From dc54c93937dff172db60a2dfffb83f375b628835 Mon Sep 17 00:00:00 2001
From: Murtaza Aliakbar <murtaza@live.in>
Date: Mon, 16 Dec 2024 20:34:16 +0530
Subject: [PATCH] ipn/wg: ignore reverse protocol handlers as req

---
 intra/ipn/wgproxy.go | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/intra/ipn/wgproxy.go b/intra/ipn/wgproxy.go
index 679cf1f0..92ed174f 100644
--- a/intra/ipn/wgproxy.go
+++ b/intra/ipn/wgproxy.go
@@ -617,8 +617,12 @@ func NewWgProxy(id string, ctl protect.Controller, rev netstack.GConnHandler, cf
 
 // ref: github.com/WireGuard/wireguard-go/blob/469159ecf7/tun/netstack/tun.go#L54
 func makeWgTun(id, cfg string, ctl protect.Controller, rev netstack.GConnHandler, ifopts wgifopts) (*wgtun, error) {
-	if rev == nil {
-		return nil, errMissingRev
+	if settings.ExperimentalWireGuard.Load() && settings.EndpointIndependentFiltering.Load() {
+		if rev == nil {
+			return nil, errMissingRev
+		}
+	} else { // do not use reverser
+		rev = nil
 	}
 
 	ctx := context.TODO()
@@ -634,7 +638,7 @@ func makeWgTun(id, cfg string, ctl protect.Controller, rev netstack.GConnHandler
 	s := stack.New(opts)
 	ep := channel.New(epsize, uint32(tunmtu), "")
 	netstack.SetNetstackOpts(s)
-	if settings.ExperimentalWireGuard.Load() && settings.EndpointIndependentFiltering.Load() {
+	if rev != nil { // inbound (aka reverse outbound)
 		netstack.OutboundTCP(s, rev.TCP())
 		netstack.OutboundUDP(s, rev.UDP())
 	}