aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/tunnel/addressconfig.go
diff options
context:
space:
mode:
Diffstat (limited to 'tunnel/addressconfig.go')
-rw-r--r--tunnel/addressconfig.go31
1 files changed, 17 insertions, 14 deletions
diff --git a/tunnel/addressconfig.go b/tunnel/addressconfig.go
index a1e5dc59..6032d452 100644
--- a/tunnel/addressconfig.go
+++ b/tunnel/addressconfig.go
@@ -178,24 +178,27 @@ func configureInterface(family winipcfg.AddressFamily, conf *conf.Config, tun *t
return nil
}
-func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error {
- restrictAll := false
- if len(conf.Peers) == 1 {
- nextallowedip:
- for _, allowedip := range conf.Peers[0].AllowedIPs {
- if allowedip.Cidr == 0 {
- for _, b := range allowedip.IP {
- if b != 0 {
- continue nextallowedip
- }
+func shouldEnableFirewall(conf *conf.Config) bool {
+ if len(conf.Peers) != 1 {
+ return false
+ }
+nextallowedip:
+ for _, allowedip := range conf.Peers[0].AllowedIPs {
+ if allowedip.Cidr == 0 {
+ for _, b := range allowedip.IP {
+ if b != 0 {
+ continue nextallowedip
}
- restrictAll = true
- break
}
+ return true
}
}
- if restrictAll && len(conf.Interface.DNS) == 0 {
+ return false
+}
+
+func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error {
+ if len(conf.Interface.DNS) == 0 {
log.Println("Warning: no DNS server specified, despite having an allowed IPs of 0.0.0.0/0 or ::/0. There may be connectivity issues.")
}
- return firewall.EnableFirewall(tun.LUID(), conf.Interface.DNS, restrictAll)
+ return firewall.EnableFirewall(tun.LUID(), conf.Interface.DNS)
}