From 206420c085f3850f9d6ab304b8a67cf84d3f157f Mon Sep 17 00:00:00 2001
From: Viktor Liu <17948409+lixmal@users.noreply.github.com>
Date: Wed, 5 Feb 2025 23:04:52 +0100
Subject: [PATCH] [client] Fix grouping of peer ACLs with different port ranges
 (#3289)

---
 client/internal/acl/manager.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/client/internal/acl/manager.go b/client/internal/acl/manager.go
index d2947f497..7cce7402f 100644
--- a/client/internal/acl/manager.go
+++ b/client/internal/acl/manager.go
@@ -507,7 +507,7 @@ func (d *DefaultManager) squashAcceptRules(
 
 // getRuleGroupingSelector takes all rule properties except IP address to build selector
 func (d *DefaultManager) getRuleGroupingSelector(rule *mgmProto.FirewallRule) string {
-	return fmt.Sprintf("%v:%v:%v:%s", strconv.Itoa(int(rule.Direction)), rule.Action, rule.Protocol, rule.Port)
+	return fmt.Sprintf("%v:%v:%v:%s:%v", strconv.Itoa(int(rule.Direction)), rule.Action, rule.Protocol, rule.Port, rule.PortInfo)
 }
 
 func (d *DefaultManager) rollBack(newRulePairs map[id.RuleID][]firewall.Rule) {