From f9bd38572a735ec17ae05d1de68cbdf9e5745b26 Mon Sep 17 00:00:00 2001
From: Michael Chus <mike@mchus.pro>
Date: Sun, 29 Mar 2026 10:39:16 +0300
Subject: [PATCH] fix(network): strip linkdown/dead/onlink flags when restoring
 routes

ip route show includes state flags like 'linkdown' that ip route add
does not accept, causing restore to fail.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 audit/internal/platform/network.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/audit/internal/platform/network.go b/audit/internal/platform/network.go
index 247aed3..c6a86fb 100644
--- a/audit/internal/platform/network.go
+++ b/audit/internal/platform/network.go
@@ -134,7 +134,17 @@ func (s *System) RestoreNetworkSnapshot(snapshot NetworkSnapshot) error {
 		if len(fields) == 0 {
 			continue
 		}
-		args := append([]string{"route", "add"}, fields...)
+		// Strip state flags that ip-route(8) does not accept as add arguments.
+		filtered := fields[:0]
+		for _, f := range fields {
+			switch f {
+			case "linkdown", "dead", "onlink", "pervasive":
+				// skip
+			default:
+				filtered = append(filtered, f)
+			}
+		}
+		args := append([]string{"route", "add"}, filtered...)
 		if raw, err := exec.Command("ip", args...).CombinedOutput(); err != nil {
 			detail := strings.TrimSpace(string(raw))
 			if detail != "" {