X-Git-Url: http://git.osdn.net/view?a=blobdiff_plain;f=server%2FVirtualNetwork.h;h=d315f9781c6117f836e1e1482d7f5dee66600c28;hb=9028d91fd86a2d517c7ce163c1d88b41de961ba8;hp=54b492652ecf646b7f2c0a59229c0534ec52e0c9;hpb=89dad013e4dd98434b0409a84567f38782894029;p=android-x86%2Fsystem-netd.git

diff --git a/server/VirtualNetwork.h b/server/VirtualNetwork.h
index 54b4926..d315f97 100644
--- a/server/VirtualNetwork.h
+++ b/server/VirtualNetwork.h
@@ -20,20 +20,32 @@
 #include "Network.h"
 #include "UidRanges.h"
 
+// A VirtualNetwork may be "secure" or not.
+//
+// A secure VPN is the usual type of VPN that grabs the default route (and thus all user traffic).
+// Only a few privileged UIDs may skip the VPN and go directly to the underlying physical network.
+//
+// A non-secure VPN ("bypassable" VPN) also grabs all user traffic by default. But all apps are
+// permitted to skip it and pick any other network for their connections.
 class VirtualNetwork : public Network {
 public:
-    explicit VirtualNetwork(unsigned netId);
+    VirtualNetwork(unsigned netId, bool hasDns, bool secure);
     virtual ~VirtualNetwork();
 
+    bool getHasDns() const;
+    bool isSecure() const;
+    bool appliesToUser(uid_t uid) const;
+
     int addUsers(const UidRanges& uidRanges) WARN_UNUSED_RESULT;
     int removeUsers(const UidRanges& uidRanges) WARN_UNUSED_RESULT;
 
-    Type getType() const override;
-
 private:
+    Type getType() const override;
     int addInterface(const std::string& interface) override WARN_UNUSED_RESULT;
     int removeInterface(const std::string& interface) override WARN_UNUSED_RESULT;
 
+    const bool mHasDns;
+    const bool mSecure;
     UidRanges mUidRanges;
 };