diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/config.rs | 7 | ||||
-rw-r--r-- | src/main.rs | 9 | ||||
-rw-r--r-- | src/manager/builder.rs | 9 |
3 files changed, 25 insertions, 0 deletions
diff --git a/src/config.rs b/src/config.rs index 3eb0dd4..a1dff3e 100644 --- a/src/config.rs +++ b/src/config.rs @@ -17,6 +17,8 @@ pub struct Source { pub ipv6: Ipv6Set, #[serde(default)] pub required: bool, + #[serde(default = "default_allow_road_warriors")] + pub allow_road_warriors: bool, } #[derive(serde_derive::Deserialize)] @@ -133,6 +135,11 @@ impl From<ConfigRepr> for Config { } #[inline] +const fn default_allow_road_warriors() -> bool { + true +} + +#[inline] const fn default_min_keepalive() -> u32 { 10 } diff --git a/src/main.rs b/src/main.rs index 2ab02af..5cdaa40 100644 --- a/src/main.rs +++ b/src/main.rs @@ -60,6 +60,14 @@ fn cli_config(mut args: impl Iterator<Item = OsString>) -> Option<config::Config s.required = true; continue; } + if key == "deny_road_warriors" { + s.allow_road_warriors = false; + continue; + } + if key == "allow_road_warriors" { + s.allow_road_warriors = true; + continue; + } } State::Peer(ref mut p) => { if key == "source" { @@ -116,6 +124,7 @@ fn cli_config(mut args: impl Iterator<Item = OsString>) -> Option<config::Config ipv4: model::Ipv4Set::new(), ipv6: model::Ipv6Set::new(), required: false, + allow_road_warriors: true, }); cur = State::Source(cfg.sources.last_mut().unwrap()); continue; diff --git a/src/manager/builder.rs b/src/manager/builder.rs index e302f7e..22fcca1 100644 --- a/src/manager/builder.rs +++ b/src/manager/builder.rs @@ -122,6 +122,15 @@ impl<'a> ConfigBuilder<'a> { } let ent = if p.base == self.public_key { + if !src.config.allow_road_warriors { + self.err.push(Error::new( + "road warriors from this source not allowed", + src, + &p.peer, + true, + )); + return; + } insert_peer(&mut self.c, &mut self.err, src, &p.peer, contact) } else if let Some(ent) = self.c.peers.get_mut(&p.base) { ent |