wgengine: only use AmbientCaps on DSM7+

Signed-off-by: Maisem Ali <maisem@tailscale.com>
(cherry picked from commit 27799a1a96)
This commit is contained in:
Maisem Ali 2021-10-18 10:13:36 -07:00
parent ffaa572266
commit 56095e9824

View File

@ -156,7 +156,7 @@ func newUserspaceRouter(logf logger.Logf, tunDev tun.Device, linkMon *monitor.Mo
}
cmd := osCommandRunner{
ambientCapNetAdmin: distro.Get() == distro.Synology,
ambientCapNetAdmin: useAmbientCaps(),
}
return newUserspaceRouterAdvanced(logf, tunname, linkMon, ipt4, ipt6, cmd, supportsV6, supportsV6NAT)
@ -185,6 +185,17 @@ func newUserspaceRouterAdvanced(logf logger.Logf, tunname string, linkMon *monit
return r, nil
}
func useAmbientCaps() bool {
if distro.Get() != distro.Synology {
return false
}
v, err := strconv.Atoi(os.Getenv("SYNOPKG_DSM_VERSION_MAJOR"))
if err != nil {
return false
}
return v >= 7
}
// onIPRuleDeleted is the callback from the link monitor for when an IP policy
// rule is deleted. See Issue 1591.
//