commit 4a946095dad15548ae399665be111be9cb1d9aa6
author Chad Brubaker <cbrubaker@google.com> Wed Jul 10 12:08:08 2013 -0700
committer Chad Brubaker <cbrubaker@google.com> Thu Jul 11 12:05:22 2013 -0700
tree 6f9140ad596853495305b5b1f48c3935fee72b37
parent 2251c0fbcf24a9c8fd77b23851f60304087bab2b

Add destination host exemption to VPN routing

requestRouteToHost requires the ability to punch holes in the VPN for
certain addresses, this adds support for this under mark based VPNs.

Change-Id: I9d890829048624d43c0f1efaec54563a860e850f

SecondaryTableController.h

diff --git a/SecondaryTableController.h b/SecondaryTableController.h
index 84995fa..3334ed1 100644
--- a/SecondaryTableController.h
+++ b/SecondaryTableController.h
@@ -49,10 +49,13 @@
     int removeFwmarkRule(const char *iface);
     int addFwmarkRoute(const char* iface, const char *dest, int prefix);
     int removeFwmarkRoute(const char* iface, const char *dest, int prefix);
+    int addHostExemption(const char *host);
+    int removeHostExemption(const char *host);
 
     int setupIptablesHooks();
 
     static const char* LOCAL_MANGLE_OUTPUT;
+    static const char* LOCAL_MANGLE_EXEMPT;
     static const char* LOCAL_MANGLE_IFACE_FORMAT;
     static const char* LOCAL_NAT_POSTROUTING;
     static const char* LOCAL_FILTER_OUTPUT;
@@ -64,6 +67,7 @@
     int setUidRule(const char* iface, int uid_start, int uid_end, bool add);
     int setFwmarkRule(const char *iface, bool add);
     int setFwmarkRoute(const char* iface, const char *dest, int prefix, bool add);
+    int setHostExemption(const char *host, bool add);
     int modifyRoute(SocketClient *cli, const char *action, char *iface, char *dest, int prefix,
             char *gateway, int tableIndex);