extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-08-17 18:41:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

[client] Fix port range squashing (#4007)

Browse Source
This commit is contained in:
Viktor Liu
2025-06-18 18:56:48 +02:00
committed by GitHub
parent 0e5dc9d412
commit 23b5d45b68
2 changed files with 434 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
client/internal/acl/manager.go
View File

@@ -398,11 +398,15 @@ func (d *DefaultManager) squashAcceptRules(
//
// We zeroed this to notify squash function that this protocol can't be squashed.
addRuleToCalculationMap := func(i int, r *mgmProto.FirewallRule, protocols map[mgmProto.RuleProtocol]*protoMatch) {
drop := r.Action == mgmProto.RuleAction_DROP || r.Port != ""
if drop {
hasPortRestrictions := r.Action == mgmProto.RuleAction_DROP ||
r.Port != "" || !portInfoEmpty(r.PortInfo)
if hasPortRestrictions {
// Don't squash rules with port restrictions
protocols[r.Protocol] = &protoMatch{ips: map[string]int{}}
return
}
if _, ok := protocols[r.Protocol]; !ok {
protocols[r.Protocol] = &protoMatch{
ips: map[string]int{},