Improve support for disabled IPv6 stack

2025-09-01 18:19:12 +00:00 · 2023-03-29 14:57:32 +02:00 · 2023-03-29 14:57:32 +02:00 · 4b29eed2cf
commit 4b29eed2cf
parent fa98f1ea6d
4 changed files with 40 additions and 15 deletions
--- a/network/module.go
+++ b/network/module.go
@ -2,6 +2,8 @@ package network

 import (
 	"github.com/safing/portbase/modules"
+	"github.com/safing/portmaster/netenv"
+	"github.com/safing/portmaster/network/state"
 )

 var (
@ -11,7 +13,7 @@ var (
 )

 func init() {
-	module = modules.Register("network", prep, start, nil, "base", "processes")
+	module = modules.Register("network", prep, start, nil, "base", "netenv", "processes")
 }

 // SetDefaultFirewallHandler sets the default firewall handler.
@ -22,6 +24,11 @@ func SetDefaultFirewallHandler(handler FirewallHandler) {
 }

 func prep() error {
+	if netenv.IPv6Enabled() {
+		state.EnableTCPDualStack()
+		state.EnableUDPDualStack()
+	}
+
 	return registerAPIEndpoints()
 }

--- a/network/state/info.go
+++ b/network/state/info.go
@ -3,6 +3,8 @@ package state
 import (
 	"sync"

+	"github.com/safing/portmaster/netenv"
+
 	"github.com/safing/portbase/database/record"
 	"github.com/safing/portmaster/network/socket"
 )
@ -30,21 +32,23 @@ func GetInfo() *Info {
 	info.TCP4Listeners = tcp4Table.listeners
 	tcp4Table.lock.RUnlock()

-	tcp6Table.updateTables()
-	tcp6Table.lock.RLock()
-	info.TCP6Connections = tcp6Table.connections
-	info.TCP6Listeners = tcp6Table.listeners
-	tcp6Table.lock.RUnlock()
-
 	udp4Table.updateTable()
 	udp4Table.lock.RLock()
 	info.UDP4Binds = udp4Table.binds
 	udp4Table.lock.RUnlock()

-	udp6Table.updateTable()
-	udp6Table.lock.RLock()
-	info.UDP6Binds = udp6Table.binds
-	udp6Table.lock.RUnlock()
+	if netenv.IPv6Enabled() {
+		tcp6Table.updateTables()
+		tcp6Table.lock.RLock()
+		info.TCP6Connections = tcp6Table.connections
+		info.TCP6Listeners = tcp6Table.listeners
+		tcp6Table.lock.RUnlock()
+
+		udp6Table.updateTable()
+		udp6Table.lock.RLock()
+		info.UDP6Binds = udp6Table.binds
+		udp6Table.lock.RUnlock()
+	}

 	info.UpdateMeta()
 	return info
--- a/network/state/tcp.go
+++ b/network/state/tcp.go
@ -29,6 +29,11 @@ var (
 	tcp4Table = &tcpTable{
 		version:    4,
 		fetchTable: getTCP4Table,
-		dualStack:  tcp6Table,
 	}
 )
+
+// EnableTCPDualStack adds the TCP6 table to the TCP4 table as a dual-stack.
+// Must be called before any lookup operation.
+func EnableTCPDualStack() {
+	tcp4Table.dualStack = tcp6Table
+}
--- a/network/state/udp.go
+++ b/network/state/udp.go
@ -6,6 +6,8 @@ import (
 	"sync"
 	"time"

+	"github.com/safing/portmaster/netenv"
+
 	"github.com/safing/portbase/utils"
 	"github.com/safing/portmaster/network/packet"
 	"github.com/safing/portmaster/network/socket"
@ -53,10 +55,15 @@ var (
 		version:    4,
 		fetchTable: getUDP4Table,
 		states:     make(map[string]map[string]*udpState),
-		dualStack:  udp6Table,
 	}
 )

+// EnableUDPDualStack adds the UDP6 table to the UDP4 table as a dual-stack.
+// Must be called before any lookup operation.
+func EnableUDPDualStack() {
+	udp4Table.dualStack = udp6Table
+}
+
 // CleanUDPStates cleans the udp connection states which save connection directions.
 func CleanUDPStates(_ context.Context) {
 	now := time.Now().UTC()
@ -64,8 +71,10 @@ func CleanUDPStates(_ context.Context) {
 	udp4Table.updateTable()
 	udp4Table.cleanStates(now)

-	udp6Table.updateTable()
-	udp6Table.cleanStates(now)
+	if netenv.IPv6Enabled() {
+		udp6Table.updateTable()
+		udp6Table.cleanStates(now)
+	}
 }

 func (table *udpTable) getConnState(