From 9ec289683571ea3d65dd3d4d5ec056bd10bc73ad Mon Sep 17 00:00:00 2001
From: Sam Symons <sam@samsymons.com>
Date: Thu, 5 Dec 2024 16:08:41 -0800
Subject: [PATCH] Route 10.0.0.0/8 through the tunnel when including local
 networks.

---
 Sources/NetworkProtection/Routing/VPNRoutingRange.swift     | 6 ++++++
 .../NetworkProtection/Routing/VPNRoutingTableResolver.swift | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/Sources/NetworkProtection/Routing/VPNRoutingRange.swift b/Sources/NetworkProtection/Routing/VPNRoutingRange.swift
index d72f63628..953b2dd8e 100644
--- a/Sources/NetworkProtection/Routing/VPNRoutingRange.swift
+++ b/Sources/NetworkProtection/Routing/VPNRoutingRange.swift
@@ -40,6 +40,12 @@ public enum VPNRoutingRange {
         "192.168.0.0/16", /* 255.255.0.0 */
     ]
 
+    public static let localNetworkRangeWithDNS: [NetworkProtection.IPAddressRange] = [
+        "10.0.0.0/8",     /* 255.0.0.0   */
+        "172.16.0.0/12",  /* 255.240.0.0 */
+        "192.168.0.0/16", /* 255.255.0.0 */
+    ]
+
     public static let publicNetworkRange: [NetworkProtection.IPAddressRange] = [
         "1.0.0.0/8",
         "2.0.0.0/8",
diff --git a/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift b/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift
index 505aa455a..9fb9c3ad8 100644
--- a/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift
+++ b/Sources/NetworkProtection/Routing/VPNRoutingTableResolver.swift
@@ -53,7 +53,7 @@ struct VPNRoutingTableResolver {
         var routes = VPNRoutingRange.publicNetworkRange + dnsRoutes()
 
         if !excludeLocalNetworks {
-            routes += VPNRoutingRange.localNetworkRange
+            routes += VPNRoutingRange.localNetworkRangeWithDNS
         }
 
         return routes