release/src/router/openvpn/src/openvpn/route.h

   1 /*
   2  *  OpenVPN -- An application to securely tunnel IP networks
   3  *             over a single TCP/UDP port, with support for SSL/TLS-based
   4  *             session authentication and key exchange,
   5  *             packet encryption, packet authentication, and
   6  *             packet compression.
   7  *
   8  *  Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
   9  *
  10  *  This program is free software; you can redistribute it and/or modify
  11  *  it under the terms of the GNU General Public License version 2
  12  *  as published by the Free Software Foundation.
  13  *
  14  *  This program is distributed in the hope that it will be useful,
  15  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  *  GNU General Public License for more details.
  18  *
  19  *  You should have received a copy of the GNU General Public License
  20  *  along with this program (see the file COPYING included with this
  21  *  distribution); if not, write to the Free Software Foundation, Inc.,
  22  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  23  */
  24
  25 /*
  26  * Support routines for adding/deleting network routes.
  27  */
  28
  29 #ifndef ROUTE_H
  30 #define ROUTE_H
  31
  32 #include "basic.h"
  33 #include "tun.h"
  34 #include "misc.h"
  35
  36 #define MAX_ROUTES_DEFAULT 100
  37
  38 #ifdef WIN32
  39 /*
  40  * Windows route methods
  41  */
  42 #define ROUTE_METHOD_ADAPTIVE  0  /* try IP helper first then route.exe */
  43 #define ROUTE_METHOD_IPAPI     1  /* use IP helper API */
  44 #define ROUTE_METHOD_EXE       2  /* use route.exe */
  45 #define ROUTE_METHOD_MASK      3
  46 #endif
  47
  48 /*
  49  * Route add/delete flags (must stay clear of ROUTE_METHOD bits)
  50  */
  51 #define ROUTE_DELETE_FIRST  (1<<2)
  52 #define ROUTE_REF_GW        (1<<3)
  53
  54 struct route_bypass
  55 {
  56 # define N_ROUTE_BYPASS 8
  57   int n_bypass;
  58   in_addr_t bypass[N_ROUTE_BYPASS];
  59 };
  60
  61 struct route_special_addr
  62 {
  63   /* bits indicating which members below are defined */
  64 # define RTSA_REMOTE_ENDPOINT  (1<<0)
  65 # define RTSA_REMOTE_HOST      (1<<1)
  66 # define RTSA_DEFAULT_METRIC   (1<<2)
  67   unsigned int flags;
  68
  69   in_addr_t remote_endpoint;
  70   in_addr_t remote_host;
  71   int remote_host_local;  /* TLA_x value */
  72   struct route_bypass bypass;
  73   int default_metric;
  74 };
  75
  76 struct route_option {
  77   const char *network;
  78   const char *netmask;
  79   const char *gateway;
  80   const char *metric;
  81 };
  82
  83 /* redirect-gateway flags */
  84 #define RG_ENABLE         (1<<0)
  85 #define RG_LOCAL          (1<<1)
  86 #define RG_DEF1           (1<<2)
  87 #define RG_BYPASS_DHCP    (1<<3)
  88 #define RG_BYPASS_DNS     (1<<4)
  89 #define RG_REROUTE_GW     (1<<5)
  90 #define RG_AUTO_LOCAL     (1<<6)
  91 #define RG_BLOCK_LOCAL    (1<<7)
  92
  93 struct route_option_list {
  94   unsigned int flags;  /* RG_x flags */
  95   int capacity;
  96   int n;
  97   struct route_option routes[EMPTY_ARRAY_SIZE];
  98 };
  99
 100 struct route_ipv6_option {
 101   const char *prefix;           /* e.g. "2001:db8:1::/64" */
 102   const char *gateway;          /* e.g. "2001:db8:0::2" */
 103   const char *metric;           /* e.g. "5" */
 104 };
 105
 106 struct route_ipv6_option_list {
 107   unsigned int flags;
 108   int capacity;
 109   int n;
 110   struct route_ipv6_option routes_ipv6[EMPTY_ARRAY_SIZE];
 111 };
 112
 113 struct route {
 114 # define RT_DEFINED        (1<<0)
 115 # define RT_ADDED          (1<<1)
 116 # define RT_METRIC_DEFINED (1<<2)
 117   unsigned int flags;
 118   const struct route_option *option;
 119   in_addr_t network;
 120   in_addr_t netmask;
 121   in_addr_t gateway;
 122   int metric;
 123 };
 124
 125 struct route_ipv6 {
 126   bool defined;
 127   struct in6_addr network;
 128   unsigned int netbits;
 129   struct in6_addr gateway;
