Fix IPv6 routing when there is no non-tunnel default route, which caused it to use the next rule

author: David Lönnhager <david.l@mullvad.net> 2020-11-19 15:42:36 +0100
committer: David Lönnhager <david.l@mullvad.net> 2020-11-24 12:29:47 +0100
commit: 5229756084b3288474351bca277e9f530465afba (patch)
tree: 52e2716bc96f1533f4def7a9077cbb101f5fb857
parent: b3bf892256b2334aac70b3714e9fb0aa6dac51cb (diff)
download: mullvadvpn-5229756084b3288474351bca277e9f530465afba.tar.xz
mullvadvpn-5229756084b3288474351bca277e9f530465afba.zip
1 files changed, 11 insertions, 3 deletions
diff --git a/talpid-core/src/routing/linux.rs b/talpid-core/src/routing/linux.rs
index de5313f20e..7329e4b70e 100644
--- a/talpid-core/src/routing/linux.rs
+++ b/talpid-core/src/routing/linux.rs
@@ -13,7 +13,7 @@ use futures::{channel::mpsc::UnboundedReceiver, future::FutureExt, StreamExt, Tr
 use ipnetwork::IpNetwork;
 use lazy_static::lazy_static;
 use netlink_packet_route::{
-    constants::{ARPHRD_LOOPBACK, FIB_RULE_INVERT, FR_ACT_TO_TBL},
+    constants::{ARPHRD_LOOPBACK, FIB_RULE_INVERT, FR_ACT_TO_TBL, FR_ACT_UNREACHABLE},
     link::{nlas::Nla as LinkNla, LinkMessage},
     route::{nlas::Nla as RouteNla, RouteHeader, RouteMessage},
     rtnl::{
@@ -69,6 +69,14 @@ lazy_static! {
         v6_rule.header.family = AF_INET6 as u8;
         v6_rule
     };
+    static ref PROHIBIT_NON_DEFAULT_V6: RuleMessage = RuleMessage {
+        header: RuleHeader {
+            family: AF_INET6 as u8,
+            action: FR_ACT_UNREACHABLE,
+            ..RuleHeader::default()
+        },
+        nlas: vec![RuleNla::FwMark(split_tunnel::MARK as u32),],
+    };
     static ref EXCLUSIONS_RULE_V4: RuleMessage = RuleMessage {
         header: RuleHeader {
             family: AF_INET as u8,
@@ -85,12 +93,12 @@ lazy_static! {
         v6_rule.header.family = AF_INET6 as u8;
         v6_rule
     };
-
-    static ref ALL_RULES: [&'static RuleMessage; 6] = [
+    static ref ALL_RULES: [&'static RuleMessage; 7] = [
         &*NO_FWMARK_RULE_V4,
         &*NO_FWMARK_RULE_V6,
         &*SUPPRESS_RULE_V4,
         &*SUPPRESS_RULE_V6,
+        &*PROHIBIT_NON_DEFAULT_V6,
         &*EXCLUSIONS_RULE_V4,
         &*EXCLUSIONS_RULE_V6,
     ];
author	David Lönnhager <david.l@mullvad.net>	2020-11-19 15:42:36 +0100
committer	David Lönnhager <david.l@mullvad.net>	2020-11-24 12:29:47 +0100
commit	5229756084b3288474351bca277e9f530465afba (patch)
tree	52e2716bc96f1533f4def7a9077cbb101f5fb857
parent	b3bf892256b2334aac70b3714e9fb0aa6dac51cb (diff)
download	mullvadvpn-5229756084b3288474351bca277e9f530465afba.tar.xz mullvadvpn-5229756084b3288474351bca277e9f530465afba.zip