diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-06-17 22:54:59 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-06-18 11:39:38 +0200 |
commit | 96e5d80a3e8c2b874b321bc5918971f8ea63d2c6 (patch) | |
tree | 71ca822435f2f0941b9969a9583cd1d07320f6a3 /ui | |
parent | global: go fmt for 1.17 build tags (diff) | |
download | wireguard-windows-96e5d80a3e8c2b874b321bc5918971f8ea63d2c6.tar.xz wireguard-windows-96e5d80a3e8c2b874b321bc5918971f8ea63d2c6.zip |
tunnel: support turning off automatic routing table
This supports the familiar "Table = off" syntax as on Linux, and then
interprets other valid values as simply "on".
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'ui')
-rw-r--r-- | ui/confview.go | 8 | ||||
-rw-r--r-- | ui/editdialog.go | 2 | ||||
-rw-r--r-- | ui/syntax/highlighter.go | 10 | ||||
-rw-r--r-- | ui/syntax/syntaxedit.go | 14 |
4 files changed, 30 insertions, 4 deletions
diff --git a/ui/confview.go b/ui/confview.go index cc3bcad9..3d16f38f 100644 --- a/ui/confview.go +++ b/ui/confview.go @@ -51,6 +51,7 @@ type interfaceView struct { addresses *labelTextLine dns *labelTextLine scripts *labelTextLine + table *labelTextLine toggleActive *toggleActiveLine lines []widgetsLine } @@ -307,6 +308,7 @@ func newInterfaceView(parent walk.Container) (*interfaceView, error) { {l18n.Sprintf("Addresses:"), &iv.addresses}, {l18n.Sprintf("DNS servers:"), &iv.dns}, {l18n.Sprintf("Scripts:"), &iv.scripts}, + {l18n.Sprintf("Table:"), &iv.table}, } if iv.lines, err = createLabelTextLines(items, parent, &disposables); err != nil { return nil, err @@ -427,6 +429,12 @@ func (iv *interfaceView) apply(c *conf.Interface) { } else { iv.scripts.hide() } + + if c.TableOff { + iv.table.show(l18n.Sprintf("off")) + } else { + iv.table.hide() + } } func (pv *peerView) widgetsLines() []widgetsLine { diff --git a/ui/editdialog.go b/ui/editdialog.go index 71b71150..3b1521ff 100644 --- a/ui/editdialog.go +++ b/ui/editdialog.go @@ -129,7 +129,7 @@ func newEditDialog(owner walk.Form, tunnel *manager.Tunnel) (*EditDialog, error) return nil, err } dlg.blockUntunneledTrafficCB.SetText(l18n.Sprintf("&Block untunneled traffic (kill-switch)")) - dlg.blockUntunneledTrafficCB.SetToolTipText(l18n.Sprintf("When a configuration has exactly one peer, and that peer has an allowed IPs containing at least one of 0.0.0.0/0 or ::/0, then the tunnel service engages a firewall ruleset to block all traffic that is neither to nor from the tunnel interface or is to the wrong DNS server, with special exceptions for DHCP and NDP.")) + dlg.blockUntunneledTrafficCB.SetToolTipText(l18n.Sprintf("When a configuration has exactly one peer, and that peer has an allowed IPs containing at least one of 0.0.0.0/0 or ::/0, and the interface does not have table off, then the tunnel service engages a firewall ruleset to block all traffic that is neither to nor from the tunnel interface or is to the wrong DNS server, with special exceptions for DHCP and NDP.")) dlg.blockUntunneledTrafficCB.SetVisible(false) dlg.blockUntunneledTrafficCB.CheckedChanged().Attach(dlg.onBlockUntunneledTrafficCBCheckedChanged) diff --git a/ui/syntax/highlighter.go