From 21ac65d3da8b6b80184e9ce4311efbebac20f060 Mon Sep 17 00:00:00 2001
From: David Anderson <danderson@tailscale.com>
Date: Sun, 10 May 2020 23:53:02 +0000
Subject: [PATCH] wgengine/router: explicitly detect and complain about
 busybox's `ip`.

Defensive programming against #368 in environments other than Docker,
e.g. if you try using Tailscale in Alpine Linux directly, sans
container.

Signed-off-by: David Anderson <danderson@tailscale.com>
---
 wgengine/router/router_linux.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/wgengine/router/router_linux.go b/wgengine/router/router_linux.go
index 0b67784a0..d4040038c 100644
--- a/wgengine/router/router_linux.go
+++ b/wgengine/router/router_linux.go
@@ -391,6 +391,14 @@ func (r *linuxRouter) addBypassRule() error {
 func (r *linuxRouter) delBypassRule() error {
 	out, err := exec.Command("ip", "rule", "list", "priority", "10000").CombinedOutput()
 	if err != nil {
+		// Busybox ships an `ip` binary that doesn't understand
+		// uncommon rules. Try to detect this explicitly, and steer
+		// the user towards the correct fix. See
+		// https://github.com/tailscale/tailscale/issues/368 for an
+		// example of this issue.
+		if bytes.Contains(out, []byte("ip: ignoring all arguments")) {
+			return errors.New("cannot list ip rules, `ip` appears to be the busybox implementation. Please install iproute2")
+		}
 		return fmt.Errorf("listing ip rules: %v\n%s", err, out)
 	}
 	if len(out) == 0 {