From a404b05cc0ec6b7b3e346804c1e0970dd91c0634 Mon Sep 17 00:00:00 2001
From: Sam Symons <sam@samsymons.com>
Date: Fri, 6 Dec 2024 13:09:37 -0800
Subject: [PATCH] Update local network routing (#1117)

Required:

Task/Issue URL: https://app.asana.com/0/1199230911884351/1208918011157080/f
iOS PR: TODO
macOS PR: TODO
What kind of version bump will this require?: Patch

Optional:

Tech Design URL:
CC:

Description:

This PR updates local network routing. When including local networks, 10.0.0.0/8 will also go through the tunnel.
---
 Sources/NetworkProtection/Routing/VPNRoutingRange.swift    | 7 ++++++-
 .../Routing/VPNRoutingTableResolver.swift                  | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/Sources/NetworkProtection/Routing/VPNRoutingRange.swift b/Sources/NetworkProtection/Routing/VPNRoutingRange.swift
index d72f63628..4c94dc51c 100644
--- a/Sources/NetworkProtection/Routing/VPNRoutingRange.swift
+++ b/Sources/NetworkProtection/Routing/VPNRoutingRange.swift
@@ -34,8 +34,13 @@ public enum VPNRoutingRange {
         "::1/128",    /* loopback */
     ]
 
+    public static let localNetworkRangeWithoutDNS: [NetworkProtection.IPAddressRange] = [
+        "172.16.0.0/12",  /* 255.240.0.0 */
+        "192.168.0.0/16", /* 255.255.0.0 */
+    ]
+
     public static let localNetworkRange: [NetworkProtection.IPAddressRange] = [
-        // "10.0.0.0/8",     /* 255.0.0.0   */
+        "10.0.0.0/8",     /* 255.0.0.0   */
         "172.16.0.0/12",  /* 255.240.0.0 */
         "192.168.0.0/16", /* 255.255.0.0 */
     ]
diff --git a/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift b/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift
index 505aa455a..429cd4c8a 100644
--- a/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift
+++ b/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift
@@ -43,7 +43,7 @@ struct VPNRoutingTableResolver {
         var routes = VPNRoutingRange.alwaysExcludedIPv4Range
 
         if excludeLocalNetworks {
-            routes += VPNRoutingRange.localNetworkRange
+            routes += VPNRoutingRange.localNetworkRangeWithoutDNS
         }
 
         return routes