admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix routing reading issues

Browse Source 
- Detect VPN gateway properly
- Fix local subnet detection, refers to #188
- Split LocalSubnet from DefaultRoute (2 different routes actually)
This commit is contained in:
Quentin McGaw
2020-07-12 19:05:48 +00:00
parent 2acf627918
commit 6afa4f69a0
7 changed files with 150 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/firewall/enable.go
View File

@@ -63,7 +63,11 @@ func (c *configurator) fallbackToDisabled(ctx context.Context) {
}
func (c *configurator) enable(ctx context.Context) (err error) { //nolint:gocognit
defaultInterface, defaultGateway, defaultSubnet, err := c.routing.DefaultRoute()
defaultInterface, defaultGateway, err := c.routing.DefaultRoute()
if err != nil {
return fmt.Errorf("cannot enable firewall: %w", err)
}
localSubnet, err := c.routing.LocalSubnet()
if err != nil {
return fmt.Errorf("cannot enable firewall: %w", err)
}
@@ -100,10 +104,10 @@ func (c *configurator) enable(ctx context.Context) (err error) { //nolint:gocogn
if err = c.acceptOutputThroughInterface(ctx, string(constants.TUN), remove); err != nil {
return fmt.Errorf("cannot enable firewall: %w", err)
}
if err := c.acceptInputFromToSubnet(ctx, defaultSubnet, "*", remove); err != nil {
if err := c.acceptInputFromToSubnet(ctx, localSubnet, "*", remove); err != nil {
return fmt.Errorf("cannot enable firewall: %w", err)
}
if err := c.acceptOutputFromToSubnet(ctx, defaultSubnet, "*", remove); err != nil {
if err := c.acceptOutputFromToSubnet(ctx, localSubnet, "*", remove); err != nil {
return fmt.Errorf("cannot enable firewall: %w", err)
}
for _, subnet := range c.allowedSubnets {