Add back random iproute2 table index

This reverts commit e71911f94d.

tun_linux.go

@@ -3,6 +3,7 @@ package tun
 import (
 	"errors"
 	"fmt"
+	"math/rand"
 	"net"
 	"net/netip"
 	"os"
@@ -253,10 +254,6 @@ func (t *NativeTun) Name() (string, error) {
 }
 
 func (t *NativeTun) Start() error {
-	err := t.disableReversePathFilter()
-	if err != nil && t.options.Logger != nil && t.options.FileDescriptor == 0 {
-		t.options.Logger.Warn(E.Cause(err, "disable reverse path filter"))
-	}
 	if t.options.FileDescriptor != 0 {
 		return nil
 	}
@@ -280,6 +277,16 @@ func (t *NativeTun) Start() error {
 		}
 	}
 
+	if t.options.IPRoute2TableIndex == 0 {
+		for {
+			t.options.IPRoute2TableIndex = int(rand.Uint32())
+			routeList, fErr := netlink.RouteListFiltered(netlink.FAMILY_ALL, &netlink.Route{Table: t.options.IPRoute2TableIndex}, netlink.RT_FILTER_TABLE)
+			if len(routeList) == 0 || fErr != nil {
+				break
+			}
+		}
+	}
+
 	err = t.setRoute(tunLink)
 	if err != nil {
 		_ = t.unsetRoute0(tunLink)
@@ -1074,15 +1081,3 @@ func (t *NativeTun) setSearchDomainForSystemdResolved() {
 		_ = shell.Exec(ctlPath, append([]string{"dns", t.options.Name}, common.Map(dnsServer, netip.Addr.String)...)...).Run()
 	}()
 }
-
-func (t *NativeTun) disableReversePathFilter() error {
-	err := os.WriteFile("/proc/sys/net/ipv4/conf/all/rp_filter", []byte{'0'}, 0o644)
-	if err != nil {
-		return err
-	}
-	err = os.WriteFile("/proc/sys/net/ipv4/conf/"+t.options.Name+"/rp_filter", []byte{'0'}, 0o644)
-	if err != nil {
-		return err
-	}
-	return nil
-}