admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hotfix(settings): allow public IP outbound subnets but not the unspecified address

Browse Source
This commit is contained in:
Quentin McGaw
2024-02-03 20:02:43 +00:00
parent 6b9c775055
commit b5f1055682
3 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/configuration/settings/errors.go
View File

@@ -8,7 +8,7 @@ var (
ErrCountryNotValid = errors.New("the country specified is not valid") ErrCountryNotValid = errors.New("the country specified is not valid")
ErrFilepathMissing = errors.New("filepath is missing") ErrFilepathMissing = errors.New("filepath is missing")
ErrFirewallZeroPort = errors.New("cannot have a zero port") ErrFirewallZeroPort = errors.New("cannot have a zero port")
ErrFirewallPublicOutboundSubnet = errors.New("outbound subnet is public") ErrFirewallPublicOutboundSubnet = errors.New("outbound subnet has an unspecified address")
ErrHostnameNotValid = errors.New("the hostname specified is not valid") ErrHostnameNotValid = errors.New("the hostname specified is not valid")
ErrISPNotValid = errors.New("the ISP specified is not valid") ErrISPNotValid = errors.New("the ISP specified is not valid")
ErrMinRatioNotValid = errors.New("minimum ratio is not valid") ErrMinRatioNotValid = errors.New("minimum ratio is not valid")

2
internal/configuration/settings/firewall.go
View File

@@ -27,7 +27,7 @@ func (f Firewall) validate() (err error) {
} }
for _, subnet := range f.OutboundSubnets { for _, subnet := range f.OutboundSubnets {
if !subnet.Addr().IsPrivate() { if subnet.Addr().IsUnspecified() {
return fmt.Errorf("%w: %s", ErrFirewallPublicOutboundSubnet, subnet) return fmt.Errorf("%w: %s", ErrFirewallPublicOutboundSubnet, subnet)
} }
} }

4
internal/configuration/settings/firewall_test.go
View File

@@ -37,7 +37,7 @@ func Test_Firewall_validate(t *testing.T) {
}, },
}, },
errWrapped: ErrFirewallPublicOutboundSubnet, errWrapped: ErrFirewallPublicOutboundSubnet,
errMessage: "outbound subnet is public: 0.0.0.0/0", errMessage: "outbound subnet has an unspecified address: 0.0.0.0/0",
}, },
"public_outbound_subnet": { "public_outbound_subnet": {
firewall: Firewall{ firewall: Firewall{
@@ -45,8 +45,6 @@ func Test_Firewall_validate(t *testing.T) {
netip.MustParsePrefix("1.2.3.4/32"), netip.MustParsePrefix("1.2.3.4/32"),
}, },
}, },
errWrapped: ErrFirewallPublicOutboundSubnet,
errMessage: "outbound subnet is public: 1.2.3.4/32",
}, },
"valid_settings": { "valid_settings": {
firewall: Firewall{ firewall: Firewall{