cmd/tailscale, cmd/tailscaled: move portmapper debugging into tailscale CLI

The debug flag on tailscaled isn't available in the macOS App Store build, since we don't have a tailscaled binary; move it to the 'tailscale debug' CLI that is available on all platforms instead, accessed over LocalAPI. Updates #7377 Signed-off-by: Andrew Dunham <andrew@du.nham.ca> Change-Id: I47bffe4461e036fab577c2e51e173f4003592ff7
2025-08-21 02:17:36 +00:00 · 2023-03-02 18:05:30 -05:00
parent 3e71e0ef68
commit 3f8e8b04fd
16 changed files with 233 additions and 130 deletions
--- a/cmd/tailscale/cli/debug.go
+++ b/cmd/tailscale/cli/debug.go
@@ -201,6 +201,18 @@ var debugCmd = &ffcli.Command{
 				return fs
 			})(),
 		},
+		{
+			Name:      "portmap",
+			Exec:      debugPortmap,
+			ShortHelp: "run portmap debugging debugging",
+			FlagSet: (func() *flag.FlagSet {
+				fs := newFlagSet("portmap")
+				fs.DurationVar(&debugPortmapArgs.duration, "duration", 5*time.Second, "timeout for port mapping")
+				fs.StringVar(&debugPortmapArgs.ty, "type", "", `portmap debug type (one of "", "pmp", "pcp", or "upnp")`)
+				fs.StringVar(&debugPortmapArgs.gwSelf, "gw-self", "", `override gateway and self IP (format: "gatewayIP/selfIP")`)
+				return fs
+			})(),
+		},
 	},
 }

@@ -789,3 +801,24 @@ func runCapture(ctx context.Context, args []string) error {
 	_, err = io.Copy(f, stream)
 	return err
 }
+
+var debugPortmapArgs struct {
+	duration time.Duration
+	gwSelf   string
+	ty       string
+}
+
+func debugPortmap(ctx context.Context, args []string) error {
+	rc, err := localClient.DebugPortmap(ctx,
+		debugPortmapArgs.duration,
+		debugPortmapArgs.ty,
+		debugPortmapArgs.gwSelf,
+	)
+	if err != nil {
+		return err
+	}
+	defer rc.Close()
+
+	_, err = io.Copy(os.Stdout, rc)
+	return err
+}
--- a/cmd/tailscale/cli/netcheck.go
+++ b/cmd/tailscale/cli/netcheck.go
@@ -47,7 +47,7 @@ var netcheckArgs struct {
 func runNetcheck(ctx context.Context, args []string) error {
 	c := &netcheck.Client{
 		UDPBindAddr: envknob.String("TS_DEBUG_NETCHECK_UDP_BIND"),
-		PortMapper:  portmapper.NewClient(logger.WithPrefix(log.Printf, "portmap: "), nil),
+		PortMapper:  portmapper.NewClient(logger.WithPrefix(log.Printf, "portmap: "), nil, nil),
 	}
 	if netcheckArgs.verbose {
 		c.Logf = logger.WithPrefix(log.Printf, "netcheck: ")
--- a/cmd/tailscaled/debug.go
+++ b/cmd/tailscaled/debug.go
@@ -14,24 +14,18 @@ import (
 	"fmt"
 	"io"
 	"log"
-	"net"
 	"net/http"
 	"net/http/httptrace"
-	"net/netip"
 	"net/url"
 	"os"
-	"strings"
 	"time"

 	"tailscale.com/derp/derphttp"
-	"tailscale.com/envknob"
 	"tailscale.com/ipn"
 	"tailscale.com/net/interfaces"
-	"tailscale.com/net/portmapper"
 	"tailscale.com/net/tshttpproxy"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/key"
-	"tailscale.com/types/logger"
 	"tailscale.com/wgengine/monitor"
 )

@@ -229,95 +223,5 @@ func checkDerp(ctx context.Context, derpRegion string) (err error) {
 }

 func debugPortmap(ctx context.Context) error {
-	ctx, cancel := context.WithTimeout(ctx, 3*time.Second)
-	defer cancel()
-
-	portmapper.VerboseLogs = true
-	switch envknob.String("TS_DEBUG_PORTMAP_TYPE") {
-	case "":
-	case "pmp":
-		portmapper.DisablePCP = true
-		portmapper.DisableUPnP = true
-	case "pcp":
-		portmapper.DisablePMP = true
-		portmapper.DisableUPnP = true
-	case "upnp":
-		portmapper.DisablePCP = true
-		portmapper.DisablePMP = true
-	default:
-		log.Fatalf("TS_DEBUG_PORTMAP_TYPE must be one of pmp,pcp,upnp")
-	}
-
-	done := make(chan bool, 1)
-
-	var c *portmapper.Client
-	logf := log.Printf
-	c = portmapper.NewClient(logger.WithPrefix(logf, "portmapper: "), func() {
-		logf("portmapping changed.")
-		logf("have mapping: %v", c.HaveMapping())
-
-		if ext, ok := c.GetCachedMappingOrStartCreatingOne(); ok {
-			logf("cb: mapping: %v", ext)
-			select {
-			case done <- true:
-			default:
-			}
-			return
-		}
-		logf("cb: no mapping")
-	})
-	linkMon, err := monitor.New(logger.WithPrefix(logf, "monitor: "))
-	if err != nil {
-		return err
-	}
-
-	gatewayAndSelfIP := func() (gw, self netip.Addr, ok bool) {
-		if v := os.Getenv("TS_DEBUG_GW_SELF"); strings.Contains(v, "/") {
-			i := strings.Index(v, "/")
-			gw = netip.MustParseAddr(v[:i])
-			self = netip.MustParseAddr(v[i+1:])
-			return gw, self, true
-		}
-		return linkMon.GatewayAndSelfIP()
-	}
-
-	c.SetGatewayLookupFunc(gatewayAndSelfIP)
-
-	gw, selfIP, ok := gatewayAndSelfIP()
-	if !ok {
-		logf("no gateway or self IP; %v", linkMon.InterfaceState())
-		return nil
-	}
-	logf("gw=%v; self=%v", gw, selfIP)
-
-	uc, err := net.ListenPacket("udp", "0.0.0.0:0")
-	if err != nil {
-		return err
-	}
-	defer uc.Close()
-	c.SetLocalPort(uint16(uc.LocalAddr().(*net.UDPAddr).Port))
-
-	res, err := c.Probe(ctx)
-	if err != nil {
-		return fmt.Errorf("Probe: %v", err)
-	}
-	logf("Probe: %+v", res)
-
-	if !res.PCP && !res.PMP && !res.UPnP {
-		logf("no portmapping services available")
-		return nil
-	}
-
-	if ext, ok := c.GetCachedMappingOrStartCreatingOne(); ok {
-		logf("mapping: %v", ext)
-	} else {
-		logf("no mapping")
-	}
-
-	select {
-	case <-done:
-		return nil
-	case <-ctx.Done():
-		return ctx.Err()
-	}
+	return fmt.Errorf("this flag has been deprecated in favour of 'tailscale debug portmap'")
 }