diff mbox series

[Openvpn-devel,v4] redirect-gateway: only redirect traffic through TUN if address families match

Message ID 20251011111417.11802-1-gert@greenie.muc.de
State New
Headers show
Series [Openvpn-devel,v4] redirect-gateway: only redirect traffic through TUN if address families match | expand

Commit Message

Gert Doering Oct. 11, 2025, 11:14 a.m. UTC 
From: Marco Baffo <marco@mandelbit.com>

Adds a check in do_init_route_ipv6_list() to add default routes toward the TUN
only if the TUN has IPv6 addresses.

Github: fixes OpenVPN/openvpn#850
github.com/OpenVPN/openvpn/issues/850

Change-Id: Ib3458a9ed2eb38e00184c4a92659b83b97fe476c
Signed-off-by: mrbff <marco@mandelbit.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1210
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1210
This mail reflects revision 4 of this Change.

Signed-off-by line for the author was added as per our policy.

Acked-by according to Gerrit (reflected above):
Gert Doering <gert@greenie.muc.de>

Comments

Gert Doering Oct. 11, 2025, 11:48 a.m. UTC | #1 
So, this is still fixing an edge case when reconnecting and having
stale data around - a better fix, I think, would be to properly extend
pre-connect save/restore to the RG flags (and remove this check again)
- but for now, it does the job.  I have added a reference to the
new GH issue (863) for the subsequent cleanup.

Not tested beyond "BB confirms it's not breaking platforms" and a bit
of stare-at-code.

Your patch has been applied to the master branch.

commit 1b423f508e7ebf70e711c90bc9cf2e57c1f197f0
Author: Marco Baffo
Date:   Sat Oct 11 13:14:11 2025 +0200

     redirect-gateway: only redirect traffic through TUN if address families match

     Signed-off-by: mrbff <marco@mandelbit.com>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1210
     Message-Id: <20251011111417.11802-1-gert@greenie.muc.de>
     URL: https://sourceforge.net/p/openvpn/mailman/message/59245295/
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering
diff mbox series

Patch

diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index f8a0fee..aaa0573 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -1523,7 +1523,7 @@ 
 
     /* redirect (IPv6) gateway to VPN?  if yes, add a few more specifics
      */
-    if (options->routes_ipv6->flags & RG_REROUTE_GW)
+    if (options->routes_ipv6->flags & RG_REROUTE_GW && options->ifconfig_ipv6_local)
     {
         char *opt_list[] = { "::/3", "2000::/4", "3000::/4", "fc00::/7", NULL };
         int i;