| 1 | --- a/pppd/ipcp.c |
| 2 | +++ b/pppd/ipcp.c |
| 3 | @@ -198,6 +198,14 @@ static option_t ipcp_option_list[] = { |
| 4 | "disable defaultroute option", OPT_ALIAS | OPT_A2CLR, |
| 5 | &ipcp_wantoptions[0].default_route }, |
| 6 | |
| 7 | + { "replacedefaultroute", o_bool, |
| 8 | + &ipcp_wantoptions[0].replace_default_route, |
| 9 | + "Replace default route", 1 |
| 10 | + }, |
| 11 | + { "noreplacedefaultroute", o_bool, |
| 12 | + &ipcp_allowoptions[0].replace_default_route, |
| 13 | + "Never replace default route", OPT_A2COPY, |
| 14 | + &ipcp_wantoptions[0].replace_default_route }, |
| 15 | { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, |
| 16 | "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, |
| 17 | { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, |
| 18 | @@ -271,7 +279,7 @@ struct protent ipcp_protent = { |
| 19 | ip_active_pkt |
| 20 | }; |
| 21 | |
| 22 | -static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); |
| 23 | +static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool)); |
| 24 | static void ipcp_script __P((char *, int)); /* Run an up/down script */ |
| 25 | static void ipcp_script_done __P((void *)); |
| 26 | |
| 27 | @@ -1742,7 +1750,8 @@ ip_demand_conf(u) |
| 28 | if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) |
| 29 | return 0; |
| 30 | if (wo->default_route) |
| 31 | - if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr)) |
| 32 | + if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr, |
| 33 | + wo->replace_default_route)) |
| 34 | default_route_set[u] = 1; |
| 35 | if (wo->proxy_arp) |
| 36 | if (sifproxyarp(u, wo->hisaddr)) |
| 37 | @@ -1830,7 +1839,8 @@ ipcp_up(f) |
| 38 | */ |
| 39 | if (demand) { |
| 40 | if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { |
| 41 | - ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr); |
| 42 | + ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr, |
| 43 | + wo->replace_default_route); |
| 44 | if (go->ouraddr != wo->ouraddr) { |
| 45 | warn("Local IP address changed to %I", go->ouraddr); |
| 46 | script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr), 0); |
| 47 | @@ -1855,7 +1865,8 @@ ipcp_up(f) |
| 48 | |
| 49 | /* assign a default route through the interface if required */ |
| 50 | if (ipcp_wantoptions[f->unit].default_route) |
| 51 | - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) |
| 52 | + if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, |
| 53 | + wo->replace_default_route)) |
| 54 | default_route_set[f->unit] = 1; |
| 55 | |
| 56 | /* Make a proxy ARP entry if requested. */ |
| 57 | @@ -1905,7 +1916,8 @@ ipcp_up(f) |
| 58 | |
| 59 | /* assign a default route through the interface if required */ |
| 60 | if (ipcp_wantoptions[f->unit].default_route) |
| 61 | - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) |
| 62 | + if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, |
| 63 | + wo->replace_default_route)) |
| 64 | default_route_set[f->unit] = 1; |
| 65 | |
| 66 | /* Make a proxy ARP entry if requested. */ |
| 67 | @@ -1983,7 +1995,7 @@ ipcp_down(f) |
| 68 | sifnpmode(f->unit, PPP_IP, NPMODE_DROP); |
| 69 | sifdown(f->unit); |
| 70 | ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, |
| 71 | - ipcp_hisoptions[f->unit].hisaddr); |
| 72 | + ipcp_hisoptions[f->unit].hisaddr, 0); |
| 73 | } |
| 74 | |
| 75 | /* Execute the ip-down script */ |
