shill: Add OpenVPN peer and subnet addresses to per-device routing tables
In split tunnel configurations, OpenVPN can push a number of different
IP addresses depending on the --topology setting:
- A peer address (tun0 point-to-point IP)
- A subnet range (e.g. 192.168.1.0/24)
- A default gateway address (next hop)
- Per-route gateway addresses
Add explicit routes to |properties->routes| for the former two items.
Ignore all gateway addresses: they aren't needed in order to send
traffic out through tun0, and if they're wrong, they can cause the
kernel to reject the route. Instead, specify the local IP as the
gateway for each route.
Also, change IgnoreDefaultRoute so that it makes shill ignore the
redirect-gateway option. In the past it was usually necessary to
specify this option in order to make split tunnel VPNs work properly,
but it shouldn't be necessary anymore.
TEST=manually test net30, p2p, and subnet toplogies with and without
redirect-gateway and pushed routes
Commit-Ready: Kevin Cernekee <firstname.lastname@example.org>
Tested-by: Kevin Cernekee <email@example.com>
Reviewed-by: Abhishek Bhardwaj <firstname.lastname@example.org>
Reviewed-by: Kirtika Ruchandani <email@example.com>
2 files changed