interface name according to the rules defined by resolvconf. Also, it should
have a high priority according to the order defined in interface-order(5).
.TP
+.BR charon.plugins.socket-default.fwmark
+Firewall mark to set on outbound packets.
+.TP
.BR charon.plugins.socket-default.set_source " [yes]"
Set source address on outbound packets, if possible.
.TP
return -1;
}
}
+#ifdef SO_MARK
+ { /* set optional MARK on socket (requires CAP_NET_ADMIN) */
+ char *fwmark;
+ mark_t mark;
+
+ fwmark = lib->settings->get_str(lib->settings,
+ "%s.plugins.socket-default.fwmark", NULL, charon->name);
+ if (fwmark && mark_from_string(fwmark, &mark))
+ {
+ if (setsockopt(skt, SOL_SOCKET, SO_MARK, &mark.value,
+ sizeof(mark.value)) < 0)
+ {
+ DBG1(DBG_NET, "unable to set SO_MARK on socket: %s",
+ strerror(errno));
+ }
+ }
+ }
+#endif
if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface,
skt, family))
projects / thirdparty / strongswan.git / commitdiff
