From patchwork Sun Nov 5 06:34:09 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Selva Nair X-Patchwork-Id: 48 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director4.mail.ord1d.rsapps.net ([172.30.191.6]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id K5nrG8RL/1m0CQAAgoeIoA for ; Sun, 05 Nov 2017 12:35:00 -0500 Received: from proxy2.mail.ord1d.rsapps.net ([172.30.191.6]) by director4.mail.ord1d.rsapps.net (Dovecot) with LMTP id u3fDG8RL/1nIQwAAHDmxtw ; Sun, 05 Nov 2017 12:35:00 -0500 Received: from smtp24.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy2.mail.ord1d.rsapps.net (Dovecot) with LMTP id imV6GsRL/1lNNwAAfawv4w ; Sun, 05 Nov 2017 12:35:00 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-MessageSniffer-Scan-Result: 0 X-MessageSniffer-Rules: 0-298-1068-1276-w 0-298-1068-1640-w 0-298-0-12823-f X-CMAE-Scan-Result: 0 X-CNFS-Analysis: v=2.2 cv=V+c/6qvi c=1 sm=1 tr=0 a=Q8DxjiC8O3VT/NpP1XjEZQ==:117 a=Q8DxjiC8O3VT/NpP1XjEZQ==:17 a=kj9zAlcOel0A:10 a=x7bEGLp0ZPQA:10 a=yLqVZIfK32oA:10 a=sC3jslCIGhcA:10 a=WiVod9pSvdkA:10 a=pGLkceISAAAA:8 a=9sSjY8p1AAAA:8 a=P_JWiMecAAAA:8 a=FP58Ms26AAAA:8 a=Sc_hHwo75Q-r7UUQEIsA:9 a=CjuIK1q_8ugA:10 a=-FEs8UIgK8oA:10 a=NWVoK91CQyQA:10 a=ub54wNWiXv_DzeFsgEJW:22 a=D0-HAvA3Hk9NMREbgwuX:22 X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.34.181.88] Authentication-Results: smtp24.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.34.181.88"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Classification-ID: a609a014-c24f-11e7-a661-52540091a1c4-1-1 Received: from [216.34.181.88] ([216.34.181.88:9403] helo=lists.sourceforge.net) by smtp24.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id FF/C1-22993-4CB4FF95; Sun, 05 Nov 2017 12:35:00 -0500 Received: from localhost ([127.0.0.1] helo=sfs-ml-3.v29.ch3.sourceforge.com) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1eBOoY-00083P-VP; Sun, 05 Nov 2017 17:34:30 +0000 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.89) (envelope-from ) id 1eBOoY-00083J-LW for openvpn-devel@lists.sourceforge.net; Sun, 05 Nov 2017 17:34:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=h6aH7xbRTjv2O4dQ5WTHoTc/M3i5ut7aJyinV20udnM=; b=LavF6Qde62dj6cG6hpz6qOafedf7gPhGDfSZwDiaSK41lBGD9ffMT5qBt0oEFb1IEeRe6Z7wT0+jTi+HeIpSK1lYB9qOKpAdoobtaeSdekyLt0Ixz4fbOgSpFn/BzgnR94bldtyKdapZ3RkeUGqmrOLISdADFo4IAOauU36fRjM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=h6aH7xbRTjv2O4dQ5WTHoTc/M3i5ut7aJyinV20udnM=; b=DZXW9iCV3Kios2ynGHQtWEmQ9njLXmJESBZxQdQ64ILt+l/InqtIyo9e3a9+dTohWS0PiOMw5c0IRmU+ni7MJW6NABAELACiTGS4TBIvblqwU9nwWxpZMA2GlCK7J4GbkbiEyoepKhasPxozxJpBVc3PSeH2EIEHZWLaq3PlI6A=; Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.214.65 as permitted sender) client-ip=209.85.214.65; envelope-from=selva.nair@gmail.com; helo=mail-it0-f65.google.com; Received: from mail-it0-f65.google.com ([209.85.214.65]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:AES128-SHA:128) (Exim 4.76) id 1eBOoX-0000XB-Qu for openvpn-devel@lists.sourceforge.net; Sun, 05 Nov 2017 17:34:30 +0000 Received: by mail-it0-f65.google.com with SMTP id n195so2730079itg.0 for ; Sun, 05 Nov 2017 09:34:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=h6aH7xbRTjv2O4dQ5WTHoTc/M3i5ut7aJyinV20udnM=; b=evVmMhGjELl5XKsQwg3vu/sJlfFILGpB3JI3iyfAKiS4yBLiw8AteXZ6dnX/8AgMut 5rfVLWtw7n350ubAZBntGivJER1k13vctCuySz9+sBPGm7i/d51vMh8ZqSNF6o4bT0aK dzmGJDnb99niOyA87zcK6aj+tIeRG72o+vXPJIQbp7/+vtHZL3yuwbH/g3RGMOPSnCxt q5FU+oZM1CH+qTwMovI5qBXTp4u7EYSbn9bsu4JQTzlzjUNv8IgEuAsyG5PPLak7SUt7 MnuYl95G1eCl5uH7w9e9J8rVCPtFk43zVHWZpPbdFtGR9NLCJGqWGtL+tjFAyPgYHt2E cUvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=h6aH7xbRTjv2O4dQ5WTHoTc/M3i5ut7aJyinV20udnM=; b=LGGnGMULc7RrXBivXw14bTCB0l42Ge2iHBXkWLXTsuPicy9qvehSwrmbWYgRT92He6 e0YIawJWo115KcNSGvSldrD1vmsg+cnSYY4f5OqswiY1EYMiEGS8MXefyU6e17kaOFXR DWvVv7/zwN1M1GyN1Xun3tO8f3QJnskkj5xI90nDymlsEPe97dEL2CXYVFNJo2v5tvLz