PowerToys icon indicating copy to clipboard operation
PowerToys copied to clipboard
verified publisher icon microsoft

MWB: Fix firewall rule to allow remote connections from IPs outside the local subnet

Open vanzue opened this issue 7 months ago • 1 comments

Summary of the Pull Request

Fixes the firewall rule configuration for Mouse Without Borders to allow incoming remote connections from IP addresses outside the local subnet, addressing connectivity issues when devices are on different subnets.

PR Checklist

  • [X] Closes: #39430
  • [X] Communication: I've discussed this with core contributors already. If work hasn't been agreed, this work might be rejected
  • [X] Tests: Added/updated and all pass
  • [ ] Localization: All end user facing strings can be localized
  • [ ] Dev docs: Added/updated
  • [ ] New binaries: Added on the required places
  • [ ] Documentation updated: If checked, please file a pull request on our docs repo and link it here: #xxx

Detailed Description of the Pull Request / Additional comments

Previously, the firewall rule for Mouse Without Borders limited access to the LocalSubnet, which prevented connections between devices on different network segments. This change updates the rule to remove the remote IP restriction, and keep the control logic in code.

This change helps improve usability in environments where devices are logically separated across VLANs, VPNs, or different Wi-Fi networks.

Validation Steps Performed

Manually removed the existing rule and applied the updated one Verify the newly created one is not subnet only

vanzue avatar May 20 '25 02:05 vanzue

@vanzue My two cents on this and why I can't approve yet: I see the following problems with this change:

  1. The method to check subnets is never called.
  2. The method to check same subnet only supports IPv4.

https://github.com/microsoft/PowerToys/blob/main/src%2Fmodules%2FMouseWithoutBorders%2FApp%2FClass%2FSocketStuff.cs#L1064-L1072

Thanks for review, as the toggle says, same subnet only is meant to be work with ipv4 image

And I do see method called in the file when starting connection image

vanzue avatar May 20 '25 06:05 vanzue