wgengine/filter: only log packets to/from non-default routes.

Fixes tailscale/corp#1429. Signed-off-by: David Anderson <danderson@tailscale.com>
2025-11-06 20:11:43 +00:00 · 2021-03-09 16:10:30 -08:00
parent ef7bac2895
commit d79a2f3809
5 changed files with 181 additions and 16 deletions
--- a/wgengine/tstun/tun_test.go
+++ b/wgengine/tstun/tun_test.go
@@ -112,7 +112,7 @@ func setfilter(logf logger.Logf, tun *TUN) {
 	}
 	var sb netaddr.IPSetBuilder
 	sb.AddPrefix(netaddr.MustParseIPPrefix("1.2.0.0/16"))
-	tun.SetFilter(filter.New(matches, sb.IPSet(), nil, logf))
+	tun.SetFilter(filter.New(matches, sb.IPSet(), sb.IPSet(), nil, logf))
 }

 func newChannelTUN(logf logger.Logf, secure bool) (*tuntest.ChannelTUN, *TUN) {