| 76 | @@ -1999,16 +2011,25 @@ ipcp_down(f) |
| 77 | * proxy arp entries, etc. |
| 78 | */ |
| 79 | static void |
| 80 | -ipcp_clear_addrs(unit, ouraddr, hisaddr) |
| 81 | +ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute) |
| 82 | int unit; |
| 83 | u_int32_t ouraddr; /* local address */ |
| 84 | u_int32_t hisaddr; /* remote address */ |
| 85 | + bool replacedefaultroute; |
| 86 | { |
| 87 | if (proxy_arp_set[unit]) { |
| 88 | cifproxyarp(unit, hisaddr); |
| 89 | proxy_arp_set[unit] = 0; |
| 90 | } |
| 91 | - if (default_route_set[unit]) { |
| 92 | + /* If replacedefaultroute, sifdefaultroute will be called soon |
| 93 | + * with replacedefaultroute set and that will overwrite the current |
| 94 | + * default route. This is the case only when doing demand, otherwise |
| 95 | + * during demand, this cifdefaultroute would restore the old default |
| 96 | + * route which is not what we want in this case. In the non-demand |
| 97 | + * case, we'll delete the default route and restore the old if there |
| 98 | + * is one saved by an sifdefaultroute with replacedefaultroute. |
| 99 | + */ |
| 100 | + if (!replacedefaultroute && default_route_set[unit]) { |
| 101 | cifdefaultroute(unit, ouraddr, hisaddr); |
| 102 | default_route_set[unit] = 0; |
| 103 | } |
| 104 | --- a/pppd/ipcp.h |
| 105 | +++ b/pppd/ipcp.h |
| 106 | @@ -70,6 +70,7 @@ typedef struct ipcp_options { |
| 107 | bool old_addrs; /* Use old (IP-Addresses) option? */ |
| 108 | bool req_addr; /* Ask peer to send IP address? */ |
| 109 | bool default_route; /* Assign default route through interface? */ |
| 110 | + bool replace_default_route; /* Replace default route through interface? */ |
| 111 | bool proxy_arp; /* Make proxy ARP entry for peer? */ |
| 112 | bool neg_vj; /* Van Jacobson Compression? */ |
| 113 | bool old_vj; /* use old (short) form of VJ option? */ |
| 114 | --- a/pppd/pppd.8 |
| 115 | +++ b/pppd/pppd.8 |
| 116 | @@ -121,6 +121,11 @@ the gateway, when IPCP negotiation is su |
| 117 | This entry is removed when the PPP connection is broken. This option |
| 118 | is privileged if the \fInodefaultroute\fR option has been specified. |
| 119 | .TP |
| 120 | +.B replacedefaultroute |
| 121 | +This option is a flag to the defaultroute option. If defaultroute is |
| 122 | +set and this flag is also set, pppd replaces an existing default route |
| 123 | +with the new default route. |
| 124 | +.TP |
| 125 | .B disconnect \fIscript |
| 126 | Execute the command specified by \fIscript\fR, by passing it to a |
| 127 | shell, after |
| 128 | @@ -717,7 +722,12 @@ disable both forms of hardware flow cont |
| 129 | .TP |
| 130 | .B nodefaultroute |
| 131 | Disable the \fIdefaultroute\fR option. The system administrator who |
| 132 | -wishes to prevent users from creating default routes with pppd |
| 133 | +wishes to prevent users from adding a default route with pppd |
| 134 | +can do so by placing this option in the /etc/ppp/options file. |
| 135 | +.TP |
| 136 | +.B noreplacedefaultroute |
| 137 | +Disable the \fIreplacedefaultroute\fR option. The system administrator who |
| 138 | +wishes to prevent users from replacing a default route with pppd |
| 139 | can do so by placing this option in the /etc/ppp/options file. |
| 140 | .TP |
| 141 | .B nodeflate |
| 142 | --- a/pppd/pppd.h |
| 143 | +++ b/pppd/pppd.h |
