From c545d63bb93b8192dfdc7037952fc2661dd1222b Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Thu, 21 Sep 2017 03:09:57 +0200
Subject: [PATCH] Fix up fwmark handling

---
 src/conn_default.go |  2 +-
 src/conn_linux.go   |  6 +++---
 src/device.go       |  2 +-
 src/uapi.go         | 40 +++++++++++++++++++++++++---------------
 4 files changed, 30 insertions(+), 20 deletions(-)

diff --git a/src/conn_default.go b/src/conn_default.go
index 5ef2659..e7c60a8 100644
--- a/src/conn_default.go
+++ b/src/conn_default.go
@@ -6,6 +6,6 @@ import (
 	"net"
 )
 
-func setMark(conn *net.UDPConn, value int) error {
+func setMark(conn *net.UDPConn, value uint32) error {
 	return nil
 }
diff --git a/src/conn_linux.go b/src/conn_linux.go
index b04471c..e973b25 100644
--- a/src/conn_linux.go
+++ b/src/conn_linux.go
@@ -5,8 +5,8 @@ import (
 	"net"
 )
 
-func setMark(conn *net.UDPConn, value int) error {
-	if conn == nil || value == 0 {
+func setMark(conn *net.UDPConn, value uint32) error {
+	if conn == nil {
 		return nil
 	}
 
@@ -19,6 +19,6 @@ func setMark(conn *net.UDPConn, value int) error {
 		int(file.Fd()),
 		unix.SOL_SOCKET,
 		unix.SO_MARK,
-		value,
+		int(value),
 	)
 }
diff --git a/src/device.go b/src/device.go
index 2ead768..61c87bc 100644
--- a/src/device.go
+++ b/src/device.go
@@ -24,7 +24,7 @@ type Device struct {
 		mutex  sync.RWMutex
 		addr   *net.UDPAddr // UDP source address
 		conn   *net.UDPConn // UDP "connection"
-		fwmark int
+		fwmark uint32
 	}
 	mutex        sync.RWMutex
 	privateKey   NoisePrivateKey
diff --git a/src/uapi.go b/src/uapi.go
index 871232c..428b173 100644
--- a/src/uapi.go
+++ b/src/uapi.go
@@ -42,6 +42,9 @@ func ipcGetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
 	if device.net.addr != nil {
 		send(fmt.Sprintf("listen_port=%d", device.net.addr.Port))
 	}
+	if device.net.fwmark != 0 {
+		send(fmt.Sprintf("fwmark=%d", device.net.fwmark))
+	}
 
 	for _, peer := range device.peers {
 		func() {
@@ -158,25 +161,32 @@ func ipcSetOperation(device *Device, socket *bufio.ReadWriter) *IPCError {
 				// TODO: Clear source address of all peers
 
 			case "fwmark":
-				fwmark, err := strconv.ParseInt(value, 10, 32)
-				if err != nil {
-					logError.Println("Invalid fwmark", err)
-					return &IPCError{Code: ipcErrorInvalid}
+				var fwmark uint64 = 0
+				if value != "" {
+					var err error
+					fwmark, err = strconv.ParseUint(value, 10, 32)
+					if err != nil {
+						logError.Println("Invalid fwmark", err)
+						return &IPCError{Code: ipcErrorInvalid}
+					}
 				}
 
 				device.net.mutex.Lock()
-				device.net.fwmark = int(fwmark)
-				err = setMark(
-					device.net.conn,
-					device.net.fwmark,
-				)
-				device.net.mutex.Unlock()
-				if err != nil {
-					logError.Println("Failed to set fwmark:", err)
-					return &IPCError{Code: ipcErrorIO}
-				}
+				if fwmark > 0 || device.net.fwmark > 0 {
+					device.net.fwmark = uint32(fwmark)
+					err := setMark(
+						device.net.conn,
+						device.net.fwmark,
+					)
+					if err != nil {
+						logError.Println("Failed to set fwmark:", err)
+						device.net.mutex.Unlock()
+						return &IPCError{Code: ipcErrorIO}
+					}
 
-				// TODO: Clear source address of all peers
+					// TODO: Clear source address of all peers
+				}
+				device.net.mutex.Unlock()
 
 			case "public_key":