diff --git a/internal/routing/inbound.go b/internal/routing/inbound.go index dfe8a888..9f074286 100644 --- a/internal/routing/inbound.go +++ b/internal/routing/inbound.go @@ -14,11 +14,7 @@ const ( ) var ( - errDefaultIP = errors.New("cannot get default IP address") - errRuleAdd = errors.New("cannot add rule") - errRouteAdd = errors.New("cannot add route") - errRuleDelete = errors.New("cannot delete rule") - errRouteDelete = errors.New("cannot delete route") + errDefaultIP = errors.New("cannot get default IP address") ) func (r *Routing) routeInboundFromDefault(defaultGateway net.IP, diff --git a/internal/routing/outbound.go b/internal/routing/outbound.go index 804240b4..9d5abd6a 100644 --- a/internal/routing/outbound.go +++ b/internal/routing/outbound.go @@ -8,6 +8,11 @@ import ( "github.com/qdm12/gluetun/internal/subnet" ) +const ( + outboundTable = 199 + outboundPriority = 99 +) + var ( errAddOutboundSubnet = errors.New("cannot add outbound subnet to routes") ) @@ -51,13 +56,22 @@ func (r *Routing) setOutboundRoutes(outboundSubnets []net.IPNet, func (r *Routing) removeOutboundSubnets(subnets []net.IPNet, defaultInterfaceName string, defaultGateway net.IP) (warnings []string) { - for _, subNet := range subnets { - const table = 0 - if err := r.deleteRouteVia(subNet, defaultGateway, defaultInterfaceName, table); err != nil { + for i, subNet := range subnets { + err := r.deleteRouteVia(subNet, defaultGateway, defaultInterfaceName, outboundTable) + if err != nil { warnings = append(warnings, err.Error()) continue } + ruleSrcNet := (*net.IPNet)(nil) + ruleDstNet := &subnets[i] + err = r.deleteIPRule(ruleSrcNet, ruleDstNet, outboundTable, outboundPriority) + if err != nil { + warnings = append(warnings, + errRuleDelete.Error()+": for subnet "+subNet.String()+": "+err.Error()) + continue + } + r.outboundSubnets = subnet.RemoveSubnetFromSubnets(r.outboundSubnets, subNet) } @@ -66,11 +80,21 @@ func (r *Routing) removeOutboundSubnets(subnets []net.IPNet, func (r *Routing) addOutboundSubnets(subnets []net.IPNet, defaultInterfaceName string, defaultGateway net.IP) error { - for _, subnet := range subnets { - const table = 0 - if err := r.addRouteVia(subnet, defaultGateway, defaultInterfaceName, table); err != nil { - return fmt.Errorf("%w: for subnet %s", err, subnet) + for i, subnet := range subnets { + err := r.addRouteVia(subnet, defaultGateway, defaultInterfaceName, outboundTable) + if err != nil { + return fmt.Errorf("%w: for subnet %s: %s", + errRouteAdd, subnet, err) } + + ruleSrcNet := (*net.IPNet)(nil) + ruleDstNet := &subnets[i] + err = r.addIPRule(ruleSrcNet, ruleDstNet, outboundTable, outboundPriority) + if err != nil { + return fmt.Errorf("%w: for subnet %s: %s", + errRuleAdd, subnet, err) + } + r.outboundSubnets = append(r.outboundSubnets, subnet) } return nil diff --git a/internal/routing/routes.go b/internal/routing/routes.go index df4f222e..2ff35001 100644 --- a/internal/routing/routes.go +++ b/internal/routing/routes.go @@ -10,7 +10,9 @@ import ( ) var ( - errLinkByName = errors.New("cannot obtain link by name") + errLinkByName = errors.New("cannot obtain link by name") + errRouteAdd = errors.New("cannot add route") + errRouteDelete = errors.New("cannot delete route") ) func (r *Routing) addRouteVia(destination net.IPNet, gateway net.IP, diff --git a/internal/routing/rules.go b/internal/routing/rules.go index b74b0e56..f680584c 100644 --- a/internal/routing/rules.go +++ b/internal/routing/rules.go @@ -10,7 +10,9 @@ import ( ) var ( - errRulesList = errors.New("cannot list rules") + errRulesList = errors.New("cannot list rules") + errRuleAdd = errors.New("cannot add rule") + errRuleDelete = errors.New("cannot delete rule") ) func (r *Routing) addIPRule(src, dst *net.IPNet, table, priority int) error {