b/ui/syntax/highlighter.go index d49cab32..a531854b 100644 --- a/ui/syntax/highlighter.go +++ b/ui/syntax/highlighter.go @@ -26,6 +26,7 @@ const ( highlightKeepalive highlightComment highlightDelimiter + highlightTable highlightCmd highlightError ) @@ -256,6 +257,10 @@ func (s stringSpan) isValidMTU() bool { return s.isValidUint(false, 576, 65535) } +func (s stringSpan) isValidTable() bool { + return s.isSame("off") || s.isSame("auto") || s.isSame("main") || s.isValidUint(false, 0, (1<<32)-1) +} + func (s stringSpan) isValidPersistentKeepAlive() bool { if s.isSame("off") { return true @@ -360,6 +365,7 @@ const ( fieldAddress fieldDNS fieldMTU + fieldTable fieldPreUp fieldPostUp fieldPreDown @@ -395,6 +401,8 @@ func (s stringSpan) field() field { return fieldDNS case s.isCaselessSame("MTU"): return fieldMTU + case s.isCaselessSame("Table"): + return fieldTable case s.isCaselessSame("PublicKey"): return fieldPublicKey case s.isCaselessSame("PresharedKey"): @@ -508,6 +516,8 @@ func (hsa *highlightSpanArray) highlightValue(parent stringSpan, s stringSpan, s hsa.append(parent.s, s, validateHighlight(s.isValidKey(), highlightPresharedKey)) case fieldMTU: hsa.append(parent.s, s, validateHighlight(s.isValidMTU(), highlightMTU)) + case fieldTable: + hsa.append(parent.s, s, validateHighlight(s.isValidTable(), highlightTable)) case fieldPreUp, fieldPostUp, fieldPreDown, fieldPostDown: hsa.append(parent.s, s, validateHighlight(s.isValidPrePostUpDown(), highlightCmd)) case fieldListenPort: diff --git a/ui/syntax/syntaxedit.go b/ui/syntax/syntaxedit.go index 26cd533f..42f6e7b7 100644 --- a/ui/syntax/syntaxedit.go +++ b/ui/syntax/syntaxedit.go @@ -100,6 +100,7 @@ var stylemap = map[highlight]spanStyle{ highlightHost: spanStyle{color: win.RGB(0x0E, 0x0E, 0xFF)}, highlightPort: spanStyle{color: win.RGB(0x81, 0x5F, 0x03)}, highlightMTU: spanStyle{color: win.RGB(0x1C, 0x00, 0xCF)}, + highlightTable: spanStyle{color: win.RGB(0x1C, 0x00, 0xCF)}, highlightKeepalive: spanStyle{color: win.RGB(0x1C, 0x00, 0xCF)}, highlightComment: spanStyle{color: win.RGB(0x53, 0x65, 0x79), effects: win.CFE_ITALIC}, highlightDelimiter: spanStyle{color: win.RGB(0x00, 0x00, 0x00)}, @@ -110,6 +111,8 @@ var stylemap = map[highlight]spanStyle{ func (se *SyntaxEdit) evaluateUntunneledBlocking(cfg string, spans []highlightSpan) { state := InevaluableBlockingUntunneledTraffic var onAllowedIPs, + onTable, + tableOff, seenPeer, seen00v6, seen00v4, @@ -132,10 +135,13 @@ func (se *SyntaxEdit) evaluateUntunneledBlocking(cfg string, spans []highlightSp } else { goto done } - break case highlightField: onAllowedIPs = strings.EqualFold(cfg[span.s:span.s+span.len], "AllowedIPs") - break + onTable = strings.EqualFold(cfg[span.s:span.s+span.len], "Table") + case highlightTable: + if onTable { + tableOff = cfg[span.s:span.s+span.len] == "off" + } case highlightIP: if !onAllowedIPs || !seenPeer { break @@ -166,9 +172,11 @@ func (se *SyntaxEdit) evaluateUntunneledBlocking(cfg string, spans []highlightSp seen80001v6 = true } } - break } } + if tableOff { + return + } if seen00v4 || seen00v6 { state = BlockingUntunneledTraffic |