summaryrefslogtreecommitdiffhomepage
path: root/tun/tun_freebsd.go
diff options
context:
space:
mode:
Diffstat (limited to 'tun/tun_freebsd.go')
-rw-r--r--tun/tun_freebsd.go14
1 files changed, 7 insertions, 7 deletions
diff --git a/tun/tun_freebsd.go b/tun/tun_freebsd.go
index dc9eb3e..e1e8986 100644
--- a/tun/tun_freebsd.go
+++ b/tun/tun_freebsd.go
@@ -143,7 +143,7 @@ func tunName(fd uintptr) (string, error) {
// Destroy a named system interface
func tunDestroy(name string) error {
- fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM, 0)
+ fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, 0)
if err != nil {
return err
}
@@ -170,7 +170,7 @@ func CreateTUN(name string, mtu int) (Device, error) {
return nil, fmt.Errorf("interface %s already exists", name)
}
- tunFile, err := os.OpenFile("/dev/tun", unix.O_RDWR, 0)
+ tunFile, err := os.OpenFile("/dev/tun", unix.O_RDWR|unix.O_CLOEXEC, 0)
if err != nil {
return nil, err
}
@@ -213,7 +213,7 @@ func CreateTUN(name string, mtu int) (Device, error) {
// Disable link-local v6, not just because WireGuard doesn't do that anyway, but
// also because there are serious races with attaching and detaching LLv6 addresses
// in relation to interface lifetime within the FreeBSD kernel.
- confd6, err := unix.Socket(unix.AF_INET6, unix.SOCK_DGRAM, 0)
+ confd6, err := unix.Socket(unix.AF_INET6, unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, 0)
if err != nil {
tunFile.Close()
tunDestroy(assignedName)
@@ -238,7 +238,7 @@ func CreateTUN(name string, mtu int) (Device, error) {
}
if name != "" {
- confd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM, 0)
+ confd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, 0)
if err != nil {
tunFile.Close()
tunDestroy(assignedName)
@@ -295,7 +295,7 @@ func CreateTUNFromFile(file *os.File, mtu int) (Device, error) {
return nil, err
}
- tun.routeSocket, err = unix.Socket(unix.AF_ROUTE, unix.SOCK_RAW, unix.AF_UNSPEC)
+ tun.routeSocket, err = unix.Socket(unix.AF_ROUTE, unix.SOCK_RAW|unix.SOCK_CLOEXEC, unix.AF_UNSPEC)
if err != nil {
tun.tunFile.Close()
return nil, err
@@ -397,7 +397,7 @@ func (tun *NativeTun) Close() error {
}
func (tun *NativeTun) setMTU(n int) error {
- fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM, 0)
+ fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, 0)
if err != nil {
return err
}
@@ -414,7 +414,7 @@ func (tun *NativeTun) setMTU(n int) error {
}
func (tun *NativeTun) MTU() (int, error) {
- fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM, 0)
+ fd, err := unix.Socket(unix.AF_INET, unix.SOCK_DGRAM|unix.SOCK_CLOEXEC, 0)
if err != nil {
return 0, err
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-17 05:44:55 +0000