diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-22 11:46:41 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-22 15:26:54 +0200 |
commit | a9493cefc61c968bc1cdf29f399417ce035b1aaf (patch) | |
tree | 2ad5f68d509a1dbce4c886fb5471b3a3e1d5d729 /tunnel | |
parent | manager: fix error string find and replace mistake (diff) | |
download | wireguard-windows-a9493cefc61c968bc1cdf29f399417ce035b1aaf.tar.xz wireguard-windows-a9493cefc61c968bc1cdf29f399417ce035b1aaf.zip |
tunnel: remove routes before destroying interface
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'tunnel')
-rw-r--r-- | tunnel/ifaceconfig.go | 12 | ||||
-rw-r--r-- | tunnel/service.go | 6 |
2 files changed, 17 insertions, 1 deletions
diff --git a/tunnel/ifaceconfig.go b/tunnel/ifaceconfig.go index 453d4ca5..b993d739 100644 --- a/tunnel/ifaceconfig.go +++ b/tunnel/ifaceconfig.go @@ -197,6 +197,18 @@ func configureInterface(conf *conf.Config, tun *tun.NativeTun) error { return nil } +func unconfigureInterface(tun *tun.NativeTun) { + // It seems that the Windows networking stack doesn't like it when we destroy interfaces that have active + // routes, so to be certain, just remove everything before destroying. + luid := tun.LUID() + winipcfg.FlushInterfaceRoutes(luid, windows.AF_INET) + winipcfg.FlushInterfaceIPAddresses(luid, windows.AF_INET) + winipcfg.FlushInterfaceRoutes(luid, windows.AF_INET6) + winipcfg.FlushInterfaceIPAddresses(luid, windows.AF_INET6) + + //TODO: also flush DNS servers once rozmansi fixes the API for that to take a LUID +} + func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error { restrictAll := false if len(conf.Peers) == 1 { diff --git a/tunnel/service.go b/tunnel/service.go index e93a2c40..ef947ba5 100644 --- a/tunnel/service.go +++ b/tunnel/service.go @@ -39,6 +39,7 @@ func (service *Service) Execute(args []string, r <-chan svc.ChangeRequest, chang var dev *device.Device var uapi net.Listener var routeChangeCallback *winipcfg.RouteChangeCallback + var nativeTun *tun.NativeTun var err error serviceError := services.ErrorSuccess @@ -85,6 +86,9 @@ func (service *Service) Execute(args []string, r <-chan svc.ChangeRequest, chang if routeChangeCallback != nil { routeChangeCallback.Unregister() } + if nativeTun != nil { + unconfigureInterface(nativeTun) + } if uapi != nil { uapi.Close() } @@ -142,7 +146,7 @@ func (service *Service) Execute(args []string, r <-chan svc.ChangeRequest, chang return } conf.Name = realInterfaceName - nativeTun := wintun.(*tun.NativeTun) + nativeTun = wintun.(*tun.NativeTun) log.Println("Enabling firewall rules") err = enableFirewall(conf, nativeTun) |