From d1d0f6d16f5fd401071e83c0636d2cf0262188f2 Mon Sep 17 00:00:00 2001 From: mzz <2017@duck.com> Date: Tue, 2 Jan 2024 20:02:00 +0800 Subject: [PATCH] fix: ip rule is not added when only binding to wan (#399) --- control/control_plane.go | 9 ++++++--- docs/en/README.md | 2 +- example.dae | 3 +++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/control/control_plane.go b/control/control_plane.go index 582806097..29885d361 100644 --- a/control/control_plane.go +++ b/control/control_plane.go @@ -194,12 +194,15 @@ func NewControlPlane( } }() - /// Bind to links. Binding should be advance of dialerGroups to avoid un-routable old connection. - // Bind to LAN - if len(global.LanInterface) > 0 { + if len(global.LanInterface) > 0 || len(global.WanInterface) > 0 { if err = core.setupRoutingPolicy(); err != nil { return nil, err } + } + + /// Bind to links. Binding should be advance of dialerGroups to avoid un-routable old connection. + // Bind to LAN + if len(global.LanInterface) > 0 { if global.AutoConfigKernelParameter { _ = SetIpv4forward("1") } diff --git a/docs/en/README.md b/docs/en/README.md index 44cde1b36..8d9941196 100644 --- a/docs/en/README.md +++ b/docs/en/README.md @@ -195,7 +195,7 @@ group { # See https://github.com/daeuniverse/dae/blob/main/docs/en/configuration/routing.md for full examples. routing { - pname(NetworkManager) -> direct + pname(NetworkManager, systemd-resolved, dnsmasq) -> must_direct dip(224.0.0.0/3, 'ff00::/8') -> direct ### Write your rules below. diff --git a/example.dae b/example.dae index fd62d7d1a..ab08dd121 100644 --- a/example.dae +++ b/example.dae @@ -202,6 +202,9 @@ routing { # WAN. pname(NetworkManager) -> direct + # Bypass DNS stubs. We want to bypass their DNS requests, thus use 'must'. + pname(systemd-resolved, dnsmasq) -> must_direct + # Put it in the front to prevent broadcast, multicast and other packets that should be sent to the LAN from being # forwarded by the proxy. # "dip" means destination IP.