mirror of
https://github.com/tailscale/tailscale.git
synced 2024-11-29 04:55:31 +00:00
util/linuxfw: return nil interface not concrete type
It was returning a nil `*iptablesRunner` instead of a nil `NetfilterRunner` interface which would then fail checks later. Fixes #13012 Signed-off-by: Maisem Ali <maisem@tailscale.com>
This commit is contained in:
parent
4099a36468
commit
a917718353
@ -592,9 +592,23 @@ func New(logf logger.Logf, prefHint string) (NetfilterRunner, error) {
|
|||||||
mode := detectFirewallMode(logf, prefHint)
|
mode := detectFirewallMode(logf, prefHint)
|
||||||
switch mode {
|
switch mode {
|
||||||
case FirewallModeIPTables:
|
case FirewallModeIPTables:
|
||||||
return newIPTablesRunner(logf)
|
// Note that we don't simply return an newIPTablesRunner here because it
|
||||||
|
// would return a `nil` iptablesRunner which is different from returning
|
||||||
|
// a nil NetfilterRunner.
|
||||||
|
ipr, err := newIPTablesRunner(logf)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return ipr, nil
|
||||||
case FirewallModeNfTables:
|
case FirewallModeNfTables:
|
||||||
return newNfTablesRunner(logf)
|
// Note that we don't simply return an newNfTablesRunner here because it
|
||||||
|
// would return a `nil` nftablesRunner which is different from returning
|
||||||
|
// a nil NetfilterRunner.
|
||||||
|
nfr, err := newNfTablesRunner(logf)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return nfr, nil
|
||||||
default:
|
default:
|
||||||
return nil, fmt.Errorf("unknown firewall mode %v", mode)
|
return nil, fmt.Errorf("unknown firewall mode %v", mode)
|
||||||
}
|
}
|
||||||
|
@ -374,7 +374,7 @@ func NewUserspaceEngine(logf logger.Logf, conf Config) (_ Engine, reterr error)
|
|||||||
e.logf("onPortUpdate(port=%v, network=%s)", port, network)
|
e.logf("onPortUpdate(port=%v, network=%s)", port, network)
|
||||||
|
|
||||||
if err := e.router.UpdateMagicsockPort(port, network); err != nil {
|
if err := e.router.UpdateMagicsockPort(port, network); err != nil {
|
||||||
e.logf("UpdateMagicsockPort(port=%v, network=%s) failed: %w", port, network, err)
|
e.logf("UpdateMagicsockPort(port=%v, network=%s) failed: %v", port, network, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
magicsockOpts := magicsock.Options{
|
magicsockOpts := magicsock.Options{
|
||||||
|
Loading…
Reference in New Issue
Block a user