summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--talpid-core/src/firewall/macos/mod.rs7
1 files changed, 7 insertions, 0 deletions
diff --git a/talpid-core/src/firewall/macos/mod.rs b/talpid-core/src/firewall/macos/mod.rs
index d92c66fe08..9065a607d6 100644
--- a/talpid-core/src/firewall/macos/mod.rs
+++ b/talpid-core/src/firewall/macos/mod.rs
@@ -51,6 +51,7 @@ impl Firewall<Error> for PacketFilter {
self.remove_rules(),
self.remove_anchor(),
self.restore_state(),
+ self.restore_dns(),
].into_iter()
.collect::<Result<Vec<_>>>()
.map(|_| ())
@@ -87,6 +88,8 @@ impl PacketFilter {
Ok(vec![Self::get_allow_relay_rule(relay_endpoint)?])
}
SecurityPolicy::Connected(relay_endpoint, tunnel) => {
+ self.dns_monitor.set_dns(vec![tunnel.gateway.to_string()])?;
+
let allow_tcp_dns_to_relay_rule = pfctl::FilterRuleBuilder::default()
.action(pfctl::FilterRuleAction::Pass)
.direction(pfctl::Direction::Out)
@@ -215,6 +218,10 @@ impl PacketFilter {
}
}
+ fn restore_dns(&self) -> Result<()> {
+ Ok(self.dns_monitor.reset()?)
+ }
+
fn add_anchor(&mut self) -> Result<()> {
self.pf
.try_add_anchor(ANCHOR_NAME, pfctl::AnchorKind::Filter)?;
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.