andrei/amnezia-client
1
0
Fork 0
mirror of https://github.com/amnezia-vpn/amnezia-client.git synced 2026-06-20 02:00:55 +07:00
Code Issues Packages Projects Releases 10 Wiki Activity

fix: traffic drops for killswitch blacklisted sites during the switch

Browse Source
This commit is contained in:
cd-amn
2026-05-21 18:46:39 +04:00
parent 9b329ad5b1
commit b6188baeb8
2 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
service/server/killswitch.cpp
+21 -3
View File
@@ -164,25 +164,36 @@ bool KillSwitch::disableAllTraffic() {
return true; return true;
} }
QStringList KillSwitch::combinedAllowNets() const {
QStringList result = m_allowedRanges;
for (const QString &site : m_splitTunnelAllows) {
if (!site.isEmpty() && !result.contains(site)) {
result.append(site);
}
}
return result;
}
bool KillSwitch::resetAllowedRange(const QStringList &ranges) { bool KillSwitch::resetAllowedRange(const QStringList &ranges) {
m_allowedRanges = ranges; m_allowedRanges = ranges;
const QStringList combined = combinedAllowNets();
#ifdef Q_OS_LINUX #ifdef Q_OS_LINUX
LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), true); LinuxFirewall::setAnchorEnabled(LinuxFirewall::IPv4, QStringLiteral("110.allowNets"), true);
LinuxFirewall::updateAllowNets(m_allowedRanges); LinuxFirewall::updateAllowNets(combined);
#endif #endif
#ifdef Q_OS_MACOS #ifdef Q_OS_MACOS
MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), true); MacOSFirewall::setAnchorEnabled(QStringLiteral("110.allowNets"), true);
MacOSFirewall::setAnchorTable(QStringLiteral("110.allowNets"), true, QStringLiteral("allownets"), m_allowedRanges); MacOSFirewall::setAnchorTable(QStringLiteral("110.allowNets"), true, QStringLiteral("allownets"), combined);
#endif #endif
#ifdef Q_OS_WIN #ifdef Q_OS_WIN
if (isStrictKillSwitchEnabled()) { if (isStrictKillSwitchEnabled()) {
WindowsFirewall::create(this)->enableInterface(-1); WindowsFirewall::create(this)->enableInterface(-1);
} }
WindowsFirewall::create(this)->allowTrafficRange(m_allowedRanges); WindowsFirewall::create(this)->allowTrafficRange(combined);
#endif #endif
return true; return true;
@@ -306,6 +317,13 @@ bool KillSwitch::enableKillSwitch(const QJsonObject &configStr, int vpnAdapterIn
allownets.append(v.toString()); allownets.append(v.toString());
} }
} }
m_splitTunnelAllows = allownets;
for (const QString &endpoint : m_allowedRanges) {
if (!endpoint.isEmpty() && !allownets.contains(endpoint)) {
allownets.append(endpoint);
}
}
#endif #endif
#ifdef Q_OS_LINUX #ifdef Q_OS_LINUX
service/server/killswitch.h
+2
View File
@@ -23,7 +23,9 @@ public:
private: private:
KillSwitch(QObject* parent) {}; KillSwitch(QObject* parent) {};
QStringList combinedAllowNets() const;
QStringList m_allowedRanges; QStringList m_allowedRanges;
QStringList m_splitTunnelAllows;
QSharedPointer<SecureQSettings> m_appSettigns; QSharedPointer<SecureQSettings> m_appSettigns;
}; };