From 02dea1e6b03f9f35d1d16c414d70c9f32904dd19 Mon Sep 17 00:00:00 2001
From: Zane Schepke <zanecschepke@gmail.com>
Date: Sat, 18 Jan 2025 05:31:01 -0500
Subject: [PATCH] fix: include all ipv6 with exclusion of private ipv4
 addresses

closes #550
---
 .../data/domain/TunnelConfig.kt               |  4 ++
 .../wireguardautotunnel/ui/AppViewModel.kt    |  4 +-
 .../tunneloptions/config/model/PeerProxy.kt   | 44 +++----------------
 3 files changed, 11 insertions(+), 41 deletions(-)

diff --git a/app/src/main/java/com/zaneschepke/wireguardautotunnel/data/domain/TunnelConfig.kt b/app/src/main/java/com/zaneschepke/wireguardautotunnel/data/domain/TunnelConfig.kt
index c799f51..1d7f431 100644
--- a/app/src/main/java/com/zaneschepke/wireguardautotunnel/data/domain/TunnelConfig.kt
+++ b/app/src/main/java/com/zaneschepke/wireguardautotunnel/data/domain/TunnelConfig.kt
@@ -97,6 +97,9 @@ data class TunnelConfig(
 
 		const val AM_QUICK_DEFAULT = ""
 
+		const val IPV6_ALL_NETWORKS = "::/0"
+		const val IPV4_ALL_NETWORKS = "0.0.0.0/0"
+		val ALL_IPS = setOf(IPV4_ALL_NETWORKS, IPV6_ALL_NETWORKS)
 		val IPV4_PUBLIC_NETWORKS = setOf(
 			"0.0.0.0/5", "8.0.0.0/7", "11.0.0.0/8", "12.0.0.0/6", "16.0.0.0/4", "32.0.0.0/3",
 			"64.0.0.0/2", "128.0.0.0/3", "160.0.0.0/5", "168.0.0.0/6", "172.0.0.0/12",
@@ -105,5 +108,6 @@ data class TunnelConfig(
 			"192.170.0.0/15", "192.172.0.0/14", "192.176.0.0/12", "192.192.0.0/10",
 			"193.0.0.0/8", "194.0.0.0/7", "196.0.0.0/6", "200.0.0.0/5", "208.0.0.0/4",
 		)
+		val LAN_BYPASS_ALLOWED_IPS = setOf(IPV6_ALL_NETWORKS) + IPV4_PUBLIC_NETWORKS
 	}
 }
diff --git a/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/AppViewModel.kt b/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/AppViewModel.kt
index 32dcf65..caa0841 100644
--- a/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/AppViewModel.kt
+++ b/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/AppViewModel.kt
@@ -213,7 +213,7 @@ constructor(
 			if (!enabled) return@withContext tunnelService.get().setBackendState(BackendState.SERVICE_ACTIVE, emptySet())
 			Timber.d("Starting kill switch")
 			val allowedIps = if (appDataRepository.settings.getSettings().isLanOnKillSwitchEnabled) {
-				TunnelConfig.IPV4_PUBLIC_NETWORKS
+				TunnelConfig.LAN_BYPASS_ALLOWED_IPS
 			} else {
 				emptySet()
 			}
@@ -227,7 +227,7 @@ constructor(
 				isLanOnKillSwitchEnabled = enabled,
 			),
 		)
-		val allowedIps = if (enabled) TunnelConfig.IPV4_PUBLIC_NETWORKS else emptySet()
+		val allowedIps = if (enabled) TunnelConfig.LAN_BYPASS_ALLOWED_IPS else emptySet()
 		Timber.d("Setting allowedIps $allowedIps")
 		tunnelService.get().setBackendState(BackendState.KILL_SWITCH_ACTIVE, allowedIps)
 	}
diff --git a/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/screens/tunneloptions/config/model/PeerProxy.kt b/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/screens/tunneloptions/config/model/PeerProxy.kt
index 7955f69..8ec5959 100644
--- a/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/screens/tunneloptions/config/model/PeerProxy.kt
+++ b/app/src/main/java/com/zaneschepke/wireguardautotunnel/ui/screens/tunneloptions/config/model/PeerProxy.kt
@@ -1,6 +1,7 @@
 package com.zaneschepke.wireguardautotunnel.ui.screens.tunneloptions.config.model
 
 import com.wireguard.config.Peer
+import com.zaneschepke.wireguardautotunnel.data.domain.TunnelConfig
 import com.zaneschepke.wireguardautotunnel.util.extensions.joinAndTrim
 
 data class PeerProxy(
@@ -8,7 +9,7 @@ data class PeerProxy(
 	val preSharedKey: String = "",
 	val persistentKeepalive: String = "",
 	val endpoint: String = "",
-	val allowedIps: String = ALL_IPS.joinAndTrim(),
+	val allowedIps: String = TunnelConfig.ALL_IPS.joinAndTrim(),
 ) {
 	fun toWgPeer(): Peer {
 		return Peer.Builder().apply {
@@ -30,18 +31,18 @@ data class PeerProxy(
 	}
 
 	fun isLanExcluded(): Boolean {
-		return this.allowedIps.contains(IPV4_PUBLIC_NETWORKS.joinAndTrim())
+		return this.allowedIps.contains(TunnelConfig.LAN_BYPASS_ALLOWED_IPS.joinAndTrim())
 	}
 
 	fun includeLan(): PeerProxy {
 		return this.copy(
-			allowedIps = ALL_IPS.joinAndTrim(),
+			allowedIps = TunnelConfig.ALL_IPS.joinAndTrim(),
 		)
 	}
 
 	fun excludeLan(): PeerProxy {
 		return this.copy(
-			allowedIps = IPV4_PUBLIC_NETWORKS.joinAndTrim(),
+			allowedIps = TunnelConfig.LAN_BYPASS_ALLOWED_IPS.joinAndTrim(),
 		)
 	}
 
@@ -95,40 +96,5 @@ data class PeerProxy(
 				allowedIps = peer.allowedIps.joinToString(", ").trim(),
 			)
 		}
-
-		val IPV4_PUBLIC_NETWORKS =
-			setOf(
-				"0.0.0.0/5",
-				"8.0.0.0/7",
-				"11.0.0.0/8",
-				"12.0.0.0/6",
-				"16.0.0.0/4",
-				"32.0.0.0/3",
-				"64.0.0.0/2",
-				"128.0.0.0/3",
-				"160.0.0.0/5",
-				"168.0.0.0/6",
-				"172.0.0.0/12",
-				"172.32.0.0/11",
-				"172.64.0.0/10",
-				"172.128.0.0/9",
-				"173.0.0.0/8",
-				"174.0.0.0/7",
-				"176.0.0.0/4",
-				"192.0.0.0/9",
-				"192.128.0.0/11",
-				"192.160.0.0/13",
-				"192.169.0.0/16",
-				"192.170.0.0/15",
-				"192.172.0.0/14",
-				"192.176.0.0/12",
-				"192.192.0.0/10",
-				"193.0.0.0/8",
-				"194.0.0.0/7",
-				"196.0.0.0/6",
-				"200.0.0.0/5",
-				"208.0.0.0/4",
-			)
-		val ALL_IPS = setOf("0.0.0.0/0", "::/0")
 	}
 }