 130   bool metric_defined;
 131   int metric;
 132 };
 133
 134 struct route_ipv6_list {
 135   bool routes_added;
 136   unsigned int flags;
 137   int default_metric;
 138   bool default_metric_defined;
 139   struct in6_addr remote_endpoint_ipv6;
 140   bool remote_endpoint_defined;
 141   bool did_redirect_default_gateway;                    /* TODO (?) */
 142   bool did_local;                                       /* TODO (?) */
 143   int capacity;
 144   int n;
 145   struct route_ipv6 routes_ipv6[EMPTY_ARRAY_SIZE];
 146 };
 147
 148
 149 struct route_gateway_address {
 150   in_addr_t addr;
 151   in_addr_t netmask;
 152 };
 153
 154 struct route_gateway_info {
 155 # define RGI_ADDR_DEFINED     (1<<0) /* set if gateway.addr defined */
 156 # define RGI_NETMASK_DEFINED  (1<<1) /* set if gateway.netmask defined */
 157 # define RGI_HWADDR_DEFINED   (1<<2) /* set if hwaddr is defined */
 158 # define RGI_IFACE_DEFINED    (1<<3) /* set if iface is defined */
 159 # define RGI_OVERFLOW         (1<<4) /* set if more interface addresses than will fit in addrs */
 160 # define RGI_ON_LINK          (1<<5)
 161   unsigned int flags;
 162
 163   /* gateway interface */
 164 # ifdef WIN32
 165   DWORD adapter_index;  /* interface or ~0 if undefined */
 166 #else
 167   char iface[16]; /* interface name (null terminated), may be empty */
 168 #endif
 169
 170   /* gateway interface hardware address */
 171   uint8_t hwaddr[6];
 172
 173   /* gateway/router address */
 174   struct route_gateway_address gateway;
 175
 176   /* address/netmask pairs bound to interface */
 177 # define RGI_N_ADDRESSES 8
 178   int n_addrs; /* len of addrs, may be 0 */
 179   struct route_gateway_address addrs[RGI_N_ADDRESSES]; /* local addresses attached to iface */
 180 };
 181
 182 struct route_list {
 183 # define RL_DID_REDIRECT_DEFAULT_GATEWAY (1<<0)
 184 # define RL_DID_LOCAL                    (1<<1)
 185 # define RL_ROUTES_ADDED                 (1<<2)
 186   unsigned int iflags;
 187
 188   struct route_special_addr spec;
 189   struct route_gateway_info rgi;
 190   unsigned int flags;     /* RG_x flags */
 191   int capacity;
 192   int n;
 193   struct route routes[EMPTY_ARRAY_SIZE];
 194 };
 195
 196 #if P2MP
 197 /* internal OpenVPN route */
 198 struct iroute {
 199   in_addr_t network;
 200   int netbits;
 201   struct iroute *next;
 202 };
 203
 204 struct iroute_ipv6 {
 205   struct in6_addr network;
 206   unsigned int netbits;
 207   struct iroute_ipv6 *next;
 208 };
 209 #endif
 210
 211 struct route_option_list *new_route_option_list (const int max_routes, struct gc_arena *a);
 212 struct route_ipv6_option_list *new_route_ipv6_option_list (const int max_routes, struct gc_arena *a);
 213
 214 struct route_option_list *clone_route_option_list (const struct route_option_list *src, struct gc_arena *a);
 215 struct route_ipv6_option_list *clone_route_ipv6_option_list (const struct route_ipv6_option_list *src, struct gc_arena *a);
 216 void copy_route_option_list (struct route_option_list *dest, const struct route_option_list *src);
 217 void copy_route_ipv6_option_list (struct route_ipv6_option_list *dest,
 218                                   const struct route_ipv6_option_list *src);
 219
 220 struct route_list *new_route_list (const int max_routes, struct gc_arena *a);
 221 struct route_ipv6_list *new_route_ipv6_list (const int max_routes, struct gc_arena *a);
 222
 223 void add_route_ipv6 (struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es);
 224 void delete_route_ipv6 (const struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es);
 225
 226 void add_route (struct route *r,
 227                 const struct tuntap *tt,
 228                 unsigned int flags,
 229                 const struct route_gateway_info *rgi,
 230                 const struct env_set *es);
 231
 232 void add_route_to_option_list (struct route_option_list *l,
 233                                const char *network,
 234                                const char *netmask,
 235                                const char *gateway,
 236                                const char *metric);
 237
 238 void add_route_ipv6_to_option_list (struct route_ipv6_option_list *l,
 239                                const char *prefix,
 240                                const char *gateway,
 241                                const char *metric);
 242
 243 bool init_route_list (struct route_list *rl,
 244                       const struct route_option_list *opt,
 245                       const char *remote_endpoint,
 246                       int default_metric,
 247                       in_addr_t remote_host,
 248                       struct env_set *es);
 249
 250 bool init_route_ipv6_list (struct route_ipv6_list *rl6,
 251                       const struct route_ipv6_option_list *opt6,
 252                       const char *remote_endpoint,
 253                       int default_metric,
 254                       struct env_set *es);
 255
 256 void route_list_add_vpn_gateway (struct route_list *rl,
 257                                  struct env_set *es,
 258                                  const in_addr_t addr);
 259
 260 void add_routes (struct route_list *rl,
 261                  struct route_ipv6_list *rl6,
 262                  const struct tuntap *tt,
 263                  unsigned int flags,
 264                  const struct env_set *es);
 265
 266 void delete_routes (struct route_list *rl,
 267                     struct route_ipv6_list *rl6,
 268                     const struct tuntap *tt,
 269                     unsigned int flags,
 270                     const struct env_set *es);
 271
 272 void setenv_routes (struct env_set *es, const struct route_list *rl);
 273 void setenv_routes_ipv6 (struct env_set *es, const struct route_ipv6_list *rl6);
 274
 275
 276
 277 bool is_special_addr (const char *addr_str);
 278
 279 void get_default_gateway (struct route_gateway_info *rgi);
 280 void print_default_gateway(const int msglevel, const struct route_gateway_info *rgi);
 281
 282 /*
 283  * Test if addr is reachable via a local interface (return ILA_LOCAL),
 284  * or if it needs to be routed via the default gateway (return
 285  * ILA_NONLOCAL).  If the current platform doesn't implement this
 286  * function, return ILA_NOT_IMPLEMENTED.
 287  */
 288 #define TLA_NOT_IMPLEMENTED 0
 289 #define TLA_NONLOCAL        1
 290 #define TLA_LOCAL           2
 291 int test_local_addr (const in_addr_t addr, const struct route_gateway_info *rgi);
 292
 293 #ifndef ENABLE_SMALL
 294 void print_route_options (const struct route_option_list *rol,
 295                           int level);
 296 #endif
 297
 298 void print_routes (const struct route_list *rl, int level);
 299
 300 #ifdef WIN32
 301
 302 void show_routes (int msglev);
 303 bool test_routes (const struct route_list *rl, const struct tuntap *tt);
 304 bool add_route_ipapi (const struct route *r, const struct tuntap *tt, DWORD adapter_index);
 305 bool del_route_ipapi (const struct route *r, const struct tuntap *tt);
 306
 307 #else
 308 static inline bool test_routes (const struct route_list *rl, const struct tuntap *tt) { return true; }
 309 #endif
 310
 311 bool netmask_to_netbits (const in_addr_t network, const in_addr_t netmask, int *netbits);
 312
 313 static inline in_addr_t
 314 netbits_to_netmask (const int netbits)
 315 {
 316   const int addrlen = sizeof (in_addr_t) * 8;
 317   in_addr_t mask = 0;
 318   if (netbits > 0 && netbits <= addrlen)
 319     mask = IPV4_NETMASK_HOST << (addrlen-netbits);
 320   return mask;
 321 }
 322
 323 static inline bool
 324 route_list_vpn_gateway_needed (const struct route_list *rl)
 325 {
 326   if (!rl)
 327     return false;
 328   else
 329     return !(rl->spec.flags & RTSA_REMOTE_ENDPOINT);
 330 }
 331
 332 static inline int
 333 route_did_redirect_default_gateway(const struct route_list *rl)
 334 {
 335   return rl && BOOL_CAST(rl->iflags & RL_DID_REDIRECT_DEFAULT_GATEWAY);
 336 }
 337
 338 #endif