TunnelViewModel: Remove DNS from AllowedIPs when unchecking 'Exclude private IPs'

Signed-off-by: Roopesh Chander <roop@roopc.net>

diff --git a/WireGuard/WireGuard/UI/TunnelViewModel.swift b/WireGuard/WireGuard/UI/TunnelViewModel.swift
index 8f95039de3b8df2c36b7ed8f9194ed4748003ef9..b299bea17c289a37f5534863bff778ea54c5df53 100644 (file)
--- a/WireGuard/WireGuard/UI/TunnelViewModel.swift
+++ b/WireGuard/WireGuard/UI/TunnelViewModel.swift
@@ -424,12 +424,17 @@ class TunnelViewModel {
             shouldStronglyRecommendDNS = allowedIPStrings.contains(TunnelViewModel.PeerData.ipv4DefaultRouteString) || allowedIPStrings.isSuperset(of: TunnelViewModel.PeerData.ipv4DefaultRouteModRFC1918String)
         }
 
+        static func normalizedIPAddressRangeStrings(_ list: [String]) -> [String] {
+            return list.compactMap { IPAddressRange(from: $0) }.map { $0.stringRepresentation }
+        }
+
         static func modifiedAllowedIPs(currentAllowedIPs: [String], excludePrivateIPs: Bool, dnsServers: [String]) -> [String] {
-            let ipv6Addresses = currentAllowedIPs.filter { $0.contains(":") }
+            let normalizedDNSServers = normalizedIPAddressRangeStrings(dnsServers)
+            let ipv6Addresses = normalizedIPAddressRangeStrings(currentAllowedIPs.filter { $0.contains(":") })
             if excludePrivateIPs {
                 return ipv6Addresses + TunnelViewModel.PeerData.ipv4DefaultRouteModRFC1918String + dnsServers
             } else {
-                return ipv6Addresses + [TunnelViewModel.PeerData.ipv4DefaultRouteString]
+                return ipv6Addresses.filter { !normalizedDNSServers.contains($0) } + [TunnelViewModel.PeerData.ipv4DefaultRouteString]
             }
         }