From f2bdb96e6b85213148d44dc1f12b3929526d665f Mon Sep 17 00:00:00 2001 Message-Id: From: Mark Wooding Date: Fri, 22 Apr 2011 16:41:38 +0100 Subject: [PATCH] svc/conntrack: Add magic `down' peer tags. Organization: Straylight/Edgeware From: Mark Wooding The tags `down' and `down/ANYTHING' mean that no peer from the group should be selected. --- svc/conntrack.8.in | 8 ++++++++ svc/conntrack.in | 5 ++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/svc/conntrack.8.in b/svc/conntrack.8.in index 3e4fc725..3d1a54a4 100644 --- a/svc/conntrack.8.in +++ b/svc/conntrack.8.in @@ -101,6 +101,14 @@ connecting the new one. If no match is found in a particular group, then no peers in the group are connected. Strange and unhelpful things will happen if you put the same peer in several different groups. .PP +The tags +.B down +and +.BI down/ anything +are special and mean that no peer from the group should be active. This +is useful for detecting a `home' network, where a VPN is unnecessary +(or, worse, break routing completely). +.PP The notion of `current IP address' is somewhat vague. The .B conntrack service calculates it as the source address that the host would put on diff --git a/svc/conntrack.in b/svc/conntrack.in index 827598fe..a7431321 100644 --- a/svc/conntrack.in +++ b/svc/conntrack.in @@ -253,7 +253,10 @@ def kickpeers(): if upness and ip is None and \ ipq is not None and (ipq & m) == a: map[t] = 'up' - want = t + if t == 'down' or t.startswith('down/'): + want = None + else: + want = t ip = ipq else: map[t] = 'down' -- [mdw]