You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Irbe Krumina
9bd158cc09
cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, clean up if needed ( #13658 ) ...
The AddSNATRuleForDst rule was adding a new rule each time it was called including:
- if a rule already existed
- if a rule matching the destination, but with different desired source already existed
This was causing issues especially for the in-progress egress HA proxies work,
where the rules are now refreshed more frequently, so more redundant rules
were being created.
This change:
- only creates the rule if it doesn't already exist
- if a rule for the same dst, but different source is found, delete it
- also ensures that egress proxies refresh firewall rules
if the node's tailnet IP changes
Updates tailscale/tailscale#13406
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
2 years ago
..
callback.go
wgengine/router: implement UpdateMagicsockPort for CallbackRouter ( #10494 )
2 years ago
consolidating_router.go
wgengine/router: consolidate routes before reconfiguring router for mobile clients
2 years ago
consolidating_router_test.go
wgengine/router: consolidate routes before reconfiguring router for mobile clients
2 years ago
ifconfig_windows.go
wgengine/router: use quad-100 as the nexthop on Windows
2 years ago
ifconfig_windows_test.go
all: use Go 1.22 range-over-int
2 years ago
router.go
various: implement stateful firewalling on Linux ( #12025 )
2 years ago
router_darwin.go
health, all: remove health.Global, finish plumbing health.Tracker
2 years ago
router_default.go
health, all: remove health.Global, finish plumbing health.Tracker
2 years ago
router_fake.go
util/linuxfw, wgengine: allow ingress to magicsock UDP port on Linux ( #10370 )
2 years ago
router_freebsd.go
health, all: remove health.Global, finish plumbing health.Tracker
2 years ago
router_linux.go
health: begin work to use structured health warnings instead of strings, pipe changes into ipn.Notify ( #12406 )
2 years ago
router_linux_test.go
cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, clean up if needed ( #13658 )
2 years ago
router_openbsd.go
health, all: remove health.Global, finish plumbing health.Tracker
2 years ago
router_test.go
various: implement stateful firewalling on Linux ( #12025 )
2 years ago
router_userspace_bsd.go
health, all: remove health.Global, finish plumbing health.Tracker
2 years ago
router_windows.go
cmd/tailscaled, net/dns, wgengine/router: start Windows child processes with DETACHED_PROCESS when I/O is being piped
2 years ago
router_windows_test.go
wgengine/router: look up absolute path to netsh.exe on Windows
2 years ago
runner.go
all: update copyright and license headers
3 years ago
Irbe Krumina
9bd158cc09