Conversation
… all platforms Introduce a `resolve_tun_mtu()` helper in the shared crate that centralizes MTU resolution from an explicit config field, the `VPN_MTU` env var, or the compiled-in default (1280). This replaces duplicated per-platform env-reading logic in linux and windows vpn_core. Plumb `vpn_mtu` through the full stack on every platform: - **shared**: add `vpn_mtu: Option<u16>` to `Config`, implement `resolve_tun_mtu()` with MIN/MAX_TUN_MTU constants - **android**: settings UI, ViewModel, PrefsManager, NativeLib JNI bridge, and Rust connection handshake - **gui**: HTML inputs, JS read/write/fill, Rust SavedConn struct, config mapping in utils.js - **linux/windows**: CLI prompts, replace local env-reading with shared resolver, wire through connect_and_handshake Valid range is 1280–1360; values outside this range or absent fall through to env var, then default. Server and client must agree on TUN MTU.
…oid input Add comprehensive tests covering the `resolve_tun_mtu()` priority chain: explicit config > env var > default, with out-of-range and non-numeric values falling through gracefully. Remove unused `DEFAULT_TUN_MTU` import in linux vpn_core. Harden android SettingsScreen with a `parseValidatedMtu()` helper that rejects values outside 1280–1360 with a user-facing Toast instead of silently passing invalid input through the onBack callback.
…nction Merge multiple parallel tests that mutate `std::env` into one sequential test to eliminate race conditions from concurrent environment variable manipulation.
zerox80
added a commit
that referenced
this pull request
May 11, 2026
feat(config): add configurable VPN MTU with unified resolution across…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add client-side VPN MTU configuration across all platforms
Summary
vpn_mtu, range 1280–1360, default 1280) to all client platformsvpn_mtu + 80bytes — never independently settableresolve_tun_mtu()with fallback chain: explicit config →VPN_MTUenv var → default 1280Motivation
The server already supports
VPN_MTUvia.env. However, clients had no way to set the matching TUN MTU — Android was hardcoded to 1280, and Windows/Linux only read the env var. If the server operator changedVPN_MTU(e.g. to 1360 for PPPoE/DSL paths), clients would mismatch and send out-of-spec QUIC packets.Changes (20 files, +440 / −133)
Shared (
shared/)lib.rs— Addedresolve_tun_mtu(vpn_mtu: Option<u16>) -> u16,MIN_TUN_MTU(1280),MAX_TUN_MTU(1360) constantsipc.rs— Addedvpn_mtu: Option<u16>field toConfigstruct (#[serde(default)], backward-compatible)Android (JNI + Rust + Kotlin)
jni.rs— Addedvpn_mtu: jintparameter to nativeinit()(0 = use default)connection.rs— Acceptsvpn_mtu: Option<u16>, usesresolve_tun_mtu()instead of hardcodedDEFAULT_TUN_MTUNativeLib.kt— AddedvpnMtu: Intto externalinit()MaviVpnService.kt— Passesprefs.savedVpnMtuto bothNativeLib.init()andVpnService.Builder.setMtu()PrefsManager.kt— AddedsavedVpnMtu: IntSharedPreferences fieldVpnViewModel.kt— AddedvpnMtustate flow, updatedsaveSettings()signatureSettingsScreen.kt— Added VPN MTU text input field with validation (1280–1360)MainActivity.kt— Updated settings callback to passvpnMtuLinux CLI
vpn_core.rs— Removed localread_tun_mtu_from_env(), usesresolve_tun_mtu(config.vpn_mtu)main.rs— Added interactive VPN MTU prompt, displays MTU when loading saved configWindows CLI
vpn_core/mod.rs— RemovedCLIENT_TUN_MTULazyLock andread_tun_mtu_from_env()vpn_core/handshake.rs— Acceptsvpn_mtu: Option<u16>, usesresolve_tun_mtu()vpn_core/network.rs— Fixedset_adapter_network_configto actually use itstun_mtuparameter (was previously ignored)main.rs— Added interactive VPN MTU prompt, displays MTU when loading saved configGUI (Tauri + Web)
lib.rs— Addedvpn_mtu: Option<u16>toSavedConnstructindex.html— Added<input type="number" min="1280" max="1360">in settings form and connection modalmain.js— Wiredvpn_mtuthroughreadSettings(),fillSettings(),openModal(),saveModal(),selectConnection()utils.js— Addedvpn_mtutotoConfig()helperBackward Compatibility
vpn_mtuisOption<u16>with#[serde(default)]— existing configs without the field load fine and fall back to 1280VPN_MTUenvironment variable still works as a secondary fallback (CLI / daemon use)vpn_mtucontinue to workTesting
cargo test --workspace)vpn_mtu: NoneSavedConndeserialization test confirms missing field defaults toNoneMTU Safety — MIN is always 1280
backend/src/config.rsvalue_parserrange 1280–1360shared/src/lib.rsMIN_TUN_MTU = 1280resolve_tun_mtu()MaviVpnService.ktin 1280..1360check, fallback 1280gui/src/index.htmlmin="1280" max="1360"main.rs>= 1280 && <= 1360check, fallback None