Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / de5d5df753dd35d852ac47a6174b06eacd0d5523^! / . / server / NetworkController.h
commitde5d5df753dd35d852ac47a6174b06eacd0d5523[log] [tgz]
authorSreeram Ramachandran <sreeram@google.com>Sat Jul 26 18:43:25 2014 -0700
committerSreeram Ramachandran <sreeram@google.com>Mon Jul 28 11:28:47 2014 -0700
tree64e9861df4c6a7ca0e32478fc7ec347a66b04d42
parent95684ba176a9fe5ea59207d7202e47fa12bbfdbe [diff] [blame]
Prohibit address families by default unless a VPN explicitly allows them.

Bug: 15972465
Change-Id: I3278d94536fefacc86390c1ba4231680f7be8589

diff --git a/server/NetworkController.h b/server/NetworkController.h
index f065ba5..fbd31ed 100644
--- a/server/NetworkController.h
+++ b/server/NetworkController.h

@@ -71,6 +71,9 @@
     int addUsersToNetwork(unsigned netId, const UidRanges& uidRanges) WARN_UNUSED_RESULT;
     int removeUsersFromNetwork(unsigned netId, const UidRanges& uidRanges) WARN_UNUSED_RESULT;
 
+    // |nexthop| can be NULL (to indicate a directly-connected route), "unreachable" (to indicate a
+    // route that's blocked) or a regular IP address.
+    //
     // Routes are added to tables determined by the interface, so only |interface| is actually used.
     // |netId| is given only to sanity check that the interface has the correct netId.
     int addRoute(unsigned netId, const char* interface, const char* destination,