1. 05 Jul, 2026 2 commits
    • Vitaly Lipatov's avatar
      route-update: support route-type keywords (blackhole/unreachable/...) in gateway · a7a51ff4
      Vitaly Lipatov authored
      Allow a group's gateway file to contain a kernel route-type keyword
      (blackhole/unreachable/prohibit/throw) instead of a next-hop. The script
      then installs routes of that type (ip route replace <kw> <dst> table N),
      so packets are rejected/dropped by the kernel instead of forwarded.
      
      unreachable/prohibit return ICMP to the client, giving instant failure
      (curl drops in ~2ms) vs hanging on a dead tunnel.
      
      Used on routes6.d/fr where the France egress (ikev2.fr) is IPv4-only and
      no IPv6 path exists: claude.ai AAAA now fast-rejects instead of timing out.
      Co-Authored-By: 's avatarClaude <noreply@anthropic.com>
      a7a51ff4
    • Vitaly Lipatov's avatar
      route-update: prune stale volatile_ips for domains removed from lists · 3b1e5c99
      Vitaly Lipatov authored
      expand_volatile_subnets() iterated the whole volatile_ips/ directory and
      re-resolved every saved entry as a domain, never removing ones whose domain
      was no longer in the .list. As a result, a domain removed from a list kept
      re-injecting its (stale) IPs into the table forever — on igw this had
      accumulated ~40 stale domains in web-bypass plus claude.ai/anthropic in ai,
      shadowing the dedicated fr/claude.ai group.
      
      Pass the current list file to expand_volatile_subnets and prune volatile_ips
      entries whose domain is absent from the list before resolving.
      Co-Authored-By: 's avatarClaude <noreply@anthropic.com>
      3b1e5c99
  2. 04 Jul, 2026 12 commits
  3. 11 Jun, 2026 2 commits
  4. 31 May, 2026 3 commits
  5. 27 May, 2026 1 commit
    • Vitaly Lipatov's avatar
      route-update: flush table when .list moves between groups · 41bffb6b
      Vitaly Lipatov authored
      When a .list is moved between groups whose `gateway` files differ
      in metric semantics (e.g., failover→multipath), the previous code
      only deleted state and kept the table.  This caused stale routes
      with the old `metric N` to coexist with newly loaded multipath
      routes, because `ip route replace` keyed on dst+metric and treated
      them as distinct entries.
      
      Two related changes:
      - cleanup_state's "moved" branch now flushes the table before the
        new group loads it, so the table starts clean.
      - cleanup_state is invoked before process_routes so the flushes
        happen prior to the new group's load (otherwise a flush after
        load would wipe out the just-installed routes).
      Co-Authored-By: 's avatarClaude Opus 4.7 (1M context) <noreply@anthropic.com>
      41bffb6b
  6. 25 May, 2026 2 commits
  7. 13 May, 2026 3 commits
  8. 09 May, 2026 15 commits