From 96e5d80a3e8c2b874b321bc5918971f8ea63d2c6 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Thu, 17 Jun 2021 22:54:59 +0200
Subject: tunnel: support turning off automatic routing table

This supports the familiar "Table = off" syntax as on Linux, and then
interprets other valid values as simply "on".

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 tunnel/addressconfig.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'tunnel/addressconfig.go')

diff --git a/tunnel/addressconfig.go b/tunnel/addressconfig.go
index 44bfd8ae..0dec95d0 100644
--- a/tunnel/addressconfig.go
+++ b/tunnel/addressconfig.go
@@ -138,9 +138,11 @@ func configureInterface(family winipcfg.AddressFamily, conf *conf.Config, tun *t
 		deduplicatedRoutes = append(deduplicatedRoutes, &routes[i])
 	}
 
-	err = luid.SetRoutesForFamily(family, deduplicatedRoutes)
-	if err != nil {
-		return err
+	if !conf.Interface.TableOff {
+		err = luid.SetRoutesForFamily(family, deduplicatedRoutes)
+		if err != nil {
+			return err
+		}
 	}
 
 	ipif, err := luid.IPInterface(family)
@@ -174,7 +176,7 @@ func configureInterface(family winipcfg.AddressFamily, conf *conf.Config, tun *t
 
 func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error {
 	doNotRestrict := true
-	if len(conf.Peers) == 1 {
+	if len(conf.Peers) == 1 && !conf.Interface.TableOff {
 	nextallowedip:
 		for _, allowedip := range conf.Peers[0].AllowedIPs {
 			if allowedip.Cidr == 0 {
-- 
cgit v1.2.3-59-g8ed1b