softether-go

sagar/softether-go

Fork 0

Commit graph

Author	SHA1	Message	Date
Git Sagar	51824b830e	netcfg: add -connmark flag for DNAT reply routing When VPN traffic is DNAT'd to local namespaces/VMs, reply packets have a different source IP (namespace veth) so the policy route's "from <VPN_IP>" rule doesn't match. CONNMARK marks all connections arriving on the VPN interface and restores the mark on reply packets, routing them back through the tunnel via fwmark rule. New flag: -connmark (requires -policy-route-table) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-06-07 01:06:17 +05:30
Git Sagar	42f8333783	rename -dhcp flag to -no-dhcp for cleaner UX DHCP is on by default; use -no-dhcp to disable. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-06-06 17:53:01 +05:30
Git Sagar	8a3ea06c9e	add CLAUDE.md with project context and protocol notes Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-06-06 17:45:19 +05:30

Author

SHA1

Message

Date

Git Sagar

51824b830e

netcfg: add -connmark flag for DNAT reply routing

When VPN traffic is DNAT'd to local namespaces/VMs, reply packets have
a different source IP (namespace veth) so the policy route's
"from <VPN_IP>" rule doesn't match. CONNMARK marks all connections
arriving on the VPN interface and restores the mark on reply packets,
routing them back through the tunnel via fwmark rule.

New flag: -connmark (requires -policy-route-table)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-06-07 01:06:17 +05:30

Git Sagar

42f8333783

rename -dhcp flag to -no-dhcp for cleaner UX

DHCP is on by default; use -no-dhcp to disable.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-06-06 17:53:01 +05:30

Git Sagar

8a3ea06c9e

add CLAUDE.md with project context and protocol notes

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-06-06 17:45:19 +05:30

3 commits