From a495c2aab5696cc0df7fffbe78799ea4c8264424 Mon Sep 17 00:00:00 2001
From: Misha Bragin <bangvalo@gmail.com>
Date: Sun, 5 Jun 2022 14:43:13 +0200
Subject: [PATCH] Fix interface ignore list (#352)

---
 client/internal/connect.go   | 6 +-----
 client/internal/engine.go    | 9 ++-------
 client/internal/peer/conn.go | 1 +
 3 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/client/internal/connect.go b/client/internal/connect.go
index b04e995d3b8..fcf11f9c11e 100644
--- a/client/internal/connect.go
+++ b/client/internal/connect.go
@@ -140,15 +140,11 @@ func RunClient(ctx context.Context, config *Config) error {
 
 // createEngineConfig converts configuration received from Management Service to EngineConfig
 func createEngineConfig(key wgtypes.Key, config *Config, peerConfig *mgmProto.PeerConfig) (*EngineConfig, error) {
-	iFaceBlackList := make(map[string]struct{})
-	for i := 0; i < len(config.IFaceBlackList); i += 2 {
-		iFaceBlackList[config.IFaceBlackList[i]] = struct{}{}
-	}
 
 	engineConf := &EngineConfig{
 		WgIfaceName:    config.WgIface,
 		WgAddr:         peerConfig.Address,
-		IFaceBlackList: iFaceBlackList,
+		IFaceBlackList: config.IFaceBlackList,
 		WgPrivateKey:   key,
 		WgPort:         iface.DefaultWgPort,
 	}
diff --git a/client/internal/engine.go b/client/internal/engine.go
index a7186f192b0..ca33852addd 100644
--- a/client/internal/engine.go
+++ b/client/internal/engine.go
@@ -45,7 +45,7 @@ type EngineConfig struct {
 	WgPrivateKey wgtypes.Key
 
 	// IFaceBlackList is a list of network interfaces to ignore when discovering connection candidates (ICE related)
-	IFaceBlackList map[string]struct{}
+	IFaceBlackList []string
 
 	PreSharedKey *wgtypes.Key
 
@@ -592,11 +592,6 @@ func (e Engine) createPeerConn(pubKey string, allowedIPs string) (*peer.Conn, er
 	stunTurn = append(stunTurn, e.STUNs...)
 	stunTurn = append(stunTurn, e.TURNs...)
 
-	interfaceBlacklist := make([]string, 0, len(e.config.IFaceBlackList))
-	for k := range e.config.IFaceBlackList {
-		interfaceBlacklist = append(interfaceBlacklist, k)
-	}
-
 	proxyConfig := proxy.Config{
 		RemoteKey:    pubKey,
 		WgListenAddr: fmt.Sprintf("127.0.0.1:%d", e.config.WgPort),
@@ -611,7 +606,7 @@ func (e Engine) createPeerConn(pubKey string, allowedIPs string) (*peer.Conn, er
 		Key:                pubKey,
 		LocalKey:           e.config.WgPrivateKey.PublicKey().String(),
 		StunTurn:           stunTurn,
-		InterfaceBlackList: interfaceBlacklist,
+		InterfaceBlackList: e.config.IFaceBlackList,
 		Timeout:            timeout,
 		UDPMux:             e.udpMux,
 		UDPMuxSrflx:        e.udpMuxSrflx,
diff --git a/client/internal/peer/conn.go b/client/internal/peer/conn.go
index d057fbfafc3..d1b118b66a9 100644
--- a/client/internal/peer/conn.go
+++ b/client/internal/peer/conn.go
@@ -92,6 +92,7 @@ func interfaceFilter(blackList []string) func(string) bool {
 	return func(iFace string) bool {
 		for _, s := range blackList {
 			if strings.HasPrefix(iFace, s) {
+				log.Debugf("ignoring interface %s - it is not allowed", iFace)
 				return false
 			}
 		}