bateast/wireguard-tools
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

wg-quick: darwin: avoid routing loop if no default

Browse Source 
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2018-05-17 04:07:11 +02:00
parent 0d9f30246d
commit 884f7c50ce
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/wg-quick/darwin.bash
View File

@ -211,9 +211,9 @@ set_endpoint_direct_route() {
for endpoint in "${old_endpoints[@]}"; do for endpoint in "${old_endpoints[@]}"; do
[[ $remove_all_old -eq 0 && " ${ENDPOINTS[*]} " == *" $endpoint "* ]] && continue [[ $remove_all_old -eq 0 && " ${ENDPOINTS[*]} " == *" $endpoint "* ]] && continue
if [[ $endpoint == *:* ]]; then if [[ $endpoint == *:* && $AUTO_ROUTE6 -eq 1 ]]; then
cmd route -q delete -inet6 "$endpoint" >/dev/null 2>&1 || true cmd route -q delete -inet6 "$endpoint" >/dev/null 2>&1 || true
else elif [[ $AUTO_ROUTE4 -eq 1 ]]; then
cmd route -q delete -inet "$endpoint" >/dev/null 2>&1 || true cmd route -q delete -inet "$endpoint" >/dev/null 2>&1 || true
fi fi
done done
@ -223,11 +223,21 @@ set_endpoint_direct_route() {
added+=( "$endpoint" ) added+=( "$endpoint" )
continue continue
fi fi
if [[ $endpoint == *:* && -n $GATEWAY6 ]]; then if [[ $endpoint == *:* && $AUTO_ROUTE6 -eq 1 ]]; then
if [[ -n $GATEWAY6 ]]; then
cmd route -q add -inet6 "$endpoint" -gateway "$GATEWAY6" >/dev/null || true cmd route -q add -inet6 "$endpoint" -gateway "$GATEWAY6" >/dev/null || true
else
# Prevent routing loop
cmd route -q add -inet6 "$endpoint" ::1 -blackhole >/dev/null || true
fi
added+=( "$endpoint" ) added+=( "$endpoint" )
elif [[ -n $GATEWAY4 ]]; then elif [[ $AUTO_ROUTE4 -eq 1 ]]; then
if [[ -n $GATEWAY4 ]]; then
cmd route -q add -inet "$endpoint" -gateway "$GATEWAY4" >/dev/null || true cmd route -q add -inet "$endpoint" -gateway "$GATEWAY4" >/dev/null || true
else
# Prevent routing loop
cmd route -q add -inet "$endpoint" 127.0.0.1 -blackhole >/dev/null || true
fi
added+=( "$endpoint" ) added+=( "$endpoint" )
fi fi
done done