backport incompatible bart change (grr)

2025-11-22 16:34:25 +01:00 · 2025-10-17 12:05:23 -05:00
parent fc165a8b75
commit a0c6cea6fc
1 changed files with 6 additions and 9 deletions
--- a/firewall.go
+++ b/firewall.go
@@ -862,16 +862,13 @@ func (fr *FirewallRule) match(p firewall.Packet, c *cert.NebulaCertificate) bool
 		}
 	}

-	matched := false
-	prefix := netip.PrefixFrom(p.RemoteIP, p.RemoteIP.BitLen())
-	fr.CIDR.EachLookupPrefix(prefix, func(prefix netip.Prefix, val *firewallLocalCIDR) bool {
-		if prefix.Contains(p.RemoteIP) && val.match(p, c) {
-			matched = true
-			return false
-		}
+	for _, v := range fr.CIDR.Supernets(netip.PrefixFrom(p.RemoteIP, p.RemoteIP.BitLen())) {
+		if v.match(p, c) {
 			return true
-	})
-	return matched
+		}
+	}
+
+	return false
 }

 func (flc *firewallLocalCIDR) addRule(f *Firewall, localIp netip.Prefix) error {