TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-11 13:18:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

util/linuxfw,wgengine/router: enable IPv6 configuration when netfilter is disabled

Browse Source 
Updates #11434

Signed-off-by: James Tucker <james@tailscale.com>
This commit is contained in:
James Tucker
2024-03-21 15:43:12 -07:00
committed by James Tucker
parent 8444937c89
commit 3f7313dbdb
4 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
wgengine/router/router_linux.go
View File

@@ -56,6 +56,7 @@ type linuxRouter struct {
// Various feature checks for the network stack.
ipRuleAvailable bool // whether kernel was built with IP_MULTIPLE_TABLES
v6Available bool // whether the kernel supports IPv6
fwmaskWorks bool // whether we can use 'ip rule...fwmark <mark>/<mask>'
// ipPolicyPrefBase is the base priority at which ip rules are installed.
@@ -142,6 +143,8 @@ func newUserspaceRouterAdvanced(logf logger.Logf, tunname string, netMon *netmon
r.logf("mwan3 on openWRT detected, switching policy base priority to 1300")
}
r.v6Available = linuxfw.CheckIPv6(r.logf) == nil
r.fixupWSLMTU()
return r, nil
@@ -416,7 +419,7 @@ func (r *linuxRouter) UpdateMagicsockPort(port uint16, network string) error {
case "udp4":
magicsockPort = &r.magicsockPortV4
case "udp6":
if !r.nfr.HasIPV6() {
if !r.getV6Available() {
return nil
}
magicsockPort = &r.magicsockPortV6
@@ -523,7 +526,7 @@ func (r *linuxRouter) setNetfilterMode(mode preftype.NetfilterMode) error {
return fmt.Errorf("could not add magicsock port rule v4: %w", err)
}
}
if r.magicsockPortV6 != 0 && r.nfr.HasIPV6() {
if r.magicsockPortV6 != 0 && r.getV6Available() {
if err := r.nfr.AddMagicsockPortRule(r.magicsockPortV6, "udp6"); err != nil {
return fmt.Errorf("could not add magicsock port rule v6: %w", err)
}
@@ -563,7 +566,7 @@ func (r *linuxRouter) setNetfilterMode(mode preftype.NetfilterMode) error {
return fmt.Errorf("could not add magicsock port rule v4: %w", err)
}
}
if r.magicsockPortV6 != 0 && r.nfr.HasIPV6() {
if r.magicsockPortV6 != 0 && r.getV6Available() {
if err := r.nfr.AddMagicsockPortRule(r.magicsockPortV6, "udp6"); err != nil {
return fmt.Errorf("could not add magicsock port rule v6: %w", err)
}
@@ -602,6 +605,9 @@ func (r *linuxRouter) setNetfilterMode(mode preftype.NetfilterMode) error {
}
func (r *linuxRouter) getV6Available() bool {
if r.netfilterMode == netfilterOff {
return r.v6Available
}
return r.nfr.HasIPV6()
}