Feature/exit node Android (#1916)

Support exit node on Android. With the protect socket function, we mark every connection that should be used out of VPN.
2026-04-20 09:16:40 +00:00 · 2024-05-07 12:28:30 +02:00
parent f309b120cd
commit c590518e0c
19 changed files with 275 additions and 49 deletions
--- a/client/internal/routemanager/manager.go
+++ b/client/internal/routemanager/manager.go
@@ -155,7 +155,7 @@ func (m *DefaultManager) SetRouteChangeListener(listener listener.NetworkChangeL

 // InitialRouteRange return the list of initial routes. It used by mobile systems
 func (m *DefaultManager) InitialRouteRange() []string {
-	return m.notifier.initialRouteRanges()
+	return m.notifier.getInitialRouteRanges()
 }

 // GetRouteSelector returns the route selector
@@ -261,10 +261,7 @@ func (m *DefaultManager) clientRoutes(initialRoutes []*route.Route) []*route.Rou

 func isPrefixSupported(prefix netip.Prefix) bool {
 	if !nbnet.CustomRoutingDisabled() {
-		switch runtime.GOOS {
-		case "linux", "windows", "darwin", "ios":
-			return true
-		}
+		return true
 	}

 	// If prefix is too small, lets assume it is a possible default prefix which is not yet supported
--- a/client/internal/routemanager/notifier.go
+++ b/client/internal/routemanager/notifier.go
@@ -10,8 +10,8 @@ import (
 )

 type notifier struct {
-	initialRouteRangers []string
-	routeRangers        []string
+	initialRouteRanges []string
+	routeRanges        []string

 	listener    listener.NetworkChangeListener
 	listenerMux sync.Mutex
@@ -33,7 +33,7 @@ func (n *notifier) setInitialClientRoutes(clientRoutes []*route.Route) {
 		nets = append(nets, r.Network.String())
 	}
 	sort.Strings(nets)
-	n.initialRouteRangers = nets
+	n.initialRouteRanges = nets
 }

 func (n *notifier) onNewRoutes(idMap route.HAMap) {
@@ -45,11 +45,11 @@ func (n *notifier) onNewRoutes(idMap route.HAMap) {
 	}

 	sort.Strings(newNets)
-	if !n.hasDiff(n.initialRouteRangers, newNets) {
+	if !n.hasDiff(n.initialRouteRanges, newNets) {
 		return
 	}

-	n.routeRangers = newNets
+	n.routeRanges = newNets

 	n.notify()
 }
@@ -62,7 +62,7 @@ func (n *notifier) notify() {
 	}

 	go func(l listener.NetworkChangeListener) {
-		l.OnNetworkChanged(strings.Join(n.routeRangers, ","))
+		l.OnNetworkChanged(strings.Join(addIPv6RangeIfNeeded(n.routeRanges), ","))
 	}(n.listener)
 }

@@ -78,6 +78,20 @@ func (n *notifier) hasDiff(a []string, b []string) bool {
 	return false
 }

-func (n *notifier) initialRouteRanges() []string {
-	return n.initialRouteRangers
+func (n *notifier) getInitialRouteRanges() []string {
+	return addIPv6RangeIfNeeded(n.initialRouteRanges)
+}
+
+// addIPv6RangeIfNeeded returns the input ranges with the default IPv6 range when there is an IPv4 default route.
+func addIPv6RangeIfNeeded(inputRanges []string) []string {
+	ranges := inputRanges
+	for _, r := range inputRanges {
+		// we are intentionally adding the ipv6 default range in case of ipv4 default range
+		// to ensure that all traffic is managed by the tunnel interface on android
+		if r == "0.0.0.0/0" {
+			ranges = append(ranges, "::/0")
+			break
+		}
+	}
+	return ranges
 }