diff options
-rw-r--r-- | tunnel/ifaceconfig.go | 12 | ||||
-rw-r--r-- | tunnel/service.go | 6 |
2 files changed, 17 insertions, 1 deletions
diff --git a/tunnel/ifaceconfig.go b/tunnel/ifaceconfig.go index 453d4ca5..b993d739 100644 --- a/tunnel/ifaceconfig.go +++ b/tunnel/ifaceconfig.go @@ -197,6 +197,18 @@ func configureInterface(conf *conf.Config, tun *tun.NativeTun) error { return nil } +func unconfigureInterface(tun *tun.NativeTun) { + // It seems that the Windows networking stack doesn't like it when we destroy interfaces that have active + // routes, so to be certain, just remove everything before destroying. + luid := tun.LUID() + winipcfg.FlushInterfaceRoutes(luid, windows.AF_INET) + winipcfg.FlushInterfaceIPAddresses(luid, windows.AF_INET) + winipcfg.FlushInterfaceRoutes(luid, windows.AF_INET6) + winipcfg.FlushInterfaceIPAddresses(luid, windows.AF_INET6) + + //TODO: also flush DNS servers once rozmansi fixes the API for that to take a LUID +} + func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error { restrictAll := false if len(conf.Peers) == 1 { diff --git a/tunnel/service.go b/tunnel/service.go index e93a2c40..ef947ba5 100644 --- a/tunnel/service.go +++ b/tunnel/service.go @@ -39,6 +39,7 @@ func (service *Service) Execute(args []string, r <-chan svc.ChangeRequest, chang var dev *device.Device var uapi net.Listener var routeChangeCallback *winipcfg.RouteChangeCallback + var nativeTun *tun.NativeTun var err error serviceError := services.ErrorSuccess @@ -85,6 +86,9 @@ func (service *Service) Execute(args []string, r <-chan svc.ChangeRequest, chang if routeChangeCallback != nil { routeChangeCallback.Unregister() } + if nativeTun != nil { + unconfigureInterface(nativeTun) + } if uapi != nil { uapi.Close() } @@ -142,7 +146,7 @@ func (service *Service) Execute(args []string, r <-chan svc.ChangeRequest, chang return } conf.Name = realInterfaceName - nativeTun := wintun.(*tun.NativeTun) + nativeTun = wintun.(*tun.NativeTun) log.Println("Enabling firewall rules") err = enableFirewall(conf, nativeTun) |