b347aa9b710ab55c1fcc8643a4633 (diff)
downloadfastd-53d331406d6b1cbe934528f87023b87887993e0e.tar
fastd-53d331406d6b1cbe934528f87023b87887993e0e.zip
Add support for setting packet marks
-rw-r--r--cmake/config.cmake1
-rw-r--r--src/config.c5
-rw-r--r--src/config.y7
-rw-r--r--src/fastd.h1
-rw-r--r--src/fastd_config.h.in1
-rw-r--r--src/lex.c2
-rw-r--r--src/socket.c9
7 files changed, 26 insertions, 0 deletions
diff --git a/cmake/config.cmake b/cmake/config.cmake
index 110ad1a..96b39bc 100644
--- a/cmake/config.cmake
+++ b/cmake/config.cmake
@@ -8,6 +8,7 @@ endif()
set(USE_BINDTODEVICE ${LINUX})
set(USE_PMTU ${LINUX})
set(USE_PKTINFO ${LINUX})
+set(USE_PACKET_MARK ${LINUX})
if(${CMAKE_SYSTEM_NAME} MATCHES "OpenBSD")
set(USE_MULTIAF_BIND FALSE)
diff --git a/src/config.c b/src/config.c
index 9e04299..66b69c7 100644
--- a/src/config.c
+++ b/src/config.c
@@ -554,6 +554,11 @@ void fastd_config_check(fastd_context_t *ctx, fastd_config_t *conf) {
exit_error(ctx, "config error: setting pmtu is not supported on this system");
#endif
+#ifndef USE_PACKET_MARK
+ if (conf->packet_mark)
+ exit_error(ctx, "config error: setting a packet mark is not supported on this system");
+#endif
+
if (!conf->method_list) {
pr_warn(ctx, "no encryption method configured, falling back to method `null' (unencrypted)");
fastd_config_method(ctx, conf, "null");
diff --git a/src/config.y b/src/config.y
index 94d8320..a14794f 100644
--- a/src/config.y
+++ b/src/config.y
@@ -95,11 +95,13 @@
%token TOK_LIMIT
%token TOK_LOG
%token TOK_MAC
+%token TOK_MARK
%token TOK_METHOD
%token TOK_MODE
%token TOK_MTU
%token TOK_NO
%token TOK_ON
+%token TOK_PACKET
%token TOK_PEER
%token TOK_PEERS
%token TOK_PMTU
@@ -175,6 +177,7 @@ statement: peer_group_statement
| TOK_HIDE hide ';'
| TOK_INTERFACE interface ';'
| TOK_BIND bind ';'
+ | TOK_PACKET TOK_MARK packet_mark ';'
| TOK_MTU mtu ';'
| TOK_PMTU pmtu ';'
| TOK_MODE mode ';'
@@ -328,6 +331,10 @@ bind_default:
}
;
+packet_mark: TOK_UINT {
+ conf->packet_mark = $1;
+ }
+
mtu: TOK_UINT {
if ($1 < 576 || $1 > 65535) {
fastd_config_error(&@$, ctx, conf, filename, depth, "invalid MTU");
diff --git a/src/fastd.h b/src/fastd.h
index 268c2c7..f713841 100644
--- a/src/fastd.h
+++ b/src/fastd.h
@@ -172,6 +172,7 @@ struct fastd_config {
uint16_t mtu;
fastd_mode_t mode;
+ uint32_t packet_mark;
bool forward;
fastd_tristate_t pmtu;
bool secure_handshakes_set;
diff --git a/src/fastd_config.h.in b/src/fastd_config.h.in
index 8a6ae22..29384cd 100644
--- a/src/fastd_config.h.in
+++ b/src/fastd_config.h.in
@@ -35,6 +35,7 @@
#cmakedefine USE_BINDTODEVICE
#cmakedefine USE_PMTU
#cmakedefine USE_PKTINFO
+#cmakedefine USE_PACKET_MARK
#cmakedefine USE_MULTIAF_BIND
diff --git a/src/lex.c b/src/lex.c
index b22bf40..bf54b6f 100644
--- a/src/lex.c
+++ b/src/lex.c
@@ -82,11 +82,13 @@ static const keyword_t keywords[] = {
{ "limit", TOK_LIMIT },
{ "log", TOK_LOG },
{ "mac", TOK_MAC },
+ { "mark", TOK_MARK },
{ "method", TOK_METHOD },
{ "mode", TOK_MODE },
{ "mtu", TOK_MTU },
{ "no", TOK_NO },
{ "on", TOK_ON },
+ { "packet", TOK_PACKET },
{ "peer", TOK_PEER },
{ "peers", TOK_PEERS },
{ "pmtu", TOK_PMTU },
diff --git a/src/socket.c b/src/socket.c
index 06d270d..af99894 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -96,6 +96,15 @@ static int bind_socket(fastd_context_t *ctx, const fastd_bind_address_t *addr, b
}
#endif
+#ifdef USE_PACKET_MARK
+ if (ctx->conf->packet_mark) {
+ if (setsockopt(fd, SOL_SOCKET, SO_MARK, &ctx->conf->packet_mark, sizeof(ctx->conf->packet_mark))) {
+ pr_error_errno(ctx, "setsockopt: unable to set packet mark");
+ goto error;
+ }
+ }
+#endif
+
fastd_peer_address_t bind_address = addr->addr;
if (bind_address.sa.sa_family == AF_UNSPEC) {