cmd/tailscaled: disable netns in userspace-networking mode

Updates #2827 Updates #2822 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-10-09 08:01:31 +00:00 · 2021-09-09 15:20:08 -07:00
parent 31c1331415
commit 382b349c54
7 changed files with 23 additions and 0 deletions
--- a/net/netns/netns.go
+++ b/net/netns/netns.go
@@ -19,12 +19,23 @@ import (
 	"net"

 	"inet.af/netaddr"
+	"tailscale.com/syncs"
 )

+var disabled syncs.AtomicBool
+
+// Disable disables netns for the process.
+func Disable() {
+	disabled.Set(true)
+}
+
 // Listener returns a new net.Listener with its Control hook func
 // initialized as necessary to run in logical network namespace that
 // doesn't route back into Tailscale.
 func Listener() *net.ListenConfig {
+	if disabled.Get() {
+		return new(net.ListenConfig)
+	}
 	return &net.ListenConfig{Control: control}
 }

@@ -41,6 +52,9 @@ func NewDialer() Dialer {
 // handles using a SOCKS if configured in the environment with
 // ALL_PROXY.
 func FromDialer(d *net.Dialer) Dialer {
+	if disabled.Get() {
+		return d
+	}
 	d.Control = control
 	if wrapDialer != nil {
 		return wrapDialer(d)