don't add ipv6 rules

client/internal/routemanager/client.go

@@ -261,6 +261,12 @@ func (c *clientNetwork) recalculateRouteAndUpdatePeerAndSystem() error {
 			return fmt.Errorf("remove route from peer: %v", err)
 		}
 	} else {
+		if c.network == netip.MustParsePrefix("0.0.0.0/0") {
+			s, err := c.statusRecorder.GetPeer(c.routes[chosen].Peer)
+			if err == nil && s.IP != "" {
+				exitIP = netip.MustParseAddr(s.IP)
+			}
+		}
 		// otherwise add the route to the system
 		if err := addVPNRoute(c.network, c.getAsInterface()); err != nil {
 			return fmt.Errorf("route %s couldn't be added for peer %s, err: %v",

client/internal/routemanager/manager.go

@@ -53,6 +53,7 @@ type DefaultManager struct {
 }
 
 func NewManager(ctx context.Context, pubKey string, wgInterface *iface.WGIface, statusRecorder *peer.Status, initialRoutes []*route.Route) *DefaultManager {
+	tunIP = netip.MustParseAddr(wgInterface.Address().IP.String())
 	mCTX, cancel := context.WithCancel(ctx)
 	dm := &DefaultManager{
 		ctx:            mCTX,

client/internal/routemanager/systemops.go

@@ -28,6 +28,9 @@ var splitDefaultv6_2 = netip.PrefixFrom(netip.AddrFrom16([16]byte{0x80}), 1)
 var ErrRouteNotFound = errors.New("route not found")
 var ErrRouteNotAllowed = errors.New("route not allowed")
 
+var tunIP netip.Addr
+var exitIP netip.Addr
+
 // TODO: fix: for default our wg address now appears as the default gw
 func addRouteForCurrentDefaultGateway(prefix netip.Prefix) error {
 	addr := netip.IPv4Unspecified()
@@ -196,10 +199,14 @@ func addRouteToNonVPNIntf(prefix netip.Prefix, vpnIntf *iface.WGIface, initialNe
 // in two /1 prefixes to avoid replacing the existing default route
 func genericAddVPNRoute(prefix netip.Prefix, intf *net.Interface) error {
 	if prefix == defaultv4 {
-		if err := addToRouteTable(splitDefaultv4_1, netip.Addr{}, intf); err != nil {
+		ip := tunIP
+		if exitIP.IsValid() {
+			ip = exitIP
+		}
+		if err := addToRouteTable(splitDefaultv4_1, ip, intf); err != nil {
 			return err
 		}
-		if err := addToRouteTable(splitDefaultv4_2, netip.Addr{}, intf); err != nil {
+		if err := addToRouteTable(splitDefaultv4_2, ip, intf); err != nil {
 			if err2 := removeFromRouteTable(splitDefaultv4_1, netip.Addr{}, intf); err2 != nil {
 				log.Warnf("Failed to rollback route addition: %s", err2)
 			}
@@ -207,15 +214,15 @@ func genericAddVPNRoute(prefix netip.Prefix, intf *net.Interface) error {
 		}
 
 		// TODO: remove once IPv6 is supported on the interface
-		if err := addToRouteTable(splitDefaultv6_1, netip.Addr{}, intf); err != nil {
+		//if err := addToRouteTable(splitDefaultv6_1, netip.Addr{}, intf); err != nil {
-			return fmt.Errorf("add unreachable route split 1: %w", err)
+		//	return fmt.Errorf("add unreachable route split 1: %w", err)
-		}
+		//}
-		if err := addToRouteTable(splitDefaultv6_2, netip.Addr{}, intf); err != nil {
+		//if err := addToRouteTable(splitDefaultv6_2, netip.Addr{}, intf); err != nil {
-			if err2 := removeFromRouteTable(splitDefaultv6_1, netip.Addr{}, intf); err2 != nil {
+		//	if err2 := removeFromRouteTable(splitDefaultv6_1, netip.Addr{}, intf); err2 != nil {
-				log.Warnf("Failed to rollback route addition: %s", err2)
+		//		log.Warnf("Failed to rollback route addition: %s", err2)
-			}
+		//	}
-			return fmt.Errorf("add unreachable route split 2: %w", err)
+		//	return fmt.Errorf("add unreachable route split 2: %w", err)
-		}
+		//}
 
 		return nil
 	} else if prefix == defaultv6 {
@@ -266,20 +273,20 @@ func addNonExistingRoute(prefix netip.Prefix, intf *net.Interface) error {
 func genericRemoveVPNRoute(prefix netip.Prefix, intf *net.Interface) error {
 	if prefix == defaultv4 {
 		var result *multierror.Error
-		if err := removeFromRouteTable(splitDefaultv4_1, netip.Addr{}, intf); err != nil {
+		if err := removeFromRouteTable(splitDefaultv4_1, tunIP, intf); err != nil {
 			result = multierror.Append(result, err)
 		}
-		if err := removeFromRouteTable(splitDefaultv4_2, netip.Addr{}, intf); err != nil {
+		if err := removeFromRouteTable(splitDefaultv4_2, tunIP, intf); err != nil {
 			result = multierror.Append(result, err)
 		}
 
 		// TODO: remove once IPv6 is supported on the interface
-		if err := removeFromRouteTable(splitDefaultv6_1, netip.Addr{}, intf); err != nil {
+		//if err := removeFromRouteTable(splitDefaultv6_1, netip.Addr{}, intf); err != nil {
-			result = multierror.Append(result, err)
+		//	result = multierror.Append(result, err)
-		}
+		//}
-		if err := removeFromRouteTable(splitDefaultv6_2, netip.Addr{}, intf); err != nil {
+		//if err := removeFromRouteTable(splitDefaultv6_2, netip.Addr{}, intf); err != nil {
-			result = multierror.Append(result, err)
+		//	result = multierror.Append(result, err)
-		}
+		//}
 
 		return result.ErrorOrNil()
 	} else if prefix == defaultv6 {

client/internal/routemanager/systemops_darwin.go

@@ -52,8 +52,10 @@ func routeCmd(action string, prefix netip.Prefix, nexthop netip.Addr, intf *net.
 
 	args := []string{"-n", action, inet, network}
 	if nexthop.IsValid() {
+		log.Debugf("route %s %s via %s", action, prefix, nexthop)
 		args = append(args, nexthop.Unmap().String())
 	} else if intf != nil {
+		log.Debugf("route %s %s via %s, iptun: %s", action, prefix, intf.Name, tunIP)
 		args = append(args, "-interface", intf.Name)
 	}
 

iface/iface.go

@@ -13,7 +13,7 @@ import (
 )
 
 const (
-	DefaultMTU    = 1280
+	DefaultMTU    = 1420
 	DefaultWgPort = 51820
 )
 

iface/tun_darwin.go

@@ -4,6 +4,7 @@
 package iface
 
 import (
+	"net/netip"
 	"os/exec"
 
 	"github.com/pion/transport/v3"
@@ -119,7 +120,9 @@ func (t *tunDevice) Wrapper() *DeviceWrapper {
 
 // assignAddr Adds IP address to the tunnel interface and network route based on the range provided
 func (t *tunDevice) assignAddr() error {
-	cmd := exec.Command("ifconfig", t.name, "inet", t.address.IP.String(), t.address.IP.String())
+	np := netip.MustParseAddr(t.address.IP.String())
+
+	cmd := exec.Command("ifconfig", t.name, "inet", t.address.IP.String(), np.Prev().String())
 	if out, err := cmd.CombinedOutput(); err != nil {
 		log.Infof(`adding address command "%v" failed with output %s and error: `, cmd.String(), out)
 		return err