extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-03-13 22:28:53 +01:00
Code Issues Packages Projects Releases Wiki Activity

[client] Fix acl empty port range detection (#3285)

Browse Source
This commit is contained in:
Viktor Liu 2025-02-05 18:55:42 +01:00 committed by GitHub
parent 97d498c59c
commit 125b5e2b16
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
client/internal/acl/manager.go
View File

@ -268,7 +268,7 @@ func (d *DefaultManager) protoRuleToFirewallRule(
}
var port *firewall.Port
if r.PortInfo != nil {
if !portInfoEmpty(r.PortInfo) {
port = convertPortInfo(r.PortInfo)
} else if r.Port != "" {
// old version of management, single port
@ -305,6 +305,22 @@ func (d *DefaultManager) protoRuleToFirewallRule(
return ruleID, rules, nil
}
func portInfoEmpty(portInfo *mgmProto.PortInfo) bool {
if portInfo == nil {
return true
}
switch portInfo.GetPortSelection().(type) {
case *mgmProto.PortInfo_Port:
return portInfo.GetPort() == 0
case *mgmProto.PortInfo_Range_:
r := portInfo.GetRange()
return r == nil || r.Start == 0 || r.End == 0
default:
return true
}
}
func (d *DefaultManager) addInRules(
ip net.IP,
protocol firewall.Protocol,