diff options
| author |   Florent Daigniere <nextgens@freenetproject.org> | 2019-02-23 21:50:04 +0100 |
|---|---|---|
| committer | Florent Daigniere <nextgens@freenetproject.org> | 2019-02-25 18:20:23 +0100 |
| commit | 0c2d06d8a5a6bb61b42857ac2c21c579b11a6f1c (patch) | |
| tree | abcd5992aaa3f02f0c0b5e14a4673317b6749fca /send.go | |
| parent | send: propagate DSCP bits to the outer tunnel (diff) | |
| download | wireguard-go-0c2d06d8a5a6bb61b42857ac2c21c579b11a6f1c.tar.xz wireguard-go-0c2d06d8a5a6bb61b42857ac2c21c579b11a6f1c.zip | |
net: implement ECN handling, rfc6040 stylefd/propagate-DSCP-bits
To decide whether we should use the compatibility mode or the normal
mode with a peer, we use the handshake messages as a signaling channel.
If we receive the expected ECN bits, it most likely means they're
running a compatible version.
Signed-off-by: Florent Daigniere <nextgens@freenetproject.org>
Diffstat (limited to 'send.go')
| -rw-r--r-- | send.go | 14 |
1 files changed, 8 insertions, 6 deletions
@@ -41,10 +41,6 @@ import ( * (to allow the construction of transport messages in-place) */ -const ( - HandshakeDSCP = 0x88 // AF41, plus 00 ECN -) - type QueueOutboundElement struct { dropped int32 sync.Mutex @@ -299,14 +295,20 @@ func (device *Device) RoutineReadFromTUN() { } dst := elem.packet[IPv4offsetDst : IPv4offsetDst+net.IPv4len] peer = device.allowedips.LookupIPv4(dst) - elem.tos = elem.packet[1]; + if peer == nil { + continue + } + elem.tos = ecn_rfc6040_ingress(elem.packet[1], peer.isECNConfirmed.Get()) case ipv6.Version: if len(elem.packet) < ipv6.HeaderLen { continue } dst := elem.packet[IPv6offsetDst : IPv6offsetDst+net.IPv6len] peer = device.allowedips.LookupIPv6(dst) - elem.tos = elem.packet[1]; + if peer == nil { + continue + } + elem.tos = ecn_rfc6040_ingress(elem.packet[1], peer.isECNConfirmed.Get()) default: logDebug.Println("Received packet with unknown IP version") } |