Config tweaking.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
f6fc8cd9bd
commit
41f9a64d9f
|
@ -233,10 +233,6 @@ extension AppCoordinator: TunnelConfigurationTableViewControllerDelegate {
|
||||||
let protocolConfiguration = NETunnelProviderProtocol()
|
let protocolConfiguration = NETunnelProviderProtocol()
|
||||||
protocolConfiguration.providerBundleIdentifier = VPNBUNDLE
|
protocolConfiguration.providerBundleIdentifier = VPNBUNDLE
|
||||||
protocolConfiguration.serverAddress = (tunnel.peers?.array as? [Peer])?.compactMap { $0.endpoint}.joined(separator: ", ")
|
protocolConfiguration.serverAddress = (tunnel.peers?.array as? [Peer])?.compactMap { $0.endpoint}.joined(separator: ", ")
|
||||||
//TODO obtain endpoint username
|
|
||||||
// protocolConfiguration.username = endpoint.username
|
|
||||||
//TODO: how to obtain this?
|
|
||||||
// protocolConfiguration.passwordReference = try? keychain.passwordReference(for: endpoint.username)
|
|
||||||
protocolConfiguration.providerConfiguration = tunnel.generateProviderConfiguration()
|
protocolConfiguration.providerConfiguration = tunnel.generateProviderConfiguration()
|
||||||
|
|
||||||
manager.protocolConfiguration = protocolConfiguration
|
manager.protocolConfiguration = protocolConfiguration
|
||||||
|
|
|
@ -17,7 +17,7 @@ extension Tunnel {
|
||||||
providerConfiguration[PCKeys.endpoints.rawValue] = peers?.array.compactMap {($0 as? Peer)?.endpoint}.joined(separator: ", ")
|
providerConfiguration[PCKeys.endpoints.rawValue] = peers?.array.compactMap {($0 as? Peer)?.endpoint}.joined(separator: ", ")
|
||||||
providerConfiguration[PCKeys.dns.rawValue] = interface?.dns
|
providerConfiguration[PCKeys.dns.rawValue] = interface?.dns
|
||||||
providerConfiguration[PCKeys.addresses.rawValue] = interface?.addresses
|
providerConfiguration[PCKeys.addresses.rawValue] = interface?.addresses
|
||||||
if let mtu = interface?.mtu {
|
if let mtu = interface?.mtu, mtu > 0 {
|
||||||
providerConfiguration[PCKeys.mtu.rawValue] = NSNumber(value: mtu)
|
providerConfiguration[PCKeys.mtu.rawValue] = NSNumber(value: mtu)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -38,26 +38,33 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
|
||||||
|
|
||||||
if wireGuardWrapper.turnOn(withInterfaceName: interfaceName, settingsString: settings) {
|
if wireGuardWrapper.turnOn(withInterfaceName: interfaceName, settingsString: settings) {
|
||||||
// Success
|
// Success
|
||||||
//TODO obtain network config from WireGuard config or remote.
|
//TODO: Hardcoded values for addresses
|
||||||
// route all traffic to VPN
|
let ipv4Settings = NEIPv4Settings(addresses: ["10.50.10.171"], subnetMasks: ["255.255.224.0"])
|
||||||
let defaultRoute = NEIPv4Route.default()
|
//TODO: Hardcoded values for allowed ips
|
||||||
// defaultRoute.gatewayAddress = gateway
|
ipv4Settings.includedRoutes = [NEIPv4Route(destinationAddress: "0.0.0.0", subnetMask: "0.0.0.0")]
|
||||||
|
ipv4Settings.excludedRoutes = endpoints.split(separator: ",").compactMap { $0.split(separator: ":").first}.map {NEIPv4Route(destinationAddress: String($0), subnetMask: "255.255.255.255")}
|
||||||
let ipv4Settings = NEIPv4Settings(addresses: ["149.248.160.60"], subnetMasks: ["255.255.255.255"])
|
|
||||||
ipv4Settings.includedRoutes = [defaultRoute]
|
|
||||||
ipv4Settings.excludedRoutes = []
|
|
||||||
|
|
||||||
// let dnsSettings = NEDNSSettings(servers: dnsServers)
|
|
||||||
|
|
||||||
|
//TODO IPv6 settings
|
||||||
let newSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "149.248.160.60")
|
let newSettings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "149.248.160.60")
|
||||||
newSettings.ipv4Settings = ipv4Settings
|
newSettings.ipv4Settings = ipv4Settings
|
||||||
// newSettings.dnsSettings = dnsSettings
|
newSettings.tunnelOverheadBytes = 80
|
||||||
// newSettings.mtu = cfg.mtu
|
if let dns = config.providerConfiguration?["dns"] as? String {
|
||||||
|
var splitDnsEntries = dns.split(separator: ",").map {String($0)}
|
||||||
|
let dnsSettings = NEDNSSettings(servers: splitDnsEntries)
|
||||||
|
newSettings.dnsSettings = dnsSettings
|
||||||
|
}
|
||||||
|
if let mtu = mtu {
|
||||||
|
newSettings.mtu = mtu
|
||||||
|
}
|
||||||
|
|
||||||
setTunnelNetworkSettings(newSettings, completionHandler: completionHandler)
|
setTunnelNetworkSettings(newSettings) { [weak self](error) in
|
||||||
|
completionHandler(error)
|
||||||
|
self?.wireGuardWrapper.configured = true
|
||||||
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
completionHandler(PacketTunnelProviderError.tunnelSetupFailed)
|
completionHandler(PacketTunnelProviderError.tunnelSetupFailed)
|
||||||
|
wireGuardWrapper.configured = false
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue