mirror of
https://github.com/qdm12/gluetun.git
synced 2026-05-06 20:10:11 +02:00
Quentin McGaw
b04529c380
- amneziawg is now a VPN protocol and no longer a Wireguard implementation - Use it with VPN_TYPE=amneziawg - document AMNEZIAWG_* options in Dockerfile - document amneziawg support in readme - separate amneziawg settings and code from wireguard - re-use code from wireguard whenever possible
38 lines
957 B
Go
38 lines
957 B
Go
package wireguard
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/qdm12/gluetun/internal/netlink"
|
|
)
|
|
|
|
func AddRule(rulePriority, firewallMark uint32, family uint8,
|
|
netlinker NetLinker, logger Logger,
|
|
) (cleanup func() error, err error) {
|
|
rule := netlink.Rule{
|
|
Priority: &rulePriority,
|
|
Family: family,
|
|
Table: firewallMark,
|
|
Mark: &firewallMark,
|
|
Flags: netlink.FlagInvert,
|
|
Action: netlink.ActionToTable,
|
|
}
|
|
if err := netlinker.RuleAdd(rule); err != nil {
|
|
if strings.HasSuffix(err.Error(), "file exists") {
|
|
logger.Info("if you are using Kubernetes, this may fix the error below: " +
|
|
"https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/kubernetes.md#adding-ipv6-rule--file-exists")
|
|
}
|
|
return nil, fmt.Errorf("adding %s: %w", rule, err)
|
|
}
|
|
|
|
cleanup = func() error {
|
|
err := netlinker.RuleDel(rule)
|
|
if err != nil {
|
|
return fmt.Errorf("deleting rule %s: %w", rule, err)
|
|
}
|
|
return nil
|
|
}
|
|
return cleanup, nil
|
|
}
|