net/packet, wgengine/filter: support SCTP

Add proto to flowtrack.Tuple. Add types/ipproto leaf package to break a cycle. Server-side ACL work remains. Updates #1516 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-11-07 12:46:55 +00:00 · 2021-03-19 21:05:51 -07:00
parent 90a6fb7ffe
commit 01b90df2fa
17 changed files with 154 additions and 62 deletions
--- a/wgengine/tstun/tun_test.go
+++ b/wgengine/tstun/tun_test.go
@@ -16,6 +16,7 @@ import (
 	"github.com/tailscale/wireguard-go/tun/tuntest"
 	"inet.af/netaddr"
 	"tailscale.com/net/packet"
+	"tailscale.com/types/ipproto"
 	"tailscale.com/types/logger"
 	"tailscale.com/wgengine/filter"
 )
@@ -106,7 +107,7 @@ func netports(netPorts ...string) (ret []filter.NetPortRange) {
 }

 func setfilter(logf logger.Logf, tun *TUN) {
-	protos := []packet.IPProto{
+	protos := []ipproto.Proto{
 		packet.TCP,
 		packet.UDP,
 	}