netns,wgengine: add OpenBSD support to netns via an rtable

When an exit node has been set and a new default route is added,
create a new rtable in the default rdomain and add the current
default route via its physical interface.  When control() is
requesting a connection not go through the exit-node default route,
we can use the SO_RTABLE socket option to force it through the new
rtable we created.

Updates #17321

Signed-off-by: joshua stein <jcs@jcs.org>
This commit is contained in:
joshua stein
2026-02-22 17:13:58 -06:00
committed by Brad Fitzpatrick
parent 7370c24eb4
commit 518d241700
11 changed files with 231 additions and 20 deletions
+1 -1
View File
@@ -1,7 +1,7 @@
// Copyright (c) Tailscale Inc & contributors
// SPDX-License-Identifier: BSD-3-Clause
//go:build darwin || freebsd
//go:build darwin || freebsd || openbsd
package routetable
@@ -1,7 +1,7 @@
// Copyright (c) Tailscale Inc & contributors
// SPDX-License-Identifier: BSD-3-Clause
//go:build freebsd
//go:build freebsd || openbsd
package routetable
@@ -21,6 +21,7 @@ var flags = map[int]string{
unix.RTF_BROADCAST: "broadcast",
unix.RTF_GATEWAY: "gateway",
unix.RTF_HOST: "host",
unix.RTF_LOCAL: "local",
unix.RTF_MULTICAST: "multicast",
unix.RTF_REJECT: "reject",
unix.RTF_STATIC: "static",
+1 -1
View File
@@ -1,7 +1,7 @@
// Copyright (c) Tailscale Inc & contributors
// SPDX-License-Identifier: BSD-3-Clause
//go:build android || (!linux && !darwin && !freebsd)
//go:build android || (!linux && !darwin && !freebsd && !openbsd)
package routetable