OpenVPN
route.h
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
9  *
10  * This program is free software; you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License version 2
12  * as published by the Free Software Foundation.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License along
20  * with this program; if not, write to the Free Software Foundation, Inc.,
21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
22  */
23 
24 /*
25  * Support routines for adding/deleting network routes.
26  */
27 
28 #ifndef ROUTE_H
29 #define ROUTE_H
30 
31 #include "basic.h"
32 #include "tun.h"
33 #include "misc.h"
34 #include "networking.h"
35 
36 #ifdef _WIN32
37 /*
38  * Windows route methods
39  */
40 #define ROUTE_METHOD_ADAPTIVE 0 /* try IP helper first then route.exe */
41 #define ROUTE_METHOD_IPAPI 1 /* use IP helper API */
42 #define ROUTE_METHOD_EXE 2 /* use route.exe */
43 #define ROUTE_METHOD_SERVICE 3 /* use the privileged Windows service */
44 #define ROUTE_METHOD_MASK 3
45 #endif
46 
47 /*
48  * Route add/delete flags (must stay clear of ROUTE_METHOD bits)
49  */
50 #define ROUTE_DELETE_FIRST (1<<2)
51 #define ROUTE_REF_GW (1<<3)
52 
54 {
55 #define N_ROUTE_BYPASS 8
56  int n_bypass;
58 };
59 
61 {
62  /* bits indicating which members below are defined */
63 #define RTSA_REMOTE_ENDPOINT (1<<0)
64 #define RTSA_REMOTE_HOST (1<<1)
65 #define RTSA_DEFAULT_METRIC (1<<2)
66  unsigned int flags;
67 
70  int remote_host_local; /* TLA_x value */
73 };
74 
75 struct route_option {
76  struct route_option *next;
77  const char *network;
78  const char *netmask;
79  const char *gateway;
80  const char *metric;
81 };
82 
83 /* redirect-gateway flags */
84 #define RG_ENABLE (1<<0)
85 #define RG_LOCAL (1<<1)
86 #define RG_DEF1 (1<<2)
87 #define RG_BYPASS_DHCP (1<<3)
88 #define RG_BYPASS_DNS (1<<4)
89 #define RG_REROUTE_GW (1<<5)
90 #define RG_AUTO_LOCAL (1<<6)
91 #define RG_BLOCK_LOCAL (1<<7)
92 
94  unsigned int flags; /* RG_x flags */
96  struct gc_arena *gc;
97 };
98 
101  const char *prefix; /* e.g. "2001:db8:1::/64" */
102  const char *gateway; /* e.g. "2001:db8:0::2" */
103  const char *metric; /* e.g. "5" */
104 };
105 
107  unsigned int flags; /* RG_x flags, see route_option-list */
109  struct gc_arena *gc;
110 };
111 
112 struct route_ipv4 {
113 #define RT_DEFINED (1<<0)
114 #define RT_ADDED (1<<1)
115 #define RT_METRIC_DEFINED (1<<2)
116  struct route_ipv4 *next;
117  unsigned int flags;
118  const struct route_option *option;
122  int metric;
123 };
124 
125 struct route_ipv6 {
126  struct route_ipv6 *next;
127  unsigned int flags; /* RT_ flags, see route_ipv4 */
128  struct in6_addr network;
129  unsigned int netbits;
130  struct in6_addr gateway;
131  int metric;
132  /* gateway interface */
133 #ifdef _WIN32
134  DWORD adapter_index; /* interface or ~0 if undefined */
135 #else
136  char *iface; /* interface name (null terminated) */
137 #endif
138 };
139 
140 
144 };
145 
147 #define RGI_ADDR_DEFINED (1<<0) /* set if gateway.addr defined */
148 #define RGI_NETMASK_DEFINED (1<<1) /* set if gateway.netmask defined */
149 #define RGI_HWADDR_DEFINED (1<<2) /* set if hwaddr is defined */
150 #define RGI_IFACE_DEFINED (1<<3) /* set if iface is defined */
151 #define RGI_OVERFLOW (1<<4) /* set if more interface addresses than will fit in addrs */
152 #define RGI_ON_LINK (1<<5)
153  unsigned int flags;
154 
155  /* gateway interface */
156 #ifdef _WIN32
157  DWORD adapter_index; /* interface or ~0 if undefined */
158 #else
159  char iface[16]; /* interface name (null terminated), may be empty */
160 #endif
161 
162  /* gateway interface hardware address */
163  uint8_t hwaddr[6];
164 
165  /* gateway/router address */
166  struct route_gateway_address gateway;
167 
168  /* address/netmask pairs bound to interface */
169 #define RGI_N_ADDRESSES 8
170  int n_addrs; /* len of addrs, may be 0 */
171  struct route_gateway_address addrs[RGI_N_ADDRESSES]; /* local addresses attached to iface */
172 };
173 
175  struct in6_addr addr_ipv6;
177 };
178 
180 /* RGI_ flags used as in route_gateway_info */
181  unsigned int flags;
182 
183  /* gateway interface */
184 #ifdef _WIN32
185  DWORD adapter_index; /* interface or ~0 if undefined */
186 #else
