OpenVPN
route.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 /*
25  * Support routines for adding/deleting network routes.
26  */
27 
28 #ifndef ROUTE_H
29 #define ROUTE_H
30 
31 #include "basic.h"
32 #include "tun.h"
33 #include "misc.h"
34 
35 #ifdef _WIN32
36 /*
37  * Windows route methods
38  */
39 #define ROUTE_METHOD_ADAPTIVE 0 /* try IP helper first then route.exe */
40 #define ROUTE_METHOD_IPAPI 1 /* use IP helper API */
41 #define ROUTE_METHOD_EXE 2 /* use route.exe */
42 #define ROUTE_METHOD_SERVICE 3 /* use the privileged Windows service */
43 #define ROUTE_METHOD_MASK 3
44 #endif
45 
46 /*
47  * Route add/delete flags (must stay clear of ROUTE_METHOD bits)
48  */
49 #define ROUTE_DELETE_FIRST (1<<2)
50 #define ROUTE_REF_GW (1<<3)
51 
53 {
54 #define N_ROUTE_BYPASS 8
55  int n_bypass;
57 };
58 
60 {
61  /* bits indicating which members below are defined */
62 #define RTSA_REMOTE_ENDPOINT (1<<0)
63 #define RTSA_REMOTE_HOST (1<<1)
64 #define RTSA_DEFAULT_METRIC (1<<2)
65  unsigned int flags;
66 
69  int remote_host_local; /* TLA_x value */
72 };
73 
74 struct route_option {
75  struct route_option *next;
76  const char *network;
77  const char *netmask;
78  const char *gateway;
79  const char *metric;
80 };
81 
82 /* redirect-gateway flags */
83 #define RG_ENABLE (1<<0)
84 #define RG_LOCAL (1<<1)
85 #define RG_DEF1 (1<<2)
86 #define RG_BYPASS_DHCP (1<<3)
87 #define RG_BYPASS_DNS (1<<4)
88 #define RG_REROUTE_GW (1<<5)
89 #define RG_AUTO_LOCAL (1<<6)
90 #define RG_BLOCK_LOCAL (1<<7)
91 
93  unsigned int flags; /* RG_x flags */
95  struct gc_arena *gc;
96 };
97 
100  const char *prefix; /* e.g. "2001:db8:1::/64" */
101  const char *gateway; /* e.g. "2001:db8:0::2" */
102  const char *metric; /* e.g. "5" */
103 };
104 
106  unsigned int flags; /* RG_x flags, see route_option-list */
108  struct gc_arena *gc;
109 };
110 
111 struct route_ipv4 {
112 #define RT_DEFINED (1<<0)
113 #define RT_ADDED (1<<1)
114 #define RT_METRIC_DEFINED (1<<2)
115  struct route_ipv4 *next;
116  unsigned int flags;
117  const struct route_option *option;
121  int metric;
122 };
123 
124 struct route_ipv6 {
125  struct route_ipv6 *next;
126  unsigned int flags; /* RT_ flags, see route_ipv4 */
127  struct in6_addr network;
128  unsigned int netbits;
129  struct in6_addr gateway;
130  int metric;
131  /* gateway interface */
132 #ifdef _WIN32
133  DWORD adapter_index; /* interface or ~0 if undefined */
134 #else
135  char *iface; /* interface name (null terminated) */
136 #endif
137 };
138 
139 
143 };
144 
146 #define RGI_ADDR_DEFINED (1<<0) /* set if gateway.addr defined */
147 #define RGI_NETMASK_DEFINED (1<<1) /* set if gateway.netmask defined */
148 #define RGI_HWADDR_DEFINED (1<<2) /* set if hwaddr is defined */
149 #define RGI_IFACE_DEFINED (1<<3) /* set if iface is defined */
150 #define RGI_OVERFLOW (1<<4) /* set if more interface addresses than will fit in addrs */
151 #define RGI_ON_LINK (1<<5)
152  unsigned int flags;
153 
154  /* gateway interface */
155 #ifdef _WIN32
156  DWORD adapter_index; /* interface or ~0 if undefined */
157 #else
158  char iface[16]; /* interface name (null terminated), may be empty */
159 #endif
160 
161  /* gateway interface hardware address */
162  uint8_t hwaddr[6];
163 
164  /* gateway/router address */
165  struct route_gateway_address gateway;
166 
167  /* address/netmask pairs bound to interface */
168 #define RGI_N_ADDRESSES 8
169  int n_addrs; /* len of addrs, may be 0 */
170  struct route_gateway_address addrs[RGI_N_ADDRESSES]; /* local addresses attached to iface */
171 };
172 
174  struct in6_addr addr_ipv6;
176 };
177 
179 /* RGI_ flags used as in route_gateway_info */
180  unsigned int flags;
181 
182  /* gateway interface */
183 #ifdef _WIN32
184  DWORD adapter_index; /* interface or ~0 if undefined */
185 #else
186  char iface[16]; /* interface name (null terminated), may be empty */
187 #endif
188 
189  /* gateway interface hardware address */
