TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-01-08 09:07:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

wgengine/router: always use nftables mode on gokrazy

Browse Source 
Updates gokrazy/gokrazy#209

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2023-08-15 10:11:38 -07:00 committed by Brad Fitzpatrick
parent 17ce75347c
commit 25a8daf405
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wgengine/router/router_linux.go
View File

@ -76,6 +76,11 @@ func (l *linuxFWDetector) nftDetect() (int, error) {
// chooseFireWallMode returns the firewall mode to use based on the // chooseFireWallMode returns the firewall mode to use based on the
// environment and the system's capabilities. // environment and the system's capabilities.
func chooseFireWallMode(logf logger.Logf, det tableDetector) linuxfw.FirewallMode { func chooseFireWallMode(logf logger.Logf, det tableDetector) linuxfw.FirewallMode {
if distro.Get() == distro.Gokrazy {
// Reduce startup logging on gokrazy. There's no way to do iptables on
// gokrazy anyway.
return linuxfw.FirewallModeNfTables
}
iptAva, nftAva := true, true iptAva, nftAva := true, true
iptRuleCount, err := det.iptDetect() iptRuleCount, err := det.iptDetect()
if err != nil { if err != nil {