tunspace: add deterministic mac

FFHener · FFHener · commit b49dcb1ebef8 · 2025-09-19T19:56:00.000+02:00
diff --git a/packages/tunspace/tunspace.uc b/packages/tunspace/tunspace.uc
@@ -131,6 +131,7 @@ function create_wg_interface(nsid, ifname, ifcfg, netns) {
     return true;
   }
 
+
   if (!interface_exists_netns(ifname, netns)) {
     // TODO: use once ucode-mod-rtnl supports target_netnsid
     //
@@ -377,7 +378,7 @@ function wireguard_maintenance(st, cfg) {
       continue;
     }
 
-    // refill candidates if neccessary, but skip servers that are already in use
+    // refill candidates if necessary, but skip servers that are already in use
     if (length(st.candidates) == 0) {
       st.candidates = filter(keys(cfg.wireguard_servers), function(name) {
         return index(in_use, name) == -1 && !cfg.wireguard_servers[name].disabled;
@@ -456,7 +457,23 @@ function uplink_maintenance(cfg) {
     shell_command("ip -n "+netns+" link set "+netnsifname+" up");
   } else if (mode == "bridge") {
     // or create a macvlan bridge:
-    shell_command("ip link add "+netnsifname+" link "+ifname+" type macvlan mode bridge");
+
+    // Generate a deterministic mac first
+    let mac = split(trim(fs.readfile("/sys/class/net/"+ifname+"/address")), ":");
+    let changedpart = hex(mac[5]);
+    // Adds 2 to the hex-value, but subtracts 2 if we are to high to avoid counting over ff
+    if (changedpart <= 167){
+      changedpart = changedpart + 2;
+    } else {
+      changedpart = changedpart - 2;
+    }
+
+    changedpart = sprintf("%x",changedpart); // convert dec to hex
+    pop(mac);
+    push(mac, changedpart);
+    mac = join(":",mac);
+
+    shell_command("ip link add "+netnsifname+" address "+mac+" link "+ifname+" type macvlan mode bridge");
     shell_command("ip link set dev "+netnsifname+" netns "+netns);
     shell_command("ip -n "+netns+" link set up "+netnsifname+"");
   } else {
