diff options
Diffstat (limited to 'tunnel/addressconfig.go')
-rw-r--r-- | tunnel/addressconfig.go | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/tunnel/addressconfig.go b/tunnel/addressconfig.go index a1e5dc59..6032d452 100644 --- a/tunnel/addressconfig.go +++ b/tunnel/addressconfig.go @@ -178,24 +178,27 @@ func configureInterface(family winipcfg.AddressFamily, conf *conf.Config, tun *t return nil } -func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error { - restrictAll := false - if len(conf.Peers) == 1 { - nextallowedip: - for _, allowedip := range conf.Peers[0].AllowedIPs { - if allowedip.Cidr == 0 { - for _, b := range allowedip.IP { - if b != 0 { - continue nextallowedip - } +func shouldEnableFirewall(conf *conf.Config) bool { + if len(conf.Peers) != 1 { + return false + } +nextallowedip: + for _, allowedip := range conf.Peers[0].AllowedIPs { + if allowedip.Cidr == 0 { + for _, b := range allowedip.IP { + if b != 0 { + continue nextallowedip } - restrictAll = true - break } + return true } } - if restrictAll && len(conf.Interface.DNS) == 0 { + return false +} + +func enableFirewall(conf *conf.Config, tun *tun.NativeTun) error { + if len(conf.Interface.DNS) == 0 { log.Println("Warning: no DNS server specified, despite having an allowed IPs of 0.0.0.0/0 or ::/0. There may be connectivity issues.") } - return firewall.EnableFirewall(tun.LUID(), conf.Interface.DNS, restrictAll) + return firewall.EnableFirewall(tun.LUID(), conf.Interface.DNS) } |