From 7dfe7e426e9e2eab98165c01d209a9e015973bb3 Mon Sep 17 00:00:00 2001
From: Viktor Liu <viktor@netbird.io>
Date: Fri, 3 Jan 2025 18:38:57 +0100
Subject: [PATCH] Always use userspace routing in netstack mode

---
 client/firewall/uspfilter/uspfilter.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/client/firewall/uspfilter/uspfilter.go b/client/firewall/uspfilter/uspfilter.go
index c429c7243..6b28a1785 100644
--- a/client/firewall/uspfilter/uspfilter.go
+++ b/client/firewall/uspfilter/uspfilter.go
@@ -107,14 +107,21 @@ func CreateWithNativeFirewall(iface common.IFaceMapper, nativeFirewall firewall.
 	forceNativeRouter, _ := strconv.ParseBool(EnvForceNativeRouter)
 
 	// if the OS supports routing natively, or it is explicitly requested, then we don't need to filter/route ourselves
-	if mgr.nativeFirewall != nil && mgr.nativeFirewall.IsServerRouteSupported() || forceNativeRouter {
+	// netstack mode won't support userspace routing as there is no interface
+	if forceNativeRouter ||
+		!netstack.IsEnabled() && mgr.nativeFirewall != nil && mgr.nativeFirewall.IsServerRouteSupported() {
+
 		mgr.nativeRouter = true
 		mgr.routingEnabled = true
 		if mgr.forwarder != nil {
 			mgr.forwarder.Stop()
 		}
+
+		log.Info("native routing is enabled")
+		return mgr, nil
 	}
 
+	log.Info("userspace routing is enabled")
 	return mgr, nil
 }