ACL Policies: lack of AND logic when assigning groups

netbirdio / netbird

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.

https://netbird.io

BSD 3-Clause "New" or "Revised" License

10.52k stars 472 forks source link

ACL Policies: lack of AND logic when assigning groups #2351

Open reana-ovo opened 1 month ago

reana-ovo commented 1 month ago

Currently when i add multiple groups it means devices only need to match one of the group. I can't create a policy where devices need to match both groups. It is a weird behavior because you can simply add multiple policies when you need to use an OR logic in those group selections and achieving AND logic is much more difficult. Port ranges seems not supported yet, i saw related issues.

GhaziTriki commented 1 month ago

Indeed port range would be useful especially for UDP.

alexcupertme commented 1 month ago

Why not create one more group and add devices that fits condition?