190  uint8_t hwaddr[6];
191 
192  /* gateway/router address */
194 
195  /* address/netmask pairs bound to interface */
196 #define RGI_N_ADDRESSES 8
197  int n_addrs; /* len of addrs, may be 0 */
198  struct route_ipv6_gateway_address addrs[RGI_N_ADDRESSES]; /* local addresses attached to iface */
199 };
200 
201 struct route_list {
202 #define RL_DID_REDIRECT_DEFAULT_GATEWAY (1<<0)
203 #define RL_DID_LOCAL (1<<1)
204 #define RL_ROUTES_ADDED (1<<2)
205  unsigned int iflags;
206 
207  struct route_special_addr spec;
208  struct route_gateway_info rgi;
209  unsigned int flags; /* RG_x flags */
211  struct gc_arena gc;
212 };
213 
215  unsigned int iflags; /* RL_ flags, see route_list */
216 
217  unsigned int spec_flags; /* RTSA_ flags, route_special_addr */
218  struct in6_addr remote_endpoint_ipv6; /* inside tun */
219  struct in6_addr remote_host_ipv6; /* --remote address */
221 
223  unsigned int flags; /* RG_x flags, see route_option_list */
225  struct gc_arena gc;
226 };
227 
228 #if P2MP
229 /* internal OpenVPN route */
230 struct iroute {
232  int netbits;
233  struct iroute *next;
234 };
235 
236 struct iroute_ipv6 {
237  struct in6_addr network;
238  unsigned int netbits;
239  struct iroute_ipv6 *next;
240 };
241 #endif
242 
244 
246 
247 struct route_option_list *clone_route_option_list(const struct route_option_list *src, struct gc_arena *a);
248 
250 
251 void copy_route_option_list(struct route_option_list *dest, const struct route_option_list *src, struct gc_arena *a);
252 
254  const struct route_ipv6_option_list *src,
255  struct gc_arena *a);
256 
257 void route_ipv6_clear_host_bits( struct route_ipv6 *r6 );
258 
259 void add_route_ipv6(struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx);
260 
261 void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx);
262 
263 void add_route(struct route_ipv4 *r,
264  const struct tuntap *tt,
265  unsigned int flags,
266  const struct route_gateway_info *rgi,
267  const struct env_set *es,
268  openvpn_net_ctx_t *ctx);
269 
271  const char *network,
272  const char *netmask,
273  const char *gateway,
274  const char *metric);
275 
277  const char *prefix,
278  const char *gateway,
279  const char *metric);
280 
281 bool init_route_list(struct route_list *rl,
282  const struct route_option_list *opt,
283  const char *remote_endpoint,
284  int default_metric,
285  in_addr_t remote_host,
286  struct env_set *es,
287  openvpn_net_ctx_t *ctx);
288 
289 bool init_route_ipv6_list(struct route_ipv6_list *rl6,
290  const struct route_ipv6_option_list *opt6,
291  const char *remote_endpoint,
292  int default_metric,
293  const struct in6_addr *remote_host,
294  struct env_set *es);
295 
296 void route_list_add_vpn_gateway(struct route_list *rl,
297  struct env_set *es,
298  const in_addr_t addr);
299 
300 void add_routes(struct route_list *rl,
301  struct route_ipv6_list *rl6,
302  const struct tuntap *tt,
303  unsigned int flags,
304  const struct env_set *es,
305  openvpn_net_ctx_t *ctx);
306 
307 void delete_routes(struct route_list *rl,
308  struct route_ipv6_list *rl6,
309  const struct tuntap *tt,
310  unsigned int flags,
311  const struct env_set *es,
312  openvpn_net_ctx_t *ctx);
313 
314 void setenv_routes(struct env_set *es, const struct route_list *rl);
315 
316 void setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6);
317 
318 
319 
320 bool is_special_addr(const char *addr_str);
321 
322 void get_default_gateway(struct route_gateway_info *rgi,
323  openvpn_net_ctx_t *ctx);
324 
326  const struct in6_addr *dest);
327 
328 void print_default_gateway(const int msglevel,
329  const struct route_gateway_info *rgi,
330  const struct route_ipv6_gateway_info *rgi6);
331 
332 /*
333  * Test if addr is reachable via a local interface (return ILA_LOCAL),
334  * or if it needs to be routed via the default gateway (return
335  * ILA_NONLOCAL). If the current platform doesn't implement this
336  * function, return ILA_NOT_IMPLEMENTED.
