Set as default gateway based on routing policies

Also fix IPv6 routes not properly set.
2019-04-25 13:57:41 +02:00 · 2019-04-25 13:57:41 +02:00 · f9f642b64e
parent 224a76ac58
commit f9f642b64e
2 changed files with 21 additions and 12 deletions
--- a/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift
+++ b/TunnelKit/Sources/AppExtension/TunnelKitProvider.swift
@ -492,7 +492,7 @@ extension TunnelKitProvider: SessionProxyDelegate {
            }
        }

-        bringNetworkUp(remoteAddress: remoteAddress, reply: reply) { (error) in
+        bringNetworkUp(remoteAddress: remoteAddress, configuration: proxy.configuration, reply: reply) { (error) in
            if let error = error {
                log.error("Failed to configure tunnel: \(error)")
                self.pendingStartHandler?(error)
@ -523,15 +523,18 @@ extension TunnelKitProvider: SessionProxyDelegate {
        socket?.shutdown()
    }
    
-    private func bringNetworkUp(remoteAddress: String, reply: SessionReply, completionHandler: @escaping (Error?) -> Void) {
-        
-        // route all traffic to VPN
+    private func bringNetworkUp(remoteAddress: String, configuration: SessionProxy.Configuration, reply: SessionReply, completionHandler: @escaping (Error?) -> Void) {
        var ipv4Settings: NEIPv4Settings?
        if let ipv4 = reply.options.ipv4 {
-            let defaultRoute = NEIPv4Route.default()
-            defaultRoute.gatewayAddress = ipv4.defaultGateway
+            var routes: [NEIPv4Route] = []
+
+            // route all traffic to VPN?
+            if configuration.routingPolicies?.contains(.IPv4) ?? false {
+                let defaultRoute = NEIPv4Route.default()
+                defaultRoute.gatewayAddress = ipv4.defaultGateway
+                routes.append(defaultRoute)
+            }
            
-            var routes: [NEIPv4Route] = [defaultRoute]
            for r in ipv4.routes {
                let ipv4Route = NEIPv4Route(destinationAddress: r.destination, subnetMask: r.mask)
                ipv4Route.gatewayAddress = r.gateway
@ -545,10 +548,15 @@ extension TunnelKitProvider: SessionProxyDelegate {

        var ipv6Settings: NEIPv6Settings?
        if let ipv6 = reply.options.ipv6 {
-            let defaultRoute = NEIPv6Route.default()
-            defaultRoute.gatewayAddress = ipv6.defaultGateway
+            var routes: [NEIPv6Route] = []
+
+            // route all traffic to VPN?
+            if configuration.routingPolicies?.contains(.IPv6) ?? false {
+                let defaultRoute = NEIPv6Route.default()
+                defaultRoute.gatewayAddress = ipv6.defaultGateway
+                routes.append(defaultRoute)
+            }

-            var routes: [NEIPv6Route] = [defaultRoute]
            for r in ipv6.routes {
                let ipv6Route = NEIPv6Route(destinationAddress: r.destination, networkPrefixLength: r.prefixLength as NSNumber)
                ipv6Route.gatewayAddress = r.gateway
@ -556,7 +564,7 @@ extension TunnelKitProvider: SessionProxyDelegate {
            }

            ipv6Settings = NEIPv6Settings(addresses: [ipv6.address], networkPrefixLengths: [ipv6.addressPrefixLength as NSNumber])
-            ipv6Settings?.includedRoutes = [defaultRoute]
+            ipv6Settings?.includedRoutes = routes
            ipv6Settings?.excludedRoutes = []
        }
        
--- a/TunnelKit/Sources/Core/SessionProxy.swift
+++ b/TunnelKit/Sources/Core/SessionProxy.swift
@ -79,7 +79,8 @@ public class SessionProxy {
    
    // MARK: Configuration
    
-    private let configuration: Configuration
+    /// The session base configuration.
+    public let configuration: Configuration
    
    /// The optional credentials.
    public var credentials: Credentials?