From 01810935857d7c039d527e0f1ca31200c8643cdb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vladimir.cunat@nic.cz>
Date: Tue, 21 Feb 2023 15:35:14 +0100
Subject: [PATCH] view: fix destination-based matching

Apparently it's never worked since its introduction.

.addr is non-nil exactly when .dst_addr is non-nil
(which hapens iff the query originated externally).
Now we have semantics which was probably intended by the original code
(982162956a from 2016) but that semantics is still problematic
if you need both kinds of matching in a single request from client.

This matching by destination has never made it to docs,
so let's just add this simple fixup for now, and later
we'll steer users to new policy configuration anyway.
---
 modules/view/view.lua | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/view/view.lua b/modules/view/view.lua
index f5e186261..d704384d5 100644
--- a/modules/view/view.lua
+++ b/modules/view/view.lua
@@ -69,8 +69,9 @@ local function evaluate(state, req)
 				if execute(state, req, match_cb) then return end
 			end
 		end
+	end
 	-- Finally try :addr by the destination.
-	elseif req.qsource.dst_addr ~= nil then
+	if req.qsource.dst_addr ~= nil then
 		for i = 1, #view.dst do
 			local pair = view.dst[i]
 			if match_subnet(pair[1], pair[2], pair[3], req.qsource.dst_addr) then
-- 
GitLab