jI9BCJKUFJzvk4cRvkwVS2pPTNCxH8eebpR0f15qIRKPWWVYI+xybyazTRn5NqupBvwM JfUA+2hZUEZIDTxhGqEt0WLwqjkkJvRO2eFcDut0w8y03viWbjiiYe+Mvd2kztRcU3dx e2Hw== X-Gm-Message-State: AJaThX5Y3z33eDK6OJC1pCQxSL84nu3atbxKgMlgfmNnvvnz0Yj1rvzP RTdiA9Ij9aFMmA9zNHpa1lh+FA58 X-Google-Smtp-Source: ABhQp+TBdgRrwlzCRUAZrdNlQlAvRuvj6A9rQ6GjbZY/c1XSdwXOs/2kF7pmFFP88g5bywrmx4shIg== X-Received: by 10.36.107.69 with SMTP id v66mr6385761itc.95.1509903264202; Sun, 05 Nov 2017 09:34:24 -0800 (PST) Received: from saturn.home.sansel.ca (CPE40167ea0e1c2-CM788df74daaa0.cpe.net.cable.rogers.com. [99.228.215.92]) by smtp.gmail.com with ESMTPSA id i62sm4761828ioe.31.2017.11.05.09.34.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 05 Nov 2017 09:34:23 -0800 (PST) From: selva.nair@gmail.com To: openvpn-devel@lists.sourceforge.net Date: Sun, 5 Nov 2017 12:34:09 -0500 Message-Id: <1509903249-10979-1-git-send-email-selva.nair@gmail.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <20171105171135.GL958@greenie.muc.de> References: <20171105171135.GL958@greenie.muc.de> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [209.85.214.65 listed in list.dnswl.org] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (selva.nair[at]gmail.com) 0.5 RCVD_IN_SORBS_SPAM RBL: SORBS: sender is a spam source [209.85.214.65 listed in dnsbl.sorbs.net] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1eBOoX-0000XB-Qu Subject: [Openvpn-devel] [PATCH] Use lowest metric interface when multiple interfaces match a route X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Selva Nair Currently a route addition using IPAPI or service is skipped if the route gateway is reachable by multiple interfaces. This changes that to use the interface with lowest metric. Reported by Jan Just Keijser Signed-off-by: Selva Nair --- src/openvpn/route.c | 3 +-- src/openvpn/tun.c | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 8c71e6e..3937018 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -2729,7 +2729,7 @@ get_default_gateway(struct route_gateway_info *rgi) if (rgi->gateway.addr) { rgi->flags |= RGI_ADDR_DEFINED; - a_index = adapter_index_of_ip(adapters, rgi->gateway.addr, NULL, &rgi->gateway.netmask); + a_index = dwForwardIfIndex; if (a_index != TUN_ADAPTER_INDEX_INVALID) { rgi->adapter_index = a_index; @@ -2780,7 +2780,6 @@ windows_route_find_if_index(const struct route_ipv4 *r, const struct tuntap *tt) msg(M_WARN, "Warning: route gateway is ambiguous: %s (%d matches)", print_in_addr_t(r->gateway, 0, &gc), count); - ret = TUN_ADAPTER_INDEX_INVALID; } dmsg(D_ROUTE_DEBUG, "DEBUG: route find if: on_tun=%d count=%d index=%d", diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 3639718..d0461ef 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -45,6 +45,7 @@ #include "manage.h" #include "route.h" #include "win32.h" +#include "block_dns.h" #include "memdbg.h" @@ -4483,6 +4484,7 @@ adapter_index_of_ip(const IP_ADAPTER_INFO *list, struct gc_arena gc = gc_new(); DWORD ret = TUN_ADAPTER_INDEX_INVALID; in_addr_t highest_netmask = 0; + int lowest_metric = INT_MAX; bool first = true; if (count) @@ -4496,9 +4498,11 @@ adapter_index_of_ip(const IP_ADAPTER_INFO *list, if (is_ip_in_adapter_subnet(list, ip, &hn)) { + int metric = get_interface_metric(list->Index, AF_INET); if (first || hn > highest_netmask) { highest_netmask = hn; + lowest_metric = metric; if (count) { *count = 1; @@ -4512,16 +4516,22 @@ adapter_index_of_ip(const IP_ADAPTER_INFO *list, { ++*count; } + if (metric < lowest_metric) + { + ret = list->Index; + lowest_metric = metric; + } } } list = list->Next; } - dmsg(D_ROUTE_DEBUG, "DEBUG: IP Locate: ip=%s nm=%s index=%d count=%d", + dmsg(D_ROUTE_DEBUG, "DEBUG: IP Locate: ip=%s nm=%s index=%d count=%d metric=%d", print_in_addr_t(ip, 0, &gc), print_in_addr_t(highest_netmask, 0, &gc), (int)ret, - count ? *count : -1); + count ? *count : -1, + metric); if (ret == TUN_ADAPTER_INDEX_INVALID && count) {