admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix #273 (#277), adding FIREWALL_OUTBOUND_SUBNETS

Browse Source
This commit is contained in:
Quentin McGaw
2020-10-29 19:23:44 -04:00
committed by GitHub
parent f7bff247aa
commit db64dea664
16 changed files with 341 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/firewall/enable.go
View File

@@ -94,6 +94,12 @@ func (c *configurator) enable(ctx context.Context) (err error) {
return fmt.Errorf("cannot enable firewall: %w", err)
}
for _, subnet := range c.outboundSubnets {
if err := c.acceptOutputFromIPToSubnet(ctx, c.defaultInterface, c.localIP, subnet, remove); err != nil {
return fmt.Errorf("cannot enable firewall: %w", err)
}
}
// Allows packets from any IP address to go through eth0 / local network
// to reach Gluetun.
if err := c.acceptInputToSubnet(ctx, c.defaultInterface, c.localSubnet, remove); err != nil {