diff --git a/conn.go b/conn.go index fb30ec2..6bb262c 100644 --- a/conn.go +++ b/conn.go @@ -64,6 +64,32 @@ func unsafeCloseBind(device *Device) error { return err } +func (device *Device) BindSetMark(mark uint32) error { + + device.net.mutex.Lock() + defer device.net.mutex.Unlock() + + device.peers.mutex.Lock() + defer device.peers.mutex.Unlock() + + // check if modified + + if device.net.fwmark == mark { + return nil + } + + // update fwmark on existing bind + + device.net.fwmark = mark + if device.isUp.Get() && device.net.bind != nil { + if err := device.net.bind.SetMark(mark); err != nil { + return err + } + } + + return nil +} + func (device *Device) BindUpdate() error { device.net.mutex.Lock() @@ -89,14 +115,17 @@ func (device *Device) BindUpdate() error { netc.bind, netc.port, err = CreateBind(netc.port) if err != nil { netc.bind = nil + netc.port = 0 return err } - // set mark + // set fwmark - err = netc.bind.SetMark(netc.fwmark) - if err != nil { - return err + if netc.fwmark != 0 { + err = netc.bind.SetMark(netc.fwmark) + if err != nil { + return err + } } // clear cached source addresses diff --git a/uapi.go b/uapi.go index caaa498..01cdab6 100644 --- a/uapi.go +++ b/uapi.go @@ -191,11 +191,7 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError { logDebug.Println("UAPI: Updating fwmark") - device.net.mutex.Lock() - device.net.fwmark = uint32(fwmark) - device.net.mutex.Unlock() - - if err := device.BindUpdate(); err != nil { + if err := device.BindSetMark(uint32(fwmark)); err != nil { logError.Println("Failed to update fwmark:", err) return &IPCError{Code: ipcErrorPortInUse} }