337  */
338 #define TLA_NOT_IMPLEMENTED 0
339 #define TLA_NONLOCAL 1
340 #define TLA_LOCAL 2
341 int test_local_addr(const in_addr_t addr, const struct route_gateway_info *rgi);
342 
343 #ifndef ENABLE_SMALL
344 void print_route_options(const struct route_option_list *rol,
345  int level);
346 
347 #endif
348 
349 void print_routes(const struct route_list *rl, int level);
350 
351 #ifdef _WIN32
352 
353 void show_routes(int msglev);
354 
355 bool test_routes(const struct route_list *rl, const struct tuntap *tt);
356 
357 bool add_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt, DWORD adapter_index);
358 
359 bool del_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt);
360 
361 #else /* ifdef _WIN32 */
362 static inline bool
363 test_routes(const struct route_list *rl, const struct tuntap *tt)
364 {
365  return true;
366 }
367 #endif
368 
369 bool netmask_to_netbits(const in_addr_t network, const in_addr_t netmask, int *netbits);
370 
371 int netmask_to_netbits2(in_addr_t netmask);
372 
373 static inline in_addr_t
374 netbits_to_netmask(const int netbits)
375 {
376  const int addrlen = sizeof(in_addr_t) * 8;
377  in_addr_t mask = 0;
378  if (netbits > 0 && netbits <= addrlen)
379  {
380  mask = IPV4_NETMASK_HOST << (addrlen-netbits);
381  }
382  return mask;
383 }
384 
385 static inline bool
387 {
388  if (!rl)
389  {
390  return false;
391  }
392  else
393  {
394  return !(rl->spec.flags & RTSA_REMOTE_ENDPOINT);
395  }
396 }
397 
398 static inline int
400 {
402 }
403 
404 #endif /* ifndef ROUTE_H */
in_addr_t gateway
Definition: route.h:120
in_addr_t addr
Definition: route.h:141
static int route_did_redirect_default_gateway(const struct route_list *rl)
Definition: route.h:399
void get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi, const struct in6_addr *dest)
Definition: route.c:2801
bool test_routes(const struct route_list *rl, const struct tuntap *tt)
Definition: route.c:2626
unsigned int spec_flags
Definition: route.h:217
Definition: tun.h:132
struct iroute * next
Definition: route.h:233
in_addr_t network
Definition: route.h:118
int test_local_addr(const in_addr_t addr, const struct route_gateway_info *rgi)
Definition: route.c:4093
void route_ipv6_clear_host_bits(struct route_ipv6 *r6)
Definition: route.c:1832
struct route_ipv6 * next
Definition: route.h:125
int n_bypass
Definition: route.h:55
unsigned int flags
Definition: route.h:65
void copy_route_option_list(struct route_option_list *dest, const struct route_option_list *src, struct gc_arena *a)
Definition: route.c:154
#define BOOL_CAST(x)
Definition: basic.h:27
unsigned int iflags
Definition: route.h:205
void setenv_routes(struct env_set *es, const struct route_list *rl)
Definition: route.c:1438
struct route_option * routes
Definition: route.h:94
unsigned int flags
Definition: route.h:126
void get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx)
Definition: route.c:2715
in_addr_t bypass[N_ROUTE_BYPASS]
Definition: route.h:56
static in_addr_t netbits_to_netmask(const int netbits)
Definition: route.h:374
in_addr_t netmask
Definition: route.h:142
const char * metric
Definition: route.h:102
static char * iface
bool del_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt)
Definition: route.c:2953
#define in_addr_t
Definition: config-msvc.h:104
#define RL_DID_REDIRECT_DEFAULT_GATEWAY
Definition: route.h:202
const char * gateway
Definition: route.h:78
void * openvpn_net_ctx_t
Definition: networking.h:26
struct route_ipv6_option * routes_ipv6
Definition: route.h:107
struct route_special_addr spec
Definition: route.h:207
unsigned int flags
Definition: route.h:223
struct route_option_list * new_route_option_list(struct gc_arena *a)
Definition: route.c:111
const struct route_option * option
Definition: route.h:117
#define N_ROUTE_BYPASS
Definition: route.h:54
struct route_ipv6 * routes_ipv6
Definition: route.h:224
unsigned int flags
Definition: route.h:209
int netbits
Definition: route.h:232
void print_default_gateway(const int msglevel, const struct route_gateway_info *rgi, const struct route_ipv6_gateway_info *rgi6)
Definition: route.c:1322
list flags
unsigned int netbits
Definition: route.h:128
in_addr_t netmask
Definition: route.h:119
void add_route_to_option_list(struct route_option_list *l, const char *network, const char *netmask, const char *gateway, const char *metric)
