From 0c370e4299cd16cec408747b46f1bdd43dfd278b Mon Sep 17 00:00:00 2001
From: Owen <owen@txv.io>
Date: Tue, 22 Apr 2025 22:18:50 -0400
Subject: [PATCH] Scope down the allowedIps so there are no conflicts

---
 server/routers/newt/handleGetConfigMessage.ts  | 2 +-
 server/routers/olm/handleOlmRegisterMessage.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/server/routers/newt/handleGetConfigMessage.ts b/server/routers/newt/handleGetConfigMessage.ts
index ad405d0..6c648ba 100644
--- a/server/routers/newt/handleGetConfigMessage.ts
+++ b/server/routers/newt/handleGetConfigMessage.ts
@@ -133,7 +133,7 @@ export const handleGetConfigMessage: MessageHandler = async (context) => {
 
                 return {
                     publicKey: client.clients.pubKey!,
-                    allowedIps: [client.clients.subnet!],
+                    allowedIps: [`${client.clients.subnet.split('/')[0]}/32`], // we want to only allow from that client
                     endpoint: client.clientSites.isRelayed
                         ? ""
                         : client.clients.endpoint! // if its relayed it should be localhost
diff --git a/server/routers/olm/handleOlmRegisterMessage.ts b/server/routers/olm/handleOlmRegisterMessage.ts
index a398d5e..d3ce74c 100644
--- a/server/routers/olm/handleOlmRegisterMessage.ts
+++ b/server/routers/olm/handleOlmRegisterMessage.ts
@@ -141,7 +141,7 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
             );
             await addPeer(site.siteId, {
                 publicKey: publicKey,
-                allowedIps: [client.subnet],
+                allowedIps: [`${client.subnet.split('/')[0]}/32`], // we want to only allow from that client
                 endpoint: client.endpoint
             });
         } else {