Reject port 0 in NB_DNS_FIREWALL_PORTS and roll back firewall on DNS setup failure

2026-05-20 23:59:55 +00:00 · 2026-05-05 18:37:24 +02:00
parent 0415137acd
commit f42b8aed90
3 changed files with 10 additions and 1 deletions
--- a/client/internal/dns/host_windows.go
+++ b/client/internal/dns/host_windows.go
@@ -221,7 +221,11 @@ func (r *registryConfigurator) applyRouteAll(config HostDNSConfig) error {
 			return fmt.Errorf("dns firewall: %w", err)
 		}
 		if err := r.addDNSSetupForAll(config.ServerIP); err != nil {
-			return fmt.Errorf("add dns setup: %w", err)
+			merr := multierror.Append(nil, fmt.Errorf("add dns setup: %w", err))
+			if dErr := r.dnsFirewall.Disable(); dErr != nil {
+				merr = multierror.Append(merr, fmt.Errorf("rollback dns firewall: %w", dErr))
+			}
+			return nberrors.FormatErrorOrNil(merr)
 		}
 		return nil
 	}