From 31d61de939f52cd9cb23d9efe35bdb6289415406 Mon Sep 17 00:00:00 2001
From: ospab <ospab@ospab.host>
Date: Fri, 15 May 2026 01:23:13 +0300
Subject: [PATCH] Fix: Add physical network bypass routing for primary DNS
 (1.1.1.1) in Wintun handler to prevent UDP-over-TCP DNS resolution deadlock.

---
 ostp-client/src/tunnel/wintun_handler.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ostp-client/src/tunnel/wintun_handler.rs b/ostp-client/src/tunnel/wintun_handler.rs
index 04f6711..5b6b804 100644
--- a/ostp-client/src/tunnel/wintun_handler.rs
+++ b/ostp-client/src/tunnel/wintun_handler.rs
@@ -47,7 +47,8 @@ pub async fn run_wintun_tunnel(
          $route = Get-NetRoute -DestinationPrefix '0.0.0.0/0' | Sort-Object RouteMetric | Select-Object -First 1\n\
          $gw = $route.NextHop\n\
          $ifIndex = $route.InterfaceIndex\n\
-         New-NetRoute -DestinationPrefix \"$remote_ip/32\" -NextHop $gw -InterfaceIndex $ifIndex -RouteMetric 1 -ErrorAction SilentlyContinue\n",
+         New-NetRoute -DestinationPrefix \"$remote_ip/32\" -NextHop $gw -InterfaceIndex $ifIndex -RouteMetric 1 -ErrorAction SilentlyContinue\n\
+         New-NetRoute -DestinationPrefix \"1.1.1.1/32\" -NextHop $gw -InterfaceIndex $ifIndex -RouteMetric 1 -ErrorAction SilentlyContinue\n",
         server_ip_str
     );
 
@@ -131,7 +132,8 @@ pub async fn run_wintun_tunnel(
     // 9. Run cleanup routing script
     let cleanup_script = format!(
         "$remote_ip = '{}'\n\
-         Remove-NetRoute -DestinationPrefix \"$remote_ip/32\" -Confirm:$false -ErrorAction SilentlyContinue\n",
+         Remove-NetRoute -DestinationPrefix \"$remote_ip/32\" -Confirm:$false -ErrorAction SilentlyContinue\n\
+         Remove-NetRoute -DestinationPrefix \"1.1.1.1/32\" -Confirm:$false -ErrorAction SilentlyContinue\n",
         server_ip_str
     );