Definition: route.c:485
unsigned int iflags
Definition: route.h:215
void add_route_ipv6(struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1855
unsigned int flags
Definition: route.h:152
DWORD adapter_index
Definition: route.h:133
in_addr_t remote_endpoint
Definition: route.h:67
in_addr_t network
Definition: route.h:231
void show_routes(int msglev)
Definition: route.c:3142
bool add_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt, DWORD adapter_index)
Definition: route.c:2871
const char * netmask
Definition: route.h:77
DWORD adapter_index
Definition: route.h:156
unsigned int flags
Definition: route.h:116
struct route_option_list * clone_route_option_list(const struct route_option_list *src, struct gc_arena *a)
Definition: route.c:136
bool netmask_to_netbits(const in_addr_t network, const in_addr_t netmask, int *netbits)
Definition: route.c:3956
void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:2327
void add_route_ipv6_to_option_list(struct route_ipv6_option_list *l, const char *prefix, const char *gateway, const char *metric)
Definition: route.c:503
unsigned int flags
Definition: route.h:180
#define RTSA_REMOTE_ENDPOINT
Definition: route.h:62
struct route_ipv4 * next
Definition: route.h:115
unsigned int flags
Definition: route.h:93
bool is_special_addr(const char *addr_str)
Definition: route.c:287
unsigned int flags
Definition: route.h:106
struct gc_arena * gc
Definition: route.h:108
void add_routes(struct route_list *rl, struct route_ipv6_list *rl6, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1185
unsigned __int8 uint8_t
Definition: config-msvc.h:123
unsigned int netbits
Definition: route.h:238
int metric
Definition: route.h:130
const char * network
Definition: route.h:76
void add_route(struct route_ipv4 *r, const struct tuntap *tt, unsigned int flags, const struct route_gateway_info *rgi, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1545
const char * metric
Definition: route.h:79
void delete_routes(struct route_list *rl, struct route_ipv6_list *rl6, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1243
void print_route_options(const struct route_option_list *rol, int level)
Definition: route.c:1306
bool init_route_ipv6_list(struct route_ipv6_list *rl6, const struct route_ipv6_option_list *opt6, const char *remote_endpoint, int default_metric, const struct in6_addr *remote_host, struct env_set *es)
Definition: route.c:763
struct route_ipv6_option * next
Definition: route.h:99
void print_routes(const struct route_list *rl, int level)
Definition: route.c:1408
struct route_ipv6_option_list * clone_route_ipv6_option_list(const struct route_ipv6_option_list *src, struct gc_arena *a)
Definition: route.c:145
struct gc_arena * gc
Definition: route.h:95
const char * prefix
Definition: route.h:100
Definition: route.h:230
bool init_route_list(struct route_list *rl, const struct route_option_list *opt, const char *remote_endpoint, int default_metric, in_addr_t remote_host, struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:607
struct route_option * next
Definition: route.h:75
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
int netmask_to_netbits2(in_addr_t netmask)
Definition: route.c:3987
static bool route_list_vpn_gateway_needed(const struct route_list *rl)
Definition: route.h:386
int remote_host_local
Definition: route.h:69
const char * gateway
Definition: route.h:101
struct iroute_ipv6 * next
Definition: route.h:239
struct route_ipv6_option_list * new_route_ipv6_option_list(struct gc_arena *a)
Definition: route.c:120
struct route_ipv4 * routes
Definition: route.h:210
char * dest
Definition: compat-lz4.h:431
#define RGI_N_ADDRESSES
Definition: route.h:196
#define IPV4_NETMASK_HOST
Definition: basic.h:35
in_addr_t remote_host
Definition: route.h:68
void setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6)
Definition: route.c:1469
void copy_route_ipv6_option_list(struct route_ipv6_option_list *dest, const struct route_ipv6_option_list *src, struct gc_arena *a)
Definition: route.c:161
int default_metric
Definition: route.h:220
void route_list_add_vpn_gateway(struct route_list *rl, struct env_set *es, const in_addr_t addr)
Definition: route.c:532
int default_metric
Definition: route.h:71
int metric
Definition: route.h:121