187  /* non linux platform don't have this constant defined */
188 #ifndef IFNAMSIZ
189 #define IFNAMSIZ 16
190 #endif
191  char iface[IFNAMSIZ]; /* interface name (null terminated), may be empty */
192 #endif
193 
194  /* gateway interface hardware address */
195  uint8_t hwaddr[6];
196 
197  /* gateway/router address */
199 
200  /* address/netmask pairs bound to interface */
201 #define RGI_N_ADDRESSES 8
202  int n_addrs; /* len of addrs, may be 0 */
203  struct route_ipv6_gateway_address addrs[RGI_N_ADDRESSES]; /* local addresses attached to iface */
204 };
205 
206 struct route_list {
207 #define RL_DID_REDIRECT_DEFAULT_GATEWAY (1<<0)
208 #define RL_DID_LOCAL (1<<1)
209 #define RL_ROUTES_ADDED (1<<2)
210  unsigned int iflags;
211 
212  struct route_special_addr spec;
213  struct route_gateway_info rgi;
214  unsigned int flags; /* RG_x flags */
216  struct gc_arena gc;
217 };
218 
220  unsigned int iflags; /* RL_ flags, see route_list */
221 
222  unsigned int spec_flags; /* RTSA_ flags, route_special_addr */
223  struct in6_addr remote_endpoint_ipv6; /* inside tun */
224  struct in6_addr remote_host_ipv6; /* --remote address */
226 
228  unsigned int flags; /* RG_x flags, see route_option_list */
230  struct gc_arena gc;
231 };
232 
233 #if P2MP
234 /* internal OpenVPN route */
235 struct iroute {
237  int netbits;
238  struct iroute *next;
239 };
240 
241 struct iroute_ipv6 {
242  struct in6_addr network;
243  unsigned int netbits;
244  struct iroute_ipv6 *next;
245 };
246 #endif
247 
249 
251 
252 struct route_option_list *clone_route_option_list(const struct route_option_list *src, struct gc_arena *a);
253 
255 
256 void copy_route_option_list(struct route_option_list *dest, const struct route_option_list *src, struct gc_arena *a);
257 
259  const struct route_ipv6_option_list *src,
260  struct gc_arena *a);
261 
262 void route_ipv6_clear_host_bits( struct route_ipv6 *r6 );
263 
264 void add_route_ipv6(struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx);
265 
266 void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx);
267 
268 void add_route(struct route_ipv4 *r,
269  const struct tuntap *tt,
270  unsigned int flags,
271  const struct route_gateway_info *rgi,
272  const struct env_set *es,
273  openvpn_net_ctx_t *ctx);
274 
276  const char *network,
277  const char *netmask,
278  const char *gateway,
279  const char *metric);
280 
282  const char *prefix,
283  const char *gateway,
284  const char *metric);
285 
286 bool init_route_list(struct route_list *rl,
287  const struct route_option_list *opt,
288  const char *remote_endpoint,
289  int default_metric,
290  in_addr_t remote_host,
291  struct env_set *es,
292  openvpn_net_ctx_t *ctx);
293 
294 bool init_route_ipv6_list(struct route_ipv6_list *rl6,
295  const struct route_ipv6_option_list *opt6,
296  const char *remote_endpoint,
297  int default_metric,
298  const struct in6_addr *remote_host,
299  struct env_set *es,
300  openvpn_net_ctx_t *ctx);
301 
302 void route_list_add_vpn_gateway(struct route_list *rl,
303  struct env_set *es,
304  const in_addr_t addr);
305 
306 void add_routes(struct route_list *rl,
307  struct route_ipv6_list *rl6,
308  const struct tuntap *tt,
309  unsigned int flags,
310  const struct env_set *es,
311  openvpn_net_ctx_t *ctx);
312 
313 void delete_routes(struct route_list *rl,
314  struct route_ipv6_list *rl6,
315  const struct tuntap *tt,
316  unsigned int flags,
317  const struct env_set *es,
318  openvpn_net_ctx_t *ctx);
319 
320 void setenv_routes(struct env_set *es, const struct route_list *rl);
321 
322 void setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6);
323 
324 
325 
326 bool is_special_addr(const char *addr_str);
327 
328 void get_default_gateway(struct route_gateway_info *rgi,
329  openvpn_net_ctx_t *ctx);
330 
332  const struct in6_addr *dest,
333  openvpn_net_ctx_t *ctx);
334 
335 void print_default_gateway(const int msglevel,
336  const struct route_gateway_info *rgi,
337  const struct route_ipv6_gateway_info *rgi6);
338 
339 /*
340  * Test if addr is reachable via a local interface (return ILA_LOCAL),
341  * or if it needs to be routed via the default gateway (return
342  * ILA_NONLOCAL). If the current platform doesn't implement this
343  * function, return ILA_NOT_IMPLEMENTED.
