bypass-lan: Don't use interfaces in policies
authorTobias Brunner <tobias@strongswan.org>
Mon, 13 Feb 2017 18:06:24 +0000 (19:06 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 16 Feb 2017 18:20:18 +0000 (19:20 +0100)
commitc2129d1cbe6b482cf956a1f609ff974c9dcd5b24
tree34f85bf42e54e0036b3daf4c9d281b10320a2a0c
parent0c549169c4a4488fb79934d32fc8f9ed6446db35
bypass-lan: Don't use interfaces in policies

After an interface disappeared we can't remove the policies correctly as
the name doesn't resolve to the previous index anymore.
And making the policies so specific might not provide that much benefit.

To handle the interfaces on the policies correctly would require some
changes to the child-cfg, kernel-interface etc. so they'd take interface
indices directly so we could target the policies correctly even if an
interface disappeared (or reappeared and got a new index).
src/libcharon/plugins/bypass_lan/bypass_lan_listener.c