pluto: Make marks available in updown script.
authorTobias Brunner <tobias@strongswan.org>
Mon, 30 Aug 2010 08:01:37 +0000 (10:01 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 2 Sep 2010 17:04:25 +0000 (19:04 +0200)
src/pluto/kernel.c

index 36bf37f..2ab9306 100644 (file)
@@ -294,6 +294,8 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
                        peerclientnet_str[ADDRTOT_BUF],
                        peerclientmask_str[ADDRTOT_BUF],
                        peerca_str[BUF_LEN],
+                       mark_in[BUF_LEN] = "",
+                       mark_out[BUF_LEN] = "",
                        udp_encap[BUF_LEN] = "",
                        xauth_id_str[BUF_LEN] = "",
                        secure_myid_str[BUF_LEN] = "",
@@ -327,6 +329,18 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
                        strncat(srcip_str, "' ", sizeof(srcip_str));
                }
 
+               if (sr->mark_in.value)
+               {
+                       snprintf(mark_in, sizeof(mark_in), "PLUTO_MARK_IN='%u/0x%08x' ",
+                                        sr->mark_in.value, sr->mark_in.mask);
+               }
+
+               if (sr->mark_out.value)
+               {
+                       snprintf(mark_out, sizeof(mark_out), "PLUTO_MARK_OUT='%u/0x%08x' ",
+                                        sr->mark_out.value, sr->mark_out.mask);
+               }
+
                if (st && (st->nat_traversal & NAT_T_DETECTED))
                {
                        snprintf(udp_encap, sizeof(udp_encap), "PLUTO_UDP_ENC='%u' ",
@@ -410,6 +424,8 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
                        "PLUTO_PEER_CA='%s' "
                        "%s"        /* optional PLUTO_MY_SRCIP */
                        "%s"        /* optional PLUTO_XAUTH_ID */
+                       "%s"        /* optional PLUTO_MARK_IN */
+                       "%s"        /* optional PLUTO_MARK_OUT */
                        "%s"        /* optional PLUTO_UDP_ENC */
                        "%s"        /* actual script */
                        , verb, verb_suffix
@@ -435,6 +451,8 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
                        , secure_peerca_str
                        , srcip_str
                        , xauth_id_str
+                       , mark_in
+                       , mark_out
                        , udp_encap
                        , sr->this.updown == NULL? DEFAULT_UPDOWN : sr->this.updown))
                {