From 8ca2d3486e2c0b3fde944a46086a625928814a79 Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Tue, 8 Apr 2025 22:36:07 +0200
Subject: firewall: T7333: Use separate cache keys per inet family

Cache keys were shared by IPv4/IPv6 resolution, causing script to try populate ipv6 sets with ipv4 addresses
---
 src/services/vyos-domain-resolver | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src/services')

diff --git a/src/services/vyos-domain-resolver b/src/services/vyos-domain-resolver
index aba5ba9db..4419fc4a7 100755
--- a/src/services/vyos-domain-resolver
+++ b/src/services/vyos-domain-resolver
@@ -92,12 +92,14 @@ def resolve(domains, ipv6=False):
     for domain in domains:
         resolved = fqdn_resolve(domain, ipv6=ipv6)
 
+        cache_key = f'{domain}_ipv6' if ipv6 else domain
+
         if resolved and cache:
-            domain_state[domain] = resolved
+            domain_state[cache_key] = resolved
         elif not resolved:
-            if domain not in domain_state:
+            if cache_key not in domain_state:
                 continue
-            resolved = domain_state[domain]
+            resolved = domain_state[cache_key]
 
         ip_list = ip_list | resolved
     return ip_list
-- 
cgit v1.2.3