AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Prevent ipv6 leak (#224)

Browse source 
Prevent ipv6 leak for OpenVPN
This commit is contained in:
Mykola Baibuz 2023-04-25 11:34:17 -04:00 committed by GitHub
parent 6429ff0603
commit 8a8d38a30f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
client/android/src/org/amnezia/vpn/VPNService.kt
View file

@ -396,7 +396,6 @@ class VPNService : BaseVpnService(), LocalDnsService.Interface {
fun establish(): ParcelFileDescriptor? { fun establish(): ParcelFileDescriptor? {
Log.v(tag, "Aman: establish....................") Log.v(tag, "Aman: establish....................")
mbuilder.allowFamily(OsConstants.AF_INET) mbuilder.allowFamily(OsConstants.AF_INET)
mbuilder.allowFamily(OsConstants.AF_INET6)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) mbuilder.setMetered(false) if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) mbuilder.setMetered(false)
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) setUnderlyingNetworks(null) if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) setUnderlyingNetworks(null)

4
client/configurators/openvpn_configurator.cpp
View file

@ -118,6 +118,10 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString jsonConfig)
config.append("redirect-gateway def1 bypass-dhcp\n"); config.append("redirect-gateway def1 bypass-dhcp\n");
} }
} }
// Prevent ipv6 leak
config.append("ifconfig-ipv6 fd15:53b6:dead::2/64 fd15:53b6:dead::1\n");
config.append("redirect-gateway ipv6\n");
#if (defined Q_OS_MAC || defined(Q_OS_LINUX)) && !defined(Q_OS_ANDROID) #if (defined Q_OS_MAC || defined(Q_OS_LINUX)) && !defined(Q_OS_ANDROID)
config.replace("block-outside-dns", ""); config.replace("block-outside-dns", "");

BIN
deploy/data/macos/openvpn
View file

Binary file not shown.