Fix issue where ACL * would filter out returning connections (#1279)

2026-03-24 02:11:21 +01:00 · 2023-03-27 19:19:32 +02:00
parent 56a7b1e349
commit c7b459b615
8 changed files with 437 additions and 5 deletions
--- a/machine.go
+++ b/machine.go
@@ -243,6 +243,12 @@ func filterMachinesByACL(

 		for _, peerIP := range peerIPs {
 			if dstMap, ok := aclPeerCacheMap[peerIP]; ok {
+				// match source and all destination
+				if _, dstOk := dstMap["*"]; dstOk {
+					peers[peer.ID] = peer
+
+					continue
+				}
 				// match return path
 				for _, machineIP := range machineIPs {
 					if _, dstOk := dstMap[machineIP]; dstOk {