commit 5009d5ef3fbcdc69d772b528fd22184b7d605afa
author Sreeram Ramachandran <sreeram@google.com> Thu Jul 03 12:20:48 2014 -0700
committer Sreeram Ramachandran <sreeram@google.com> Mon Jul 07 16:19:33 2014 -0700
tree c4375c84299cd6aca384ce100549456e7d91a09e
parent ed4bd1f7d219f9f5f56763ea02cf4947e78397f6

Update routing rules.

As per the latest changes to: http://go/android-multinetwork-routing

Functional changes:
+ Add explicit=NO to the implicit network rules, though it's a no-op.
+ Remove most of the UID=0 (kernel access) rules since they are no longer
  needed, except in one case to allow access to a VPN.
+ Add the explicit, protect and permissions bits to the incoming packet mark.
+ VPNs now don't need an implicit network rule.
+ Modifying network permissions now modifies the incoming packet mark as well.

Cosmetic changes:
+ Renamed the legacy tables to match their permissions (SYSTEM and NETWORK).
+ Renamed most functions and methods for clarity and consistency.
+ Renamed and adjusted some ule priorities.
+ Move most rule modifications into their own functions, to prevent brittle
  reliance on the previous state of the fwmark/mask variables.

Change-Id: I958a7e158ee918d5254de606fcfa55fe23327438

server/NetworkController.cpp

diff --git a/server/NetworkController.cpp b/server/NetworkController.cpp
index 5638678..03c22be 100644
--- a/server/NetworkController.cpp
+++ b/server/NetworkController.cpp
@@ -366,9 +366,9 @@
     RouteController::TableType tableType;
     if (legacy) {
         if ((getPermissionForUser(uid) & PERMISSION_SYSTEM) == PERMISSION_SYSTEM) {
-            tableType = RouteController::PRIVILEGED_LEGACY;
+            tableType = RouteController::LEGACY_SYSTEM;
         } else {
-            tableType = RouteController::LEGACY;
+            tableType = RouteController::LEGACY_NETWORK;
         }
     } else {
         tableType = RouteController::INTERFACE;