diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-04 22:40:19 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-05-05 13:34:54 +0200 |
commit | ab56e18f1bf729223566160a9a5d0794e2fc96e1 (patch) | |
tree | 72a2ac5a937643459bc4c07a5b657557225ca177 /service/ifaceconfig.go | |
parent | ui: use more windows icons (diff) | |
download | wireguard-windows-ab56e18f1bf729223566160a9a5d0794e2fc96e1.tar.xz wireguard-windows-ab56e18f1bf729223566160a9a5d0794e2fc96e1.zip |
ui: syntax: implement trafic blocking semantics
This is our "auto kill switch".
Diffstat (limited to 'service/ifaceconfig.go')
-rw-r--r-- | service/ifaceconfig.go | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/service/ifaceconfig.go b/service/ifaceconfig.go index 6f2320cf..e12a1b41 100644 --- a/service/ifaceconfig.go +++ b/service/ifaceconfig.go @@ -275,9 +275,15 @@ func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error { } restrictDNS := len(conf.Interface.Dns) > 0 restrictAll := false - for _, peer := range conf.Peers { - for _, allowedip := range peer.AllowedIPs { + if len(conf.Peers) == 1 { + nextallowedip: + for _, allowedip := range conf.Peers[0].AllowedIPs { if allowedip.Cidr == 0 { + for _, b := range allowedip.IP { + if b != 0 { + continue nextallowedip + } + } restrictAll = true break } |