summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorDavid Lönnhager <david.l@mullvad.net>2025-07-15 13:27:24 +0200
committerDavid Lönnhager <david.l@mullvad.net>2025-07-15 13:27:24 +0200
commitbe6324ca93855e371c380b4313c849d879306682 (patch)
treecbb04323c72308351556f9a0da124deb8df7b7f4
parente6e985f38a0138b4c234974e8c1b9f00380583d4 (diff)
parenta3a6a6d8e4749d1b83540e8d276a269783e65544 (diff)
downloadmullvadvpn-be6324ca93855e371c380b4313c849d879306682.tar.xz
mullvadvpn-be6324ca93855e371c380b4313c849d879306682.zip
Merge branch 'macos-fix-pq-timeout'
Diffstat
-rw-r--r--talpid-core/src/firewall/macos.rs14
1 files changed, 4 insertions, 10 deletions
diff --git a/talpid-core/src/firewall/macos.rs b/talpid-core/src/firewall/macos.rs
index fafc5dcddb..d8bf5a5136 100644
--- a/talpid-core/src/firewall/macos.rs
+++ b/talpid-core/src/firewall/macos.rs
@@ -1,7 +1,5 @@
use std::env;
use std::io;
-use std::net::Ipv6Addr;
-use std::net::SocketAddr;
use std::net::{IpAddr, Ipv4Addr};
use std::ptr;
use std::sync::LazyLock;
@@ -146,14 +144,10 @@ impl Firewall {
}
// Socket addresses for Multicast DNS.
- let mdns_port = 5353;
- let mdns_addrs = [
- SocketAddr::from((Ipv4Addr::new(224, 0, 0, 251), mdns_port)),
- SocketAddr::from((Ipv6Addr::new(0xff02, 0, 0, 0, 0, 0, 0, 0xfb), mdns_port)),
- ];
-
- if mdns_addrs.contains(&remote_address) {
- // Ignore MDNS states. PQ *seems* to timeout if these states are flushed.
+ const MDNS_PORT: u16 = 5353;
+ if remote_address.port() == MDNS_PORT {
+ // Blocking mDNS sometimes causes the tunnel to fail. Seemingly by interferring with
+ // configd, mDNSResponder, or another macOS service.
return Ok(false);
}
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.