shill: vpn: Create a IPv6 blackhole route for IPv4 L2TP/IPsec VPN.
BUG=chromium-os:34383
TEST=Tested the following:
1. Build and run unit tests.
2. Manually test IPv4 LT2P/IPsec VPN on an network interface with IPv4
and IPv6 addresses as follows:
- Before connecting to the VPN, run `ip -6 route` to verify that no
blackhole route exists. Confirm via http://ipv6test.google.com that
IPv6 connectivity is available.
- After connecting to the VPN, run `ip -6 route` to verify that the
blackhole route is installed. Confirm via
http://ipv6test.google.com that IPv6 connectivity is not available.
- After disconnecting from the VPN, run `ip -6 route` to verify that
no blackhole route exists. Confirm via http://ipv6test.google.com
that IPv6 connectivity is available.
Change-Id: I7ae4fab5319b5f06a6a3f5a28f439551f2825044
Reviewed-on: https://gerrit.chromium.org/gerrit/34053
Commit-Ready: Ben Chan <benchan@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
diff --git a/connection.cc b/connection.cc
index 20496fb..bc38e23 100644
--- a/connection.cc
+++ b/connection.cc
@@ -175,6 +175,12 @@
// Install any explicitly configured routes at the default metric.
routing_table_->ConfigureRoutes(interface_index_, config, kDefaultMetric);
+ if (properties.blackhole_ipv6) {
+ routing_table_->CreateBlackholeRoute(interface_index_,
+ IPAddress::kFamilyIPv6,
+ kDefaultMetric);
+ }
+
// Save a copy of the last non-null DNS config.
if (!config->properties().dns_servers.empty()) {
dns_servers_ = config->properties().dns_servers;