@@ -66,7 +66,8 @@ public actor OpenVPNConnection {
6666 !endpoints. isEmpty else {
6767 fatalError ( " No OpenVPN remotes defined? " )
6868 }
69- self . configuration = configuration
69+
70+ self . configuration = try . withModules ( from: parameters. controller. profile)
7071
7172 backend = CyclingConnection (
7273 factory: parameters. factory,
@@ -234,6 +235,47 @@ extension OpenVPNConnection: OpenVPNSessionDelegate {
234235
235236// MARK: - Helpers
236237
238+ private extension OpenVPN . Configuration {
239+ func withModules( from profile: Profile ) throws -> Self {
240+ var newBuilder = builder ( )
241+ let ipModules = profile. activeModules
242+ . compactMap {
243+ $0 as? IPModule
244+ }
245+
246+ let defaultRoute = Route ( defaultWithGateway: nil )
247+ ipModules. forEach { ipModule in
248+ var policies = newBuilder. routingPolicies ?? [ ]
249+ if !policies. contains ( . IPv4) , ipModule. shouldAddIPv4Policy {
250+ policies. append ( . IPv4)
251+ }
252+ if !policies. contains ( . IPv6) , ipModule. shouldAddIPv6Policy {
253+ policies. append ( . IPv6)
254+ }
255+ newBuilder. routingPolicies = policies
256+ }
257+ return try . tryBuild ( isClient: true )
258+ }
259+ }
260+
261+ private extension IPModule {
262+ var shouldAddIPv4Policy : Bool {
263+ guard let ipv4 else {
264+ return false
265+ }
266+ let defaultRoute = Route ( defaultWithGateway: nil )
267+ return ipv4. includedRoutes. contains ( defaultRoute) && !ipv4. excludedRoutes. contains ( defaultRoute)
268+ }
269+
270+ var shouldAddIPv6Policy : Bool {
271+ guard let ipv6 else {
272+ return false
273+ }
274+ let defaultRoute = Route ( defaultWithGateway: nil )
275+ return ipv6. includedRoutes. contains ( defaultRoute) && !ipv6. excludedRoutes. contains ( defaultRoute)
276+ }
277+ }
278+
237279private extension OpenVPNConnection {
238280 nonisolated func onStatus( _ connectionStatus: ConnectionStatus ) {
239281 switch connectionStatus {
0 commit comments