bateast/wireguard-tools
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

wg-quick: android: use iproute2 to bring up interface instead of ndc

Browse Source 
Android 11's ndc regresses even more, but it turns out that netd doesn't
need to track up/down state via direct invocation, so just set the
interface up by way of normal iproute2.

Reported-by: Harsh Shandilya <me@msfjarvis.dev>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2020-08-25 21:54:22 +02:00
parent fbca033c69
commit 9a0d65e2af
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/wg-quick/android.c
View File

@ -726,7 +726,7 @@ static void up_if(unsigned int *netid, const char *iface, uint16_t listen_port)
cmd("iptables -I INPUT 1 -p udp --dport %u -j ACCEPT -m comment --comment \"wireguard rule %s\"", listen_port, iface); cmd("iptables -I INPUT 1 -p udp --dport %u -j ACCEPT -m comment --comment \"wireguard rule %s\"", listen_port, iface);
cmd("ip6tables -I INPUT 1 -p udp --dport %u -j %s -m comment --comment \"wireguard rule %s\"", listen_port, should_block_ipv6(iface) ? "DROP" : "ACCEPT", iface); cmd("ip6tables -I INPUT 1 -p udp --dport %u -j %s -m comment --comment \"wireguard rule %s\"", listen_port, should_block_ipv6(iface) ? "DROP" : "ACCEPT", iface);
} }
cndc("interface setcfg %s up", iface); cmd("ip link set up dev %s", iface);
cndc("network create %u vpn 1 1", *netid); cndc("network create %u vpn 1 1", *netid);
cndc("network interface add %u %s", *netid, iface); cndc("network interface add %u %s", *netid, iface);
} }