diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2018-06-29 15:59:38 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2018-07-02 12:16:33 +0200 |
| commit | 7a49ccaf8b929784cbf09eec69d15e05f2d3bd11 (patch) | |
| tree | 1d2faeed2fb2e74efacacbe033bf236c0c1c3844 | |
| parent | 0bfe0ea63b680ae47da5b4154899cc928de39184 (diff) | |
| download | mullvadvpn-7a49ccaf8b929784cbf09eec69d15e05f2d3bd11.tar.xz mullvadvpn-7a49ccaf8b929784cbf09eec69d15e05f2d3bd11.zip | |
Refactor matching on security policy
| -rw-r--r-- | talpid-core/src/firewall/linux/mod.rs | 29 |
1 files changed, 13 insertions, 16 deletions
diff --git a/talpid-core/src/firewall/linux/mod.rs b/talpid-core/src/firewall/linux/mod.rs index 502f12e033..abe2e1d920 100644 --- a/talpid-core/src/firewall/linux/mod.rs +++ b/talpid-core/src/firewall/linux/mod.rs @@ -218,29 +218,26 @@ impl<'a> PolicyBatch<'a> { } fn add_policy_specific_rules(&mut self, policy: &SecurityPolicy) -> Result<()> { - match policy { + let (relay_endpoint, allow_lan, tunnel) = match policy { SecurityPolicy::Connecting { relay_endpoint, allow_lan, - } => { - self.add_allow_endpoint_rules(relay_endpoint)?; - if *allow_lan { - self.add_allow_lan_rules()?; - } - } + } => (relay_endpoint, *allow_lan, None), SecurityPolicy::Connected { relay_endpoint, tunnel, allow_lan, - } => { - self.add_allow_endpoint_rules(relay_endpoint)?; - self.add_dns_rule(tunnel, net::TransportProtocol::Udp)?; - self.add_dns_rule(tunnel, net::TransportProtocol::Tcp)?; - self.add_allow_tunnel_rules(tunnel)?; - if *allow_lan { - self.add_allow_lan_rules()?; - } - } + } => (relay_endpoint, *allow_lan, Some(tunnel)), + }; + + self.add_allow_endpoint_rules(relay_endpoint)?; + if let Some(tunnel) = tunnel { + self.add_dns_rule(tunnel, net::TransportProtocol::Udp)?; + self.add_dns_rule(tunnel, net::TransportProtocol::Tcp)?; + self.add_allow_tunnel_rules(tunnel)?; + } + if allow_lan { + self.add_allow_lan_rules()?; } Ok(()) } |