From: Jason A. Donenfeld <Jason@zx2c4.com>
Date: Wed, 6 May 2026 21:21:24 +0000 (+0200)
Subject: wg-quick: darwin: properly parse netstat -nr output
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=HEAD;p=thirdparty%2Fwireguard-tools.git

wg-quick: darwin: properly parse netstat -nr output

Looking at the source [1], it appears that the interface is always the
4th argument, regardless of the family:

C1.	if (fam != old_fam) // FALSE

P1.	p_sockaddr(params, &addr.u_sa, &mask.u_sa, rtm->rtm_flags,
	    WID_DST(addr.u_sa.sa_family));

P2.	p_sockaddr(params, rti_info[RTAX_GATEWAY], NULL, RTF_HOST,
	    WID_GW(addr.u_sa.sa_family));

C2.	if (params->lflag && (rtm->rtm_addrs & RTA_IFA)) // FALSE

P3.	p_flags(rtm->rtm_flags, "%-10.10s ");

C3.	if (params->lflag) // FALSE

P4. 	printf("%*.*s", WID_IF(addr.u_sa.sa_family),
		WID_IF(addr.u_sa.sa_family), ifname);

Because C1, C2, and C3 evaluate to false, interface is always in the 4th
argument.

[1] https://github.com/apple-oss-distributions/network_cmds/blob/97e27e6244c16d399bfeb254315ddc5828711c56/netstat.tproj/route.c#L328

Reported-by: Florian Uekermann <florian@uekermann.me>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---

diff --git a/src/wg-quick/darwin.bash b/src/wg-quick/darwin.bash
index 0e87062..0179afb 100755
--- a/src/wg-quick/darwin.bash
+++ b/src/wg-quick/darwin.bash
@@ -131,14 +131,14 @@ add_if() {
 del_routes() {
 	[[ -n $REAL_INTERFACE ]] || return 0
 	local todelete=( ) destination gateway netif
-	while read -r destination _ _ _ _ netif _; do
+	while read -r destination _ _ netif _; do
 		[[ $netif == "$REAL_INTERFACE" ]] && todelete+=( "$destination" )
 	done < <(netstat -nr -f inet)
 	for destination in "${todelete[@]}"; do
 		cmd route -q -n delete -inet "$destination" >/dev/null || true
 	done
 	todelete=( )
-	while read -r destination gateway _ netif; do
+	while read -r destination gateway _ netif _; do
 		[[ $netif == "$REAL_INTERFACE" || ( $netif == lo* && $gateway == "$REAL_INTERFACE" ) ]] && todelete+=( "$destination" )
 	done < <(netstat -nr -f inet6)
 	for destination in "${todelete[@]}"; do
@@ -177,7 +177,7 @@ set_mtu() {
 		cmd ifconfig "$REAL_INTERFACE" mtu "$MTU"
 		return
 	fi
-	while read -r destination _ _ _ _ netif _; do
+	while read -r destination _ _ netif _; do
 		if [[ $destination == default ]]; then
 			defaultif="$netif"
 			break