TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-10-10 09:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

wgengine: plumb locally advertised subnet routes.

Browse Source 
With this change, advertising subnet routes configures the
firewall correctly.

Signed-off-by: David Anderson <danderson@tailscale.com>
This commit is contained in:
David Anderson
2020-05-07 17:48:11 +00:00
parent 89198b1691
commit 89af51b84d
4 changed files with 19 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
wgengine/userspace.go
View File

@@ -328,7 +328,12 @@ func (e *userspaceEngine) pinger(peerKey wgcfg.Key, ips []wgcfg.IP) {
// However, we don't actually ever provide it to wireguard and it's not in
// the traditional wireguard config format. On the other hand, wireguard
// itself doesn't use the traditional 'dns =' setting either.
func (e *userspaceEngine) Reconfig(cfg *wgcfg.Config, dnsDomains []string) error {
//
// TODO(danderson): this function signature is starting to get out of
// hand. Feels like we either need a wgengine.Config type, or make
// router and wgengine siblings of each other that interact via glue
// in ipn.
func (e *userspaceEngine) Reconfig(cfg *wgcfg.Config, dnsDomains []string, localRoutes []wgcfg.CIDR) error {
e.wgLock.Lock()
defer e.wgLock.Unlock()
@@ -381,12 +386,11 @@ func (e *userspaceEngine) Reconfig(cfg *wgcfg.Config, dnsDomains []string) error
}
rs := router.RouteSettings{
LocalAddr: cidr,
Cfg: cfg,
DNS: cfg.DNS,
DNSDomains: dnsDomains,
// HACK HACK HACK DO NOT SUBMIT just testing before further plumbing
SubnetRoutes: []wgcfg.CIDR{{IP: wgcfg.IPv4(192, 168, 17, 0), Mask: 24}},
LocalAddr: cidr,
Cfg: cfg,
DNS: cfg.DNS,
DNSDomains: dnsDomains,
SubnetRoutes: localRoutes,
}
// TODO(apenwarr): all the parts of RouteSettings should be "relevant."

4
wgengine/watchdog.go
View File

@@ -61,8 +61,8 @@ func (e *watchdogEngine) watchdog(name string, fn func()) {
})
}
func (e *watchdogEngine) Reconfig(cfg *wgcfg.Config, dnsDomains []string) error {
return e.watchdogErr("Reconfig", func() error { return e.wrap.Reconfig(cfg, dnsDomains) })
func (e *watchdogEngine) Reconfig(cfg *wgcfg.Config, dnsDomains []string, localRoutes []wgcfg.CIDR) error {
return e.watchdogErr("Reconfig", func() error { return e.wrap.Reconfig(cfg, dnsDomains, localRoutes) })
}
func (e *watchdogEngine) GetFilter() *filter.Filter {
var x *filter.Filter

2
wgengine/wgengine.go
View File

@@ -59,7 +59,7 @@ type Engine interface {
// sends an updated network map.
//
// The returned error is ErrNoChanges if no changes were made.
Reconfig(cfg *wgcfg.Config, dnsDomains []string) error
Reconfig(cfg *wgcfg.Config, dnsDomains []string, localSubnets []wgcfg.CIDR) error
// GetFilter returns the current packet filter, if any.
GetFilter() *filter.Filter