| 144 | @@ -645,7 +645,7 @@ int sif6addr __P((int, eui64_t, eui64_t |
| 145 | int cif6addr __P((int, eui64_t, eui64_t)); |
| 146 | /* Remove an IPv6 address from i/f */ |
| 147 | #endif |
| 148 | -int sifdefaultroute __P((int, u_int32_t, u_int32_t)); |
| 149 | +int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt)); |
| 150 | /* Create default route through i/f */ |
| 151 | int cifdefaultroute __P((int, u_int32_t, u_int32_t)); |
| 152 | /* Delete default route through i/f */ |
| 153 | --- a/pppd/sys-linux.c |
| 154 | +++ b/pppd/sys-linux.c |
| 155 | @@ -206,6 +206,8 @@ static unsigned char inbuf[512]; /* buff |
| 156 | |
| 157 | static int if_is_up; /* Interface has been marked up */ |
| 158 | static int have_default_route; /* Gateway for default route added */ |
| 159 | +static struct rtentry old_def_rt; /* Old default route */ |
| 160 | +static int default_rt_repl_rest; /* replace and restore old default rt */ |
| 161 | static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ |
| 162 | static char proxy_arp_dev[16]; /* Device for proxy arp entry */ |
| 163 | static u_int32_t our_old_addr; /* for detecting address changes */ |
| 164 | @@ -1544,6 +1546,9 @@ static int read_route_table(struct rtent |
| 165 | p = NULL; |
| 166 | } |
| 167 | |
| 168 | + SET_SA_FAMILY (rt->rt_dst, AF_INET); |
| 169 | + SET_SA_FAMILY (rt->rt_gateway, AF_INET); |
| 170 | + |
| 171 | SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); |
| 172 | SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); |
| 173 | SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); |
| 174 | @@ -1613,20 +1618,51 @@ int have_route_to(u_int32_t addr) |
| 175 | /******************************************************************** |
| 176 | * |
| 177 | * sifdefaultroute - assign a default route through the address given. |
| 178 | - */ |
| 179 | - |
| 180 | -int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway) |
| 181 | -{ |
| 182 | - struct rtentry rt; |
| 183 | - |
| 184 | - if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) { |
| 185 | - if (rt.rt_flags & RTF_GATEWAY) |
| 186 | - error("not replacing existing default route via %I", |
| 187 | - SIN_ADDR(rt.rt_gateway)); |
| 188 | - else |
| 189 | + * |
| 190 | + * If the global default_rt_repl_rest flag is set, then this function |
| 191 | + * already replaced the original system defaultroute with some other |
| 192 | + * route and it should just replace the current defaultroute with |
| 193 | + * another one, without saving the current route. Use: demand mode, |
| 194 | + * when pppd sets first a defaultroute it it's temporary ppp0 addresses |
| 195 | + * and then changes the temporary addresses to the addresses for the real |
| 196 | + * ppp connection when it has come up. |
| 197 | + */ |
| 198 | + |
| 199 | +int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace) |
| 200 | +{ |
| 201 | + struct rtentry rt, tmp_rt; |
| 202 | + struct rtentry *del_rt = NULL; |
| 203 | + |
| 204 | + if (default_rt_repl_rest) { |
| 205 | + /* We have already reclaced the original defaultroute, if we |
| 206 | + are called again, we will delete the current default route |
| 207 | + and set the new default route in this function. |
| 208 | + - this is normally only the case the doing demand: */ |
| 209 | + if (defaultroute_exists(&tmp_rt)) |
| 210 | + del_rt = &tmp_rt; |