344  */
345 #define TLA_NOT_IMPLEMENTED 0
346 #define TLA_NONLOCAL 1
347 #define TLA_LOCAL 2
348 int test_local_addr(const in_addr_t addr, const struct route_gateway_info *rgi);
349 
350 #ifndef ENABLE_SMALL
351 void print_route_options(const struct route_option_list *rol,
352  int level);
353 
354 #endif
355 
356 void print_routes(const struct route_list *rl, int level);
357 
358 #ifdef _WIN32
359 
360 void show_routes(int msglev);
361 
362 bool test_routes(const struct route_list *rl, const struct tuntap *tt);
363 
364 bool add_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt, DWORD adapter_index);
365 
366 bool del_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt);
367 
368 #else /* ifdef _WIN32 */
369 static inline bool
370 test_routes(const struct route_list *rl, const struct tuntap *tt)
371 {
372  return true;
373 }
374 #endif
375 
376 bool netmask_to_netbits(const in_addr_t network, const in_addr_t netmask, int *netbits);
377 
378 int netmask_to_netbits2(in_addr_t netmask);
379 
380 static inline in_addr_t
381 netbits_to_netmask(const int netbits)
382 {
383  const int addrlen = sizeof(in_addr_t) * 8;
384  in_addr_t mask = 0;
385  if (netbits > 0 && netbits <= addrlen)
386  {
387  mask = IPV4_NETMASK_HOST << (addrlen-netbits);
388  }
389  return mask;
390 }
391 
392 static inline bool
394 {
395  if (!rl)
396  {
397  return false;
398  }
399  else
400  {
401  return !(rl->spec.flags & RTSA_REMOTE_ENDPOINT);
402  }
403 }
404 
405 static inline int
407 {
409 }
410 
411 #endif /* ifndef ROUTE_H */
in_addr_t gateway
Definition: route.h:121
in_addr_t addr
Definition: route.h:142
static int route_did_redirect_default_gateway(const struct route_list *rl)
Definition: route.h:406
bool test_routes(const struct route_list *rl, const struct tuntap *tt)
Definition: route.c:2633
unsigned int spec_flags
Definition: route.h:222
Definition: tun.h:132
struct iroute * next
Definition: route.h:238
in_addr_t network
Definition: route.h:119
int test_local_addr(const in_addr_t addr, const struct route_gateway_info *rgi)
Definition: route.c:3992
void route_ipv6_clear_host_bits(struct route_ipv6 *r6)
Definition: route.c:1833
struct route_ipv6 * next
Definition: route.h:126
int n_bypass
Definition: route.h:56
unsigned int flags
Definition: route.h:66
void copy_route_option_list(struct route_option_list *dest, const struct route_option_list *src, struct gc_arena *a)
Definition: route.c:154
#define BOOL_CAST(x)
Definition: basic.h:27
unsigned int iflags
Definition: route.h:210
void setenv_routes(struct env_set *es, const struct route_list *rl)
Definition: route.c:1439
struct route_option * routes
Definition: route.h:95
unsigned int flags
Definition: route.h:127
void get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx)
Definition: route.c:2722
in_addr_t bypass[N_ROUTE_BYPASS]
Definition: route.h:57
void get_default_gateway_ipv6(struct route_ipv6_gateway_info *rgi, const struct in6_addr *dest, openvpn_net_ctx_t *ctx)
Definition: route.c:2808
static in_addr_t netbits_to_netmask(const int netbits)
Definition: route.h:381
in_addr_t netmask
Definition: route.h:143
const char * metric
Definition: route.h:103
static char * iface
bool del_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt)
Definition: route.c:2960
#define in_addr_t
Definition: config-msvc.h:104
#define RL_DID_REDIRECT_DEFAULT_GATEWAY
Definition: route.h:207
const char * gateway
Definition: route.h:79
void * openvpn_net_ctx_t
Definition: networking.h:26
struct route_ipv6_option * routes_ipv6
Definition: route.h:108
struct route_special_addr spec
Definition: route.h:212
bool init_route_ipv6_list(struct route_ipv6_list *rl6, const struct route_ipv6_option_list *opt6, const char *remote_endpoint, int default_metric, const struct in6_addr *remote_host, struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:763
unsigned int flags
Definition: route.h:228
struct route_option_list * new_route_option_list(struct gc_arena *a)
Definition: route.c:111
const struct route_option * option
Definition: route.h:118
#define N_ROUTE_BYPASS
Definition: route.h:55
struct route_ipv6 * routes_ipv6
Definition: route.h:229
unsigned int flags
Definition: route.h:214
int netbits
Definition: route.h:237
void print_default_gateway(const int msglevel, const struct route_gateway_info *rgi, const struct route_ipv6_gateway_info *rgi6)
Definition: route.c:1323
