diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-05-17 04:07:11 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-05-17 04:08:53 +0200 |
commit | 1f10a561013ae5a1d88cbfc8b69aff2077936feb (patch) | |
tree | 2ffbac61b165e91ff9cd8769dcc6f04b54bf695b | |
parent | wg-quick: darwin: sometimes there are no network services (diff) | |
download | wireguard-monolithic-historical-1f10a561013ae5a1d88cbfc8b69aff2077936feb.tar.xz wireguard-monolithic-historical-1f10a561013ae5a1d88cbfc8b69aff2077936feb.zip |
wg-quick: darwin: avoid routing loop if no default
-rwxr-xr-x | src/tools/wg-quick/darwin.bash | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/tools/wg-quick/darwin.bash b/src/tools/wg-quick/darwin.bash index dfdd54e..0edf2fe 100755 --- a/src/tools/wg-quick/darwin.bash +++ b/src/tools/wg-quick/darwin.bash @@ -211,9 +211,9 @@ set_endpoint_direct_route() { for endpoint in "${old_endpoints[@]}"; do [[ $remove_all_old -eq 0 && " ${ENDPOINTS[*]} " == *" $endpoint "* ]] && continue - if [[ $endpoint == *:* ]]; then + if [[ $endpoint == *:* && $AUTO_ROUTE6 -eq 1 ]]; then cmd route -q delete -inet6 "$endpoint" >/dev/null 2>&1 || true - else + elif [[ $AUTO_ROUTE4 -eq 1 ]]; then cmd route -q delete -inet "$endpoint" >/dev/null 2>&1 || true fi done @@ -223,11 +223,21 @@ set_endpoint_direct_route() { added+=( "$endpoint" ) continue fi - if [[ $endpoint == *:* && -n $GATEWAY6 ]]; then - cmd route -q add -inet6 "$endpoint" -gateway "$GATEWAY6" >/dev/null || true + if [[ $endpoint == *:* && $AUTO_ROUTE6 -eq 1 ]]; then + if [[ -n $GATEWAY6 ]]; then + cmd route -q add -inet6 "$endpoint" -gateway "$GATEWAY6" >/dev/null || true + else + # Prevent routing loop + cmd route -q add -inet6 "$endpoint" ::1 -blackhole >/dev/null || true + fi added+=( "$endpoint" ) - elif [[ -n $GATEWAY4 ]]; then - cmd route -q add -inet "$endpoint" -gateway "$GATEWAY4" >/dev/null || true + elif [[ $AUTO_ROUTE4 -eq 1 ]]; then + if [[ -n $GATEWAY4 ]]; then + cmd route -q add -inet "$endpoint" -gateway "$GATEWAY4" >/dev/null || true + else + # Prevent routing loop + cmd route -q add -inet "$endpoint" 127.0.0.1 -blackhole >/dev/null || true + fi added+=( "$endpoint" ) fi done |