| 211 | + } else if (defaultroute_exists(&old_def_rt) && |
| 212 | + strcmp(old_def_rt.rt_dev, ifname) != 0) { |
| 213 | + /* We did not yet replace an existing default route, let's |
| 214 | + check if we should save and replace a default route: */ |
| 215 | + if (old_def_rt.rt_flags & RTF_GATEWAY) { |
| 216 | + if (!replace) { |
| 217 | + error("not replacing existing default route via %I", |
| 218 | + SIN_ADDR(old_def_rt.rt_gateway)); |
| 219 | + return 0; |
| 220 | + } else { |
| 221 | + /* we need to copy rt_dev because we need it permanent too: */ |
| 222 | + char *tmp_dev = malloc(strlen(old_def_rt.rt_dev) + 1); |
| 223 | + strcpy(tmp_dev, old_def_rt.rt_dev); |
| 224 | + old_def_rt.rt_dev = tmp_dev; |
| 225 | + |
| 226 | + notice("replacing old default route to %s [%I]", |
| 227 | + old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); |
| 228 | + default_rt_repl_rest = 1; |
| 229 | + del_rt = &old_def_rt; |
| 230 | + } |
| 231 | + } else |
| 232 | error("not replacing existing default route through %s", |
| 233 | - rt.rt_dev); |
| 234 | - return 0; |
| 235 | + old_def_rt.rt_dev); |
| 236 | } |
| 237 | |
| 238 | memset (&rt, 0, sizeof (rt)); |
| 239 | @@ -1641,10 +1677,16 @@ int sifdefaultroute (int unit, u_int32_t |
| 240 | |
| 241 | rt.rt_flags = RTF_UP; |
| 242 | if (ioctl(sock_fd, SIOCADDRT, &rt) < 0) { |
| 243 | - if ( ! ok_error ( errno )) |
| 244 | + if (!ok_error(errno)) |
| 245 | error("default route ioctl(SIOCADDRT): %m"); |
| 246 | return 0; |
| 247 | } |
| 248 | + if (default_rt_repl_rest && del_rt) |
| 249 | + if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) { |
| 250 | + if (!ok_error(errno)) |
| 251 | + error("del old default route ioctl(SIOCDELRT): %m"); |
| 252 | + return 0; |
| 253 | + } |
| 254 | |
| 255 | have_default_route = 1; |
| 256 | return 1; |
| 257 | @@ -1675,11 +1717,21 @@ int cifdefaultroute (int unit, u_int32_t |
| 258 | rt.rt_flags = RTF_UP; |
| 259 | if (ioctl(sock_fd, SIOCDELRT, &rt) < 0 && errno != ESRCH) { |
| 260 | if (still_ppp()) { |
| 261 | - if ( ! ok_error ( errno )) |
| 262 | + if (!ok_error(errno)) |
| 263 | error("default route ioctl(SIOCDELRT): %m"); |
| 264 | return 0; |
| 265 | } |
| 266 | } |
| 267 | + if (default_rt_repl_rest) { |
| 268 | + notice("restoring old default route to %s [%I]", |
| 269 | + old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); |
| 270 | + if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) { |
| 271 | + if (!ok_error(errno)) |
| 272 | + error("restore default route ioctl(SIOCADDRT): %m"); |
| 273 | + return 0; |
| 274 | + } |
| 275 | + default_rt_repl_rest = 0; |
| 276 | + } |
| 277 | |
| 278 | return 1; |
| 279 | } |
| 280 | --- a/pppd/sys-solaris.c |
| 281 | +++ b/pppd/sys-solaris.c |
| 282 | @@ -2036,12 +2036,18 @@ cifaddr(u, o, h) |
| 283 | * sifdefaultroute - assign a default route through the address given. |
| 284 | */ |
| 285 | int |
| 286 | -sifdefaultroute(u, l, g) |
| 287 | +sifdefaultroute(u, l, g, replace) |
| 288 | int u; |
| 289 | u_int32_t l, g; |
| 290 | + bool replace; |
| 291 | { |
| 292 | struct rtentry rt; |
| 293 | |
| 294 | + if (replace) { |
| 295 | + error("replacedefaultroute not supported on this platform"); |
| 296 | + return 0; |
| 297 | + } |
| 298 | + |
| 299 | #if defined(__USLC__) |
| 300 | g = l; /* use the local address as gateway */ |
| 301 | #endif |
| 302 | |