list flags
unsigned int netbits
Definition: route.h:129
in_addr_t netmask
Definition: route.h:120
void add_route_to_option_list(struct route_option_list *l, const char *network, const char *netmask, const char *gateway, const char *metric)
Definition: route.c:485
unsigned int iflags
Definition: route.h:220
void add_route_ipv6(struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1856
unsigned int flags
Definition: route.h:153
DWORD adapter_index
Definition: route.h:134
in_addr_t remote_endpoint
Definition: route.h:68
in_addr_t network
Definition: route.h:236
void show_routes(int msglev)
Definition: route.c:3149
bool add_route_ipapi(const struct route_ipv4 *r, const struct tuntap *tt, DWORD adapter_index)
Definition: route.c:2878
const char * netmask
Definition: route.h:78
DWORD adapter_index
Definition: route.h:157
unsigned int flags
Definition: route.h:117
struct route_option_list * clone_route_option_list(const struct route_option_list *src, struct gc_arena *a)
Definition: route.c:136
bool netmask_to_netbits(const in_addr_t network, const in_addr_t netmask, int *netbits)
Definition: route.c:3855
void delete_route_ipv6(const struct route_ipv6 *r, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:2332
void add_route_ipv6_to_option_list(struct route_ipv6_option_list *l, const char *prefix, const char *gateway, const char *metric)
Definition: route.c:503
unsigned int flags
Definition: route.h:181
#define RTSA_REMOTE_ENDPOINT
Definition: route.h:63
struct route_ipv4 * next
Definition: route.h:116
unsigned int flags
Definition: route.h:94
bool is_special_addr(const char *addr_str)
Definition: route.c:287
unsigned int flags
Definition: route.h:107
struct gc_arena * gc
Definition: route.h:109
void add_routes(struct route_list *rl, struct route_ipv6_list *rl6, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1186
unsigned __int8 uint8_t
Definition: config-msvc.h:123
unsigned int netbits
Definition: route.h:243
int metric
Definition: route.h:131
const char * network
Definition: route.h:77
void add_route(struct route_ipv4 *r, const struct tuntap *tt, unsigned int flags, const struct route_gateway_info *rgi, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1546
const char * metric
Definition: route.h:80
void delete_routes(struct route_list *rl, struct route_ipv6_list *rl6, const struct tuntap *tt, unsigned int flags, const struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:1244
void print_route_options(const struct route_option_list *rol, int level)
Definition: route.c:1307
struct route_ipv6_option * next
Definition: route.h:100
void print_routes(const struct route_list *rl, int level)
Definition: route.c:1409
struct route_ipv6_option_list * clone_route_ipv6_option_list(const struct route_ipv6_option_list *src, struct gc_arena *a)
Definition: route.c:145
struct gc_arena * gc
Definition: route.h:96
const char * prefix
Definition: route.h:101
Definition: route.h:235
bool init_route_list(struct route_list *rl, const struct route_option_list *opt, const char *remote_endpoint, int default_metric, in_addr_t remote_host, struct env_set *es, openvpn_net_ctx_t *ctx)
Definition: route.c:607
struct route_option * next
Definition: route.h:76
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
int netmask_to_netbits2(in_addr_t netmask)
Definition: route.c:3886
static bool route_list_vpn_gateway_needed(const struct route_list *rl)
Definition: route.h:393
int remote_host_local
Definition: route.h:70
const char * gateway
Definition: route.h:102
struct iroute_ipv6 * next
Definition: route.h:244
struct route_ipv6_option_list * new_route_ipv6_option_list(struct gc_arena *a)
Definition: route.c:120
struct route_ipv4 * routes
Definition: route.h:215
char * dest
Definition: compat-lz4.h:431
#define RGI_N_ADDRESSES
Definition: route.h:201
#define IPV4_NETMASK_HOST
Definition: basic.h:35
in_addr_t remote_host
Definition: route.h:69
void setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6)
Definition: route.c:1470
void copy_route_ipv6_option_list(struct route_ipv6_option_list *dest, const struct route_ipv6_option_list *src, struct gc_arena *a)
Definition: route.c:161
int default_metric
Definition: route.h:225
void route_list_add_vpn_gateway(struct route_list *rl, struct env_set *es, const in_addr_t addr)
Definition: route.c:532
int default_metric
Definition: route.h:72
int metric
Definition: route.h:122