ipn/ipnlocal: transform default routes into "all but LAN" routes.

Fixes #1177. Signed-off-by: David Anderson <danderson@tailscale.com>
2025-08-12 05:37:32 +00:00 · 2021-02-22 20:43:35 -08:00
parent b46e337cdc
commit f647e3daaf
3 changed files with 153 additions and 37 deletions
--- a/ipn/ipnlocal/local_test.go
+++ b/ipn/ipnlocal/local_test.go
@@ -8,6 +8,7 @@ import (
 	"testing"

 	"inet.af/netaddr"
+	"tailscale.com/net/tsaddr"
 	"tailscale.com/tailcfg"
 	"tailscale.com/types/netmap"
 )
@@ -118,3 +119,55 @@ func TestNetworkMapCompare(t *testing.T) {
 		}
 	}
 }
+
+func TestShrinkDefaultRoute(t *testing.T) {
+	tests := []struct {
+		route string
+		in    []string
+		out   []string
+	}{
+		{
+			route: "0.0.0.0/0",
+			in:    []string{"1.2.3.4", "25.0.0.1"},
+			out: []string{
+				"10.0.0.1",
+				"10.255.255.255",
+				"192.168.0.1",
+				"192.168.255.255",
+				"172.16.0.1",
+				"172.31.255.255",
+				"100.101.102.103",
+				// Some random IPv6 stuff that shouldn't be in a v4
+				// default route.
+				"fe80::",
+				"2601::1",
+			},
+		},
+		{
+			route: "::/0",
+			in:    []string{"::1", "2601::1"},
+			out: []string{
+				"fe80::1",
+				tsaddr.TailscaleULARange().IP.String(),
+			},
+		},
+	}
+
+	for _, test := range tests {
+		def := netaddr.MustParseIPPrefix(test.route)
+		got, err := shrinkDefaultRoute(def)
+		if err != nil {
+			t.Fatalf("shrinkDefaultRoute(%q): %v", test.route, err)
+		}
+		for _, ip := range test.in {
+			if !got.Contains(netaddr.MustParseIP(ip)) {
+				t.Errorf("shrink(%q).Contains(%v) = false, want true", test.route, ip)
+			}
+		}
+		for _, ip := range test.out {
+			if got.Contains(netaddr.MustParseIP(ip)) {
+				t.Errorf("shrink(%q).Contains(%v) = true, want false", test.route, ip)
+			}
+		}
+	}
+}