Option added to enforce a configured destination address for DHCP packets
authorTobias Brunner <tobias@strongswan.org>
Thu, 5 Jul 2012 17:06:44 +0000 (19:06 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 13 Sep 2012 08:59:24 +0000 (10:59 +0200)
man/strongswan.conf.5.in
src/libcharon/plugins/dhcp/dhcp_socket.c

index 70149bc..4f30c42 100644 (file)
@@ -323,6 +323,14 @@ Hashing algorithm to fingerprint coupled certificates
 .BR charon.plugins.coupling.max " [1]"
 Maximum number of coupling entries to create
 .TP
+.BR charon.plugins.dhcp.force_server_address " [no]"
+Always use the configured server address. This might be helpful if the DHCP
+server runs on the same host as strongSwan, and the DHCP daemon does not listen
+on the loopback interface.  In that case the server cannot be reached via
+unicast (or even 255.255.255.255) as that would be routed via loopback.
+Setting this option to yes and configuring the local broadcast address (e.g.
+192.168.0.255) as server address might work.
+.TP
 .BR charon.plugins.dhcp.identity_lease " [no]"
 Derive user-defined MAC address from hash of IKEv2 identity
 .TP
index 8f976ae..104c71c 100644 (file)
@@ -105,6 +105,11 @@ struct private_dhcp_socket_t {
         * DHCP server address, or broadcast
         */
        host_t *dst;
+
+       /**
+        * Force configured destination address
+        */
+       bool force_dst;
 };
 
 /**
@@ -266,7 +271,7 @@ static bool send_dhcp(private_dhcp_socket_t *this,
        ssize_t len;
 
        dst = transaction->get_server(transaction);
-       if (!dst)
+       if (!dst || this->force_dst)
        {
                dst = this->dst;
        }
@@ -701,6 +706,9 @@ dhcp_socket_t *dhcp_socket_create()
        this->identity_lease = lib->settings->get_bool(lib->settings,
                                                                "%s.plugins.dhcp.identity_lease", FALSE,
                                                                charon->name);
+       this->force_dst = lib->settings->get_str(lib->settings,
+                                                               "%s.plugins.dhcp.force_server_address", FALSE,
+                                                               charon->name);
        this->dst = host_create_from_string(lib->settings->get_str(lib->settings,
                                                                "%s.plugins.dhcp.server", "255.255.255.255",
                                                                charon->name), DHCP_SERVER_PORT);