fix(firewall): parse "all" protocol from iptables chains

2025-11-03 16:06:21 +00:00
parent 35e9b2365d
commit 2e2e5f9df5
2 changed files with 13 additions and 1 deletions
--- a/internal/firewall/list.go
+++ b/internal/firewall/list.go
@@ -323,7 +323,7 @@ var ErrProtocolUnknown = errors.New("unknown protocol")

 func parseProtocol(s string) (protocol string, err error) {
 	switch s {
-	case "0":
+	case "0", "all":
 	case "1":
 		protocol = "icmp"
 	case "6":
--- a/internal/firewall/list_test.go
+++ b/internal/firewall/list_test.go
@@ -58,6 +58,7 @@ num pkts bytes target     prot opt in     out     source               destinati
 2   0     0 ACCEPT     6    --  tun0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:55405
 3   0     0 ACCEPT     1    --  tun0   *       0.0.0.0/0            0.0.0.0/0
 4   0     0 DROP       0    --  tun0   *       1.2.3.4              0.0.0.0/0
+5   0     0 ACCEPT     all  --  tun0   *       1.2.3.4              0.0.0.0/0
 `,
 			table: chain{
 				name:    "INPUT",
@@ -111,6 +112,17 @@ num pkts bytes target     prot opt in     out     source               destinati
 						source:          netip.MustParsePrefix("1.2.3.4/32"),
 						destination:     netip.MustParsePrefix("0.0.0.0/0"),
 					},
+					{
+						lineNumber:      5,
+						packets:         0,
+						bytes:           0,
+						target:          "ACCEPT",
+						protocol:        "",
+						inputInterface:  "tun0",
+						outputInterface: "*",
+						source:          netip.MustParsePrefix("1.2.3.4/32"),
+						destination:     netip.MustParsePrefix("0.0.0.0/0"),
+					},
 				},
 			},
 		},