|
| static void | create_rule (const std::string &rule_id, const std::wstring &domains, const std::wstring &servers, bool dnssec) |
| | Create a NRPT rule in the registry.
|
| |
| static void | create_exclude_rules (DWORD process_id, const std::vector< std::wstring > &search_domains) |
| |
| static void | delete_rules (DWORD process_id) |
| | Remove our NRPT rules from the registry.
|
| |
| static std::string | rule_id (DWORD process_id) |
| | Return a NRPT rule id.
|
| |
| static std::string | exclude_rule_id (DWORD process_id, std::uint32_t n) |
| | Return a NRPT exclude rule id.
|
| |
|
| static std::vector< std::wstring > | interface_ipv4_dns_servers (const std::wstring &itf_guid) |
| | Get IPv4 DNS server addresses of an interface.
|
| |
| static std::vector< std::wstring > | interface_ipv6_dns_servers (const std::wstring &itf_guid) |
| | Get IPv6 DNS server addresses of an interface.
|
| |
| static std::vector< ExcludeRuleData > | collect_exclude_rule_data (const std::vector< std::wstring > &sd) |
| | Get all the data necessary for excluding local domains from the tunnel.
|
| |
| static REG::Key | open_nrpt_base_key () |
| | Open the NRPT key to store our rules at.
|
| |
| static const char * | id_prefix () |
| | Return the rule id prefix any rule starts with.
|
| |
| static std::string | gen_rule_id (DWORD process_id, bool exclude_rule, std::uint32_t n) |
| | Generate a rule id string.
|
| |
template<typename REG, typename NETAPI>
class openvpn::TunWin::Nrpt< REG, NETAPI >
Manage NRPT rules for Windows.
- Template Parameters
-
| REG | Registry abstraction class to use |
| NETAPI | Network related Win32 API class to use |
Definition at line 58 of file nrpt.hpp.
template<typename REG , typename NETAPI >
Get all the data necessary for excluding local domains from the tunnel.
This data is only necessary if all the domains are to be resolved through the VPN. To not break resolving local DNS names, we add so called exclude rules to the NRPT for as long as the tunnel persists. If a local domain matches one of the pushed search domains, skip it, so that look-ups are performed via VPN.
- Parameters
-
| sd | search domains to compare local domains to |
- Returns
- std::vector<ExcludeRuleData> The data collected to create exclude rules from.
Definition at line 279 of file nrpt.hpp.
template<typename REG , typename NETAPI >
| static void openvpn::TunWin::Nrpt< REG, NETAPI >::create_exclude_rules |
( |
DWORD |
process_id, |
|
|
const std::vector< std::wstring > & |
search_domains |
|
) |
| |
|
inlinestatic |
Set NRPT exclude rules to accompany a catch all rule. This is done so that local resolution of names is not interfered with in case the VPN resolves all names. Exclude rules are only created when no search domain matches to local domain to deal with situations where look-ups should go via VPN, but exclude rules prevent this.
- Parameters
-
| process_id | the process id used for the rules |
| search_domains | search domains to compare local domains to |
Definition at line 136 of file nrpt.hpp.
template<typename REG , typename NETAPI >
| static void openvpn::TunWin::Nrpt< REG, NETAPI >::create_rule |
( |
const std::string & |
rule_id, |
|
|
const std::wstring & |
domains, |
|
|
const std::wstring & |
servers, |
|
|
bool |
dnssec |
|
) |
| |
|
inlinestatic |
Create a NRPT rule in the registry.
The exact location of the rule depends on whether there are alredy rules rules defined. If so the rule is stored with them, either in the place where group policy based ones are, or the local one.
- Parameters
-
| rule_id | the unique rule id |
| domains | domains the rule applies to as wide MULTI_SZ |
| servers | list of name server addresses, separated by semicolon |
| dnssec | whether DNSSEC should be enabled for the rule |
Definition at line 75 of file nrpt.hpp.
template<typename REG , typename NETAPI >
Remove our NRPT rules from the registry.
Iterate over the rules in the two know subkeys where NRPT rules can be located in the Windows registry and remove those rules, which we identify as ours. This is done by comparing the process id we add to the end of each rule we add. If the process id is zero all NRPT rules are deleted, regardless of the actual pid.
- Parameters
-
| process_id | the process id used for the rule deletion |
Definition at line 157 of file nrpt.hpp.
template<typename REG , typename NETAPI >
Open the NRPT key to store our rules at.
There are two places in the registry where NRPT rules can be found, depending on whether group policy rules are used or not. This function tries for the group policy place first and returns the key for the local rules in case it does not exist.
- Returns
- REG::Key the opened Registry handle
Definition at line 328 of file nrpt.hpp.
1.9.8