TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-25 19:15:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

wgengine/filter: don't filter GCP DNS.

Browse Source 
Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson 2020-11-16 14:06:37 -08:00
parent 51c8fd1dfc
commit 3c508a58cc
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
net/packet/ip4.go
View File

@ -40,6 +40,13 @@ func (ip IP4) IsLinkLocalUnicast() bool {
return byte(ip>>24) == 169 && byte(ip>>16) == 254
}
// IsMostLinkLocalUnicast returns whether ip is a link-local unicast
// address other than the magical "169.254.169.254" address used by
// GCP DNS.
func (ip IP4) IsMostLinkLocalUnicast() bool {
return ip.IsLinkLocalUnicast() && ip != 0xA9FEA9FE
}
// ip4HeaderLength is the length of an IPv4 header with no IP options.
const ip4HeaderLength = 20

4
wgengine/filter/filter.go
View File

@ -454,7 +454,7 @@ func (f *Filter) pre(q *packet.Parsed, rf RunFlags, dir direction) Response {
f.logRateLimit(rf, q, dir, Drop, "multicast")
return Drop
}
if q.DstIP4.IsLinkLocalUnicast() {
if q.DstIP4.IsMostLinkLocalUnicast() {
f.logRateLimit(rf, q, dir, Drop, "link-local-unicast")
return Drop
}
@ -495,7 +495,7 @@ func omitDropLogging(p *packet.Parsed, dir direction) bool {
switch p.IPVersion {
case 4:
return p.DstIP4.IsMulticast() || p.DstIP4.IsLinkLocalUnicast() || p.IPProto == packet.IGMP
return p.DstIP4.IsMulticast() || p.DstIP4.IsMostLinkLocalUnicast() || p.IPProto == packet.IGMP
case 6:
return p.DstIP6.IsMulticast() || p.DstIP6.IsLinkLocalUnicast()
default: