bolt more stuff onto tun to help auto-assign snat addresses

2026-04-03 15:35:19 +02:00 · 2026-02-17 13:09:31 -06:00
parent 83744a106d
commit 1cc257f997
17 changed files with 267 additions and 136 deletions
--- a/overlay/tun_ios.go
+++ b/overlay/tun_ios.go
@@ -22,20 +22,22 @@ import (

 type tun struct {
 	io.ReadWriteCloser
-	vpnNetworks []netip.Prefix
-	Routes      atomic.Pointer[[]Route]
-	routeTree   atomic.Pointer[bart.Table[routing.Gateways]]
-	l           *logrus.Logger
+	vpnNetworks    []netip.Prefix
+	unsafeNetworks []netip.Prefix
+	Routes         atomic.Pointer[[]Route]
+	routeTree      atomic.Pointer[bart.Table[routing.Gateways]]
+	l              *logrus.Logger
 }

 func newTun(_ *config.C, _ *logrus.Logger, _ []netip.Prefix, _ []netip.Prefix, _ bool) (*tun, error) {
 	return nil, fmt.Errorf("newTun not supported in iOS")
 }

-func newTunFromFd(c *config.C, l *logrus.Logger, deviceFd int, vpnNetworks []netip.Prefix, _ []netip.Prefix) (*tun, error) {
+func newTunFromFd(c *config.C, l *logrus.Logger, deviceFd int, vpnNetworks []netip.Prefix, unsafeNetworks []netip.Prefix) (*tun, error) {
 	file := os.NewFile(uintptr(deviceFd), "/dev/tun")
 	t := &tun{
 		vpnNetworks:     vpnNetworks,
+		unsafeNetworks:  unsafeNetworks,
 		ReadWriteCloser: &tunReadCloser{f: file},
 		l:               l,
 	}
@@ -147,6 +149,14 @@ func (t *tun) Networks() []netip.Prefix {
 	return t.vpnNetworks
 }

+func (t *tun) UnsafeNetworks() []netip.Prefix {
+	return t.unsafeNetworks
+}
+
+func (t *tun) SNATAddress() netip.Prefix {
+	return t.snatAddr
+}
+
 func (t *tun) Name() string {
 	return "iOS"
 }