diff options
-rw-r--r-- | interface-ip.c | 4 | ||||
-rw-r--r-- | interface.h | 1 | ||||
-rw-r--r-- | system-linux.c | 4 |
3 files changed, 5 insertions, 4 deletions
diff --git a/interface-ip.c b/interface-ip.c index 1e085bc..b96d98c 100644 --- a/interface-ip.c +++ b/interface-ip.c @@ -1289,12 +1289,14 @@ void interface_ip_set_enabled(struct interface_ip_settings *ip, bool enabled) if (!strcmp(a->name, ip->iface->name)) interface_set_prefix_address(a, c, ip->iface, enabled); - if (ip->iface && ip->iface->l3_dev.dev) { + if (ip->iface && ip->iface->policy_rules_set != enabled && + ip->iface->l3_dev.dev) { set_ip_lo_policy(enabled, true, ip->iface); set_ip_lo_policy(enabled, false, ip->iface); set_ip_source_policy(enabled, true, IPRULE_PRIORITY_REJECT + ip->iface->l3_dev.dev->ifindex, NULL, 0, 0, ip->iface, "failed_policy"); + ip->iface->policy_rules_set = enabled; } } diff --git a/interface.h b/interface.h index c2049f1..73a3b55 100644 --- a/interface.h +++ b/interface.h @@ -112,6 +112,7 @@ struct interface { bool link_state; bool force_link; bool dynamic; + bool policy_rules_set; time_t start_time; enum interface_state state; diff --git a/system-linux.c b/system-linux.c index d3bb64d..2b17764 100644 --- a/system-linux.c +++ b/system-linux.c @@ -1792,10 +1792,8 @@ static int system_iprule(struct iprule *rule, int cmd) .rtm_flags = 0, }; - if (cmd == RTM_NEWRULE) { + if (cmd == RTM_NEWRULE) rtm.rtm_type = RTN_UNICAST; - rtm.rtm_flags |= NLM_F_REPLACE | NLM_F_EXCL; - } if (rule->invert) rtm.rtm_flags |= FIB_RULE_INVERT; |