Split IPv4 and IPv6 rules

netbirdio · Aug 14, 2024 · 79d776a · 79d776a
1 parent efbd29c
commit 79d776a
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/management/server/route.go b/management/server/route.go
@@ -456,7 +456,7 @@ func getDefaultPermit(route *route.Route) []*RouteFirewallRule {
 	if route.Network.Addr().Is6() {
 		sources = []string{"::/0"}
 	}
-	ruleIn := RouteFirewallRule{
+	rule := RouteFirewallRule{
 		SourceRanges: sources,
 		Direction:    firewallRuleDirectionIN,
 		Action:       string(PolicyTrafficActionAccept),
@@ -466,11 +466,13 @@ func getDefaultPermit(route *route.Route) []*RouteFirewallRule {
 		IsDynamic:    route.IsDynamic(),
 	}
 
+	rules = append(rules, &rule)
+
 	// dynamic routes always contain an IPv4 placeholder as destination, hence we must add IPv6 rules additionally
 	if route.IsDynamic() {
-		ruleIn.SourceRanges = append(ruleIn.SourceRanges, "::/0")
+		ruleV6 := rule
+		ruleV6.SourceRanges = []string{"::/0"}
 	}
-	rules = append(rules, &ruleIn)
 
 	return rules
 }