-
Notifications
You must be signed in to change notification settings - Fork 113
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* Remove default route supporession rule * Add routing table setup back for Linux. Once the default-route-suppression rule was removed, it turns out that we really do need to setup the wireguard routing table to exclude LAN addresses. This can easily be done using the RTN_THROW route type. But then once the throw routes are in place, we can't actually reach the internal Mulvad address space, so we need to add unicast routes back too. There is a bunch of duplicated work between the throw and unicast routes though. So it still results in an ugly looking routing table. * Move LAN exclusion setup down into the daemon * Remove setupWireguardRoutingTable - it's no longer necessary * Remove iOS special casing in getAllowedIPAddressRanges() * Windows/MacOS: Default routes are handled by excludeLocalAddresses now * Add rough implementation for MacOS too * We don't need to queue routes anymore for ifup * Implement LAN exclusions properly for Windows * Remove old exclusion route API from WireguardUtils * Add Windows firewall setup for LAN bypass too * Compute combined route metric when comparing windows routes * Create windows route monitor dynamically on up/down * Add route capturing to WindowsRouteMonitor This attempts to make up for the lack of policy-based routing on Windows by interactively updating the routing table to force non-local traffic into the VPN tunnel. The gist of the algorithm being deployed here is to dump the routing table, and then dynamically duplicate any routes which might try to leak traffic but with a lower metric to force it back into the VPN anyways. * Don't attempt to exclude non-routeable addresses * Implement excludeLocalNetworks for mock daemon. * Remove duplicate inclusion of daemon.cpp and friends on Linux
- Loading branch information
Showing
19 changed files
with
548 additions
and
261 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.