diff --git a/client/amnezia_application.cpp b/client/amnezia_application.cpp index 904ffaa6..05ced2f0 100644 --- a/client/amnezia_application.cpp +++ b/client/amnezia_application.cpp @@ -297,7 +297,7 @@ void AmneziaApplication::initModels() connect(m_containersModel.get(), &ContainersModel::defaultContainerChanged, this, [this]() { if (m_containersModel->getDefaultContainer() == DockerContainer::WireGuard && m_sitesModel->isSplitTunnelingEnabled()) { - m_sitesModel->toggleSplitTunneling(false); + m_sitesModel->toggleSplitTunneling(true); emit m_pageController->showNotificationMessage( tr("Split tunneling for WireGuard is not implemented, the option was disabled")); } diff --git a/client/android/src/org/amnezia/vpn/OpenVPNThreadv3.kt b/client/android/src/org/amnezia/vpn/OpenVPNThreadv3.kt index 2a6e6bf5..20869e48 100644 --- a/client/android/src/org/amnezia/vpn/OpenVPNThreadv3.kt +++ b/client/android/src/org/amnezia/vpn/OpenVPNThreadv3.kt @@ -72,6 +72,13 @@ class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runna val jsonVpnConfig = mService.getVpnConfig() val ovpnConfig = jsonVpnConfig.getJSONObject("openvpn_config_data").getString("config") + Log.e(tag, "jsonVpnConfig $jsonVpnConfig") + val splitTunnelType = jsonVpnConfig.getInt("splitTunnelType") + val splitTunnelSites = jsonVpnConfig.getJSONArray("splitTunnelSites") + + Log.e(tag, "splitTunnelType $splitTunnelType") + Log.e(tag, "splitTunnelSites $splitTunnelSites") + val resultingConfig = StringBuilder() resultingConfig.append(ovpnConfig) @@ -115,6 +122,7 @@ class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runna eval_config(config) val status = connect() + if (status.getError()) { Log.i(tag, "connect() error: " + status.getError() + ": " + status.getMessage()) } @@ -139,7 +147,46 @@ class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runna override fun tun_builder_establish(): Int { Log.v(tag, "tun_builder_establish") - return mService.establish()!!.detachFd() + val Fd = mService.establish()!!.detachFd() + + val jsonVpnConfig = mService.getVpnConfig() + + val splitTunnelType = jsonVpnConfig.getInt("splitTunnelType") + val splitTunnelSites = jsonVpnConfig.getJSONArray("splitTunnelSites") + + Log.e(tag, "splitTunnelSites $splitTunnelSites") + for (i in 0 until splitTunnelSites.length()) { + val site = splitTunnelSites.getString(i) + if (site.contains("\\/")) { + Log.e(tag, "site $site rawMask 32") + mService.addRoute(site, 32) + } else { + var slash = site.lastIndexOf('/'); + var maskString: String = "" + var rawMask = 32 + var rawAddress: String = "" + if (slash >= 0) { + maskString = site.substring(slash + 1) + try { + rawMask = Integer.parseInt(maskString, 10) + } catch (e: Exception) { + + } + rawAddress = site.substring(0, slash) + } else { + maskString = "" + rawMask = 32 + rawAddress = site + } + Log.e(tag, "rawAddress $rawAddress rawMask $rawMask") + mService.addRoute(rawAddress, rawMask) + //val internet = InetNetwork.parse(site) + //peerBuilder.addAllowedIp(internet) + } + Log.e(tag, "splitTunnelSites $site") + } + + return Fd } override fun tun_builder_add_address(address: String , prefix_length: Int , gateway: String , ipv6:Boolean , net30: Boolean ): Boolean { @@ -159,7 +206,7 @@ class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runna override fun tun_builder_reroute_gw(ipv4: Boolean, ipv6: Boolean , flags: Long): Boolean { Log.v(tag, "tun_builder_reroute_gw") - mService.addRoute("0.0.0.0", 0) + // mService.addRoute("0.0.0.0", 0) return true } diff --git a/client/android/src/org/amnezia/vpn/VPNService.kt b/client/android/src/org/amnezia/vpn/VPNService.kt index 06f58980..047192a6 100644 --- a/client/android/src/org/amnezia/vpn/VPNService.kt +++ b/client/android/src/org/amnezia/vpn/VPNService.kt @@ -571,6 +571,9 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface { private fun buildWireguardConfig(obj: