git.ipfire.org Git - thirdparty/strongswan.git/commit

]> git.ipfire.org Git - thirdparty/strongswan.git/commit

projects / thirdparty / strongswan.git / commit

author	Tobias Brunner <tobias@strongswan.org>
	Fri, 16 Sep 2022 09:03:38 +0000 (11:03 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 16 Sep 2022 12:22:55 +0000 (14:22 +0200)
commit	e095c635d3e0f5a99b509bb79db0d0bf49005dcc
tree	d8fac06cc2741ec479412d3bc9441848b21d8870	tree
parent	84bfebf0587afdc8df2e74245922982dfb2b606d	commit \| diff

selinux: Use assign/handle-vips instead of ike-updown event to install traps

Due to the order in which ike-updown is triggered and virtual IPs are
assigned the previous code didn't install narrowed trap policies if
virtual IPs were used, instead they trapped all traffic (0.0.0.0/0) and
caused conflicts if multiple clients connected.

src/libcharon/plugins/selinux/selinux_listener.c

diff | blob | blame | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom