bolt more stuff onto tun to help auto-assign snat addresses

2026-04-03 12:55:17 +02:00 · 2026-02-17 13:09:31 -06:00
parent 83744a106d
commit 1cc257f997
17 changed files with 267 additions and 136 deletions
--- a/overlay/tun_android.go
+++ b/overlay/tun_android.go
@@ -19,14 +19,15 @@ import (

 type tun struct {
 	io.ReadWriteCloser
-	fd          int
-	vpnNetworks []netip.Prefix
-	Routes      atomic.Pointer[[]Route]
-	routeTree   atomic.Pointer[bart.Table[routing.Gateways]]
-	l           *logrus.Logger
+	fd             int
+	vpnNetworks    []netip.Prefix
+	unsafeNetworks []netip.Prefix
+	Routes         atomic.Pointer[[]Route]
+	routeTree      atomic.Pointer[bart.Table[routing.Gateways]]
+	l              *logrus.Logger
 }

-func newTunFromFd(c *config.C, l *logrus.Logger, deviceFd int, vpnNetworks []netip.Prefix, _ []netip.Prefix) (*tun, error) {
+func newTunFromFd(c *config.C, l *logrus.Logger, deviceFd int, vpnNetworks []netip.Prefix, unsafeNetworks []netip.Prefix) (*tun, error) {
 	// XXX Android returns an fd in non-blocking mode which is necessary for shutdown to work properly.
 	// Be sure not to call file.Fd() as it will set the fd to blocking mode.
 	file := os.NewFile(uintptr(deviceFd), "/dev/net/tun")
@@ -35,6 +36,7 @@ func newTunFromFd(c *config.C, l *logrus.Logger, deviceFd int, vpnNetworks []net
 		ReadWriteCloser: file,
 		fd:              deviceFd,
 		vpnNetworks:     vpnNetworks,
+		unsafeNetworks:  unsafeNetworks,
 		l:               l,
 	}

@@ -91,6 +93,10 @@ func (t *tun) Networks() []netip.Prefix {
 	return t.vpnNetworks
 }

+func (t *tun) UnsafeNetworks() []netip.Prefix {
+	return t.UnsafeNetworks()
+}
+
 func (t *tun) Name() string {
 	return "android"
 }