Merge pull request #106 from wollomatic/105-bug-isallowedclient-only-checks-the-first-valid-cidr

wollomatic · web-flow · commit 869a59cd6133 · 2026-03-08T13:36:51.000+01:00
[Bug] isAllowedClient() only checks the first valid CIDR (fixes #105)
diff --git a/cmd/socket-proxy/handlehttprequest.go b/cmd/socket-proxy/handlehttprequest.go
@@ -86,7 +86,10 @@ func isAllowedClient(clientIPStr string) (bool, error) {
 		_, allowedIPNet, err := net.ParseCIDR(allowFromItem)
 		if err == nil {
 			// AllowFrom is a valid CIDR, so check if IP address is in allowed network
-			return allowedIPNet.Contains(clientIP), nil
+			if allowedIPNet.Contains(clientIP) {
+				return true, nil
+			}
+			continue
 		}
 
 		// AllowFrom is not a valid CIDR, so try to resolve it via DNS
