ui: syntax: implement trafic blocking semantics

This is our "auto kill switch". Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2019-05-04 22:40:19 +0200
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2019-05-05 13:34:54 +0200
commit: 20f9b0386d62fa8df8835fec7238188ab87e792a (patch)
tree: 72a2ac5a937643459bc4c07a5b657557225ca177 /service
parent: ui: use more windows icons (diff)
download: wireguard-windows-20f9b0386d62fa8df8835fec7238188ab87e792a.tar.xz
wireguard-windows-20f9b0386d62fa8df8835fec7238188ab87e792a.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/service/ifaceconfig.go b/service/ifaceconfig.go
index 6f2320cf..e12a1b41 100644
--- a/service/ifaceconfig.go
+++ b/service/ifaceconfig.go
@@ -275,9 +275,15 @@ func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error {
 	}
 	restrictDNS := len(conf.Interface.Dns) > 0
 	restrictAll := false
-	for _, peer := range conf.Peers {
-		for _, allowedip := range peer.AllowedIPs {
+	if len(conf.Peers) == 1 {
+	nextallowedip:
+		for _, allowedip := range conf.Peers[0].AllowedIPs {
 			if allowedip.Cidr == 0 {
+				for _, b := range allowedip.IP {
+					if b != 0 {
+						continue nextallowedip
+					}
+				}
 				restrictAll = true
 				break
 			}
author	Jason A. Donenfeld <Jason@zx2c4.com>	2019-05-04 22:40:19 +0200
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2019-05-05 13:34:54 +0200
commit	20f9b0386d62fa8df8835fec7238188ab87e792a (patch)
tree	72a2ac5a937643459bc4c07a5b657557225ca177 /service
parent	ui: use more windows icons (diff)
download	wireguard-windows-20f9b0386d62fa8df8835fec7238188ab87e792a.tar.xz wireguard-windows-20f9b0386d62fa8df8835fec7238188ab87e792a.zip