JSONObject, type: String): Config { val confBuilder = Config.Builder() val wireguardConfigData = obj.getJSONObject(type) + val splitTunnelType = obj.getInt("splitTunnelType") + val splitTunnelSites = obj.getJSONArray("splitTunnelSites") + val config = parseConfigData(wireguardConfigData.getString("config")) val peerBuilder = Peer.Builder() val peerConfig = config["Peer"]!! @@ -579,15 +582,37 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface { peerBuilder.setPreSharedKey(Key.fromBase64(it)) } val allowedIPList = peerConfig["AllowedIPs"]?.split(",") ?: emptyList() - if (allowedIPList.isEmpty()) { - val internet = InetNetwork.parse("0.0.0.0/0") // aka The whole internet. - peerBuilder.addAllowedIp(internet) - } else { - allowedIPList.forEach { - val network = InetNetwork.parse(it.trim()) - peerBuilder.addAllowedIp(network) + + Log.e(tag, "splitTunnelSites $splitTunnelSites") + for (i in 0 until splitTunnelSites.length()) { + val site = splitTunnelSites.getString(i) + if (site.contains("\\/")) { + val internet = InetNetwork.parse(site + "\\32") + peerBuilder.addAllowedIp(internet) + } else { + val internet = InetNetwork.parse(site) + peerBuilder.addAllowedIp(internet) } + Log.e(tag, "splitTunnelSites $site") } + + // if (allowedIPList.isEmpty() /*&& splitTunnelType.equals("0", true) */) { + // Log.e(tag, "splitTunnelSites $splitTunnelSites") + // for (i in 0 until splitTunnelSites.length()) { + // val site = splitTunnelSites.getString(i) + // Log.e(tag, "splitTunnelSites $site") + // } + + // val internet = InetNetwork.parse("0.0.0.0/0") // aka The whole internet. + // peerBuilder.addAllowedIp(internet) + // } else { + + + // allowedIPList.forEach { + // val network = InetNetwork.parse(it.trim()) + // peerBuilder.addAllowedIp(network) + // } + // } val endpointConfig = peerConfig["Endpoint"] val endpoint = InetEndpoint.parse(endpointConfig) peerBuilder.setEndpoint(endpoint) @@ -753,6 +778,9 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface { GoBackend.wgTurnOff(currentTunnelHandle) } val wgConfig: String = wireguard_conf.toWgUserspaceString() + + Log.e(tag, "wgConfig : $wgConfig") + val builder = Builder() setupBuilder(wireguard_conf, builder) builder.setSession("Amnezia") diff --git a/client/configurators/openvpn_configurator.cpp b/client/configurators/openvpn_configurator.cpp index a62bdd9c..5c4004ad 100644 --- a/client/configurators/openvpn_configurator.cpp +++ b/client/configurators/openvpn_configurator.cpp @@ -125,16 +125,22 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString jsonConfig) config.replace(regex, ""); if (m_settings->routeMode() == Settings::VpnAllSites) { - config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n"); + qDebug() << "Settings::VpnAllSites"; + + //config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n"); // Prevent ipv6 leak config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n"); config.append("block-ipv6\n"); } if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) { + qDebug() << "Settings::VpnOnlyForwardSites"; + // no redirect-gateway } if (m_settings->routeMode() == Settings::VpnAllExceptSites) { - config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n"); + qDebug() << "Settings::VpnAllExceptSites"; + + //config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n"); // Prevent ipv6 leak config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n"); config.append("block-ipv6\n"); diff --git a/client/ui/qml/Pages2/PageSettingsConnection.qml b/client/ui/qml/Pages2/PageSettingsConnection.qml index b5b1bd97..51096057 100644 --- a/client/ui/qml/Pages2/PageSettingsConnection.qml +++ b/client/ui/qml/Pages2/PageSettingsConnection.qml @@ -94,7 +94,7 @@ PageType { DividerType {} LabelWithButtonType { - visible: !GC.isMobile() + visible: GC.isDesktop() || Qt.platform.os === "android" Layout.fillWidth: true