1 files changed, 37 insertions, 5 deletions
diff --git a/proto/wireguard/wireguard.c b/proto/wireguard/wireguard.c
index 8b15b90b..366357af 100644
--- a/proto/wireguard/wireguard.c
+++ b/proto/wireguard/wireguard.c
@@ -278,13 +278,42 @@ init_allowed_ip(struct wg_allowedip *allowedip, u8 net_type, struct network *n)
   allowedip->cidr = net_pxlen(n->n.addr);
 }
 
-static int
-add_allowed_ip(u8 net_type, struct network *n, wg_peer *peer)
+static struct wg_allowedip *
+create_allowed_ip_network(u8 net_type, struct network *n)
 {
-  // Add allowed ip
   struct wg_allowedip *allowedip = malloc(sizeof(struct wg_allowedip));
   init_allowed_ip(allowedip, net_type, n);
+  return allowedip;
+}
+
+static void
+init_allowed_ip_addr(struct wg_allowedip *allowedip, ip_addr addr)
+{
+  memset(allowedip, 0, sizeof(struct wg_allowedip));
 
+  if (ipa_is_ip4(addr)) {
+    allowedip->family = AF_INET;
+    allowedip->ip4.s_addr = ip4_to_u32(ip4_hton(ipa_to_ip4(addr)));
+    allowedip->cidr = IP4_MAX_PREFIX_LENGTH;
+  } else {
+    allowedip->family = AF_INET6;
+    ip6_addr netaddr = ip6_hton(ipa_to_ip6(addr));
+    memcpy(allowedip->ip6.s6_addr, &netaddr, 16);
+    allowedip->cidr = IP6_MAX_PREFIX_LENGTH;
+  }
+}
+
+static struct wg_allowedip *
+create_allowed_ip_addr(ip_addr addr)
+{
+  struct wg_allowedip *allowedip = malloc(sizeof(struct wg_allowedip));
+  init_allowed_ip_addr(allowedip, addr);
+  return allowedip;
+}
+
+static int
+add_allowed_ip(struct wg_allowedip *allowedip, wg_peer *peer)
+{
   if (peer->first_allowedip && peer->last_allowedip)
     peer->last_allowedip->next_allowedip = allowedip;
   else
@@ -439,8 +468,11 @@ wg_rt_notify(struct proto *P, struct channel *CH, struct network *n,
 	  dump_peer(peer);
 	  if (is_tunnel_ep)
 	    set_peer_tunnel_ep(p, peer, encap.ep.ip, encap.udp_dest_port);
-	  if (add_ip)
-	    add_allowed_ip(ch->c.net_type, n, peer);
+	  if (add_ip) {
+	    struct wg_allowedip *allowed_n =
+	      create_allowed_ip_network(ch->c.net_type, n);
+	    add_allowed_ip(allowed_n, peer);
+	  }
 	  dirty = true;
 
 	  if (dirty) {