tailcfg: update docs on NetInfo.FirewallMode

Updates #391

Change-Id: Ifef196b31dd145f424fb0c0d0bb04565cc22c717
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2023-08-19 20:02:29 -07:00 committed by Brad Fitzpatrick
parent d8191a9813
commit 282dad1b62

View File

@ -741,9 +741,12 @@ type NetInfo struct {
// the control plane. // the control plane.
DERPLatency map[string]float64 `json:",omitempty"` DERPLatency map[string]float64 `json:",omitempty"`
// FirewallMode is the current firewall utility in use by router (iptables, nftables). // FirewallMode encodes both which firewall mode was selected and why.
// FirewallMode ipt means iptables, nft means nftables. When it's empty user is not using // It is Linux-specific (at least as of 2023-08-19) and is meant to help
// our netfilter runners to manage firewall rules. // debug iptables-vs-nftables issues. The string is of the form
// "{nft,ift}-REASON", like "nft-forced" or "ipt-default". Empty means
// either not Linux or a configuration in which the host firewall rules
// are not managed by tailscaled.
FirewallMode string `json:",omitempty"` FirewallMode string `json:",omitempty"`
// Update BasicallyEqual when adding fields. // Update BasicallyEqual when adding fields.