Brad Fitzpatrick
eafbf8886d
ipn/localapi: add localapi debug endpoints for packet filter/matches
...
For debugging #6423 . This is easier than TS_DEBUG_MAP, as this means I
can pipe things into jq, etc.
Updates #6423
Change-Id: Ib3e7496b2eb3f47d4bed42e9b8045a441424b23c
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2023-01-03 15:54:51 -08:00
Brad Fitzpatrick
08e110ebc5
cmd/tailscale: make "up", "status" warn if routes and --accept-routes off
...
Example output:
# Health check:
# - Some peers are advertising routes but --accept-routes is false
Also, move "tailscale status" health checks to the bottom, where they
won't be lost in large netmaps.
Updates #2053
Updates #6266
Change-Id: I5ae76a0cd69a452ce70063875cd7d974bfeb8f1a
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-11-11 10:56:50 -08:00
Joe Tsai
82f5f438e0
wgengine/wgcfg: plumb down audit log IDs ( #5855 )
...
The node and domain audit log IDs are provided in the map response,
but are ultimately going to be used in wgengine since
that's the layer that manages the tstun.Wrapper.
Do the plumbing work to get this field passed down the stack.
Signed-off-by: Joe Tsai <joetsai@digital-static.net>
2022-10-06 16:19:38 -07:00
Tom DNetto
e9b98dd2e1
control/controlclient,ipn/ipnlocal: wire tka enable/disable
...
Signed-off-by: Tom DNetto <tom@tailscale.com>
2022-09-21 12:57:59 -07:00
Brad Fitzpatrick
a12aad6b47
all: convert more code to use net/netip directly
...
perl -i -npe 's,netaddr.IPPrefixFrom,netip.PrefixFrom,' $(git grep -l -F netaddr.)
perl -i -npe 's,netaddr.IPPortFrom,netip.AddrPortFrom,' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPrefix,netip.Prefix,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPPort,netip.AddrPort,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IP\b,netip.Addr,g' $(git grep -l -F netaddr. )
perl -i -npe 's,netaddr.IPv6Raw\b,netip.AddrFrom16,g' $(git grep -l -F netaddr. )
goimports -w .
Then delete some stuff from the net/netaddr shim package which is no
longer neeed.
Updates #5162
Change-Id: Ia7a86893fe21c7e3ee1ec823e8aba288d4566cd8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-25 21:53:49 -07:00
Brad Fitzpatrick
7eaf5e509f
net/netaddr: start migrating to net/netip via new netaddr adapter package
...
Updates #5162
Change-Id: Id7bdec303b25471f69d542f8ce43805328d56c12
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-07-25 16:20:43 -07:00
Brad Fitzpatrick
a1e429f7c3
control/controlclient, types/netmap: remove unused LocalPort field
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-06-19 17:22:00 -07:00
Melanie Warrick
3a182d5dd6
ipn/ipnstate: add ExitNodeStatus to share the exit node if it is in use, the IP, ID and whether its online. ( #4761 )
...
-
Updates #4619
Signed-off-by: nyghtowl <warrick@tailscale.com>
2022-06-07 12:31:10 -07:00
Brad Fitzpatrick
4d85cf586b
cmd/tailscale, ipn/ipnlocal: add "peerapi" ping type
...
For debugging when stuff like #4750 isn't working.
RELNOTE=tailscale ping -peerapi
Change-Id: I9c52c90fb046e3ab7d2b121387073319fbf27b99
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-05-28 13:47:12 -07:00
Brad Fitzpatrick
61ee72940c
all: use Go 1.18's strings.Cut
...
More remain.
Change-Id: I6ec562cc1f687600758deae1c9d7dbd0d04004cb
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-03-16 14:53:59 -07:00
Maisem Ali
72d8672ef7
tailcfg: make Node.Hostinfo a HostinfoView
...
Signed-off-by: Maisem Ali <maisem@tailscale.com>
2022-02-16 12:55:57 -08:00
Brad Fitzpatrick
57115e923e
tailcfg: add start of SSH policy to be sent from control plane to nodes
...
Updates #3802
Change-Id: Iec58f35d445aaa267d0f7e7e2f30c049c1df4c0e
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-02-15 16:05:42 -08:00
Brad Fitzpatrick
857cd6c0d7
ipn/ipnstate: add TailnetName to status
...
RELNOTE=tailscale status --json | jq .TailnetName
Fixes tailscale/corp#3665
Change-Id: I85de027ba2781eb31ee1e0c5ab913b0dfa5b4c86
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2022-01-26 10:08:39 -08:00
David Anderson
0532eb30db
all: replace tailcfg.DiscoKey with key.DiscoPublic.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-03 14:00:16 -07:00
David Anderson
7e6a1ef4f1
tailcfg: use key.NodePublic in wire protocol types.
...
Updates #3206 .
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-02 09:11:43 -07:00
David Anderson
d6e7cec6a7
types/netmap: use key.NodePublic instead of tailcfg.NodeKey.
...
Update #3206
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-11-01 17:07:40 -07:00
David Anderson
6e5175373e
types/netmap: use new node key type.
...
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-10-28 10:44:34 -07:00
Brad Fitzpatrick
aae622314e
tailcfg, health: add way for control plane to add problems to health check
...
So if the control plane knows that something's broken about the node, it can
include problem(s) in MapResponse and "tailscale status" will show it.
(and GUIs in the future, as it's in ipnstate.Status/JSON)
This also bumps the MapRequest.Version, though it's not strictly
required. Doesn't hurt.
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-09-19 17:55:49 -07:00
Dave Anderson
980acc38ba
types/key: add a special key with custom serialization for control private keys ( #2792 )
...
* Revert "Revert "types/key: add MachinePrivate and MachinePublic.""
This reverts commit 61c3b98a24
.
Signed-off-by: David Anderson <danderson@tailscale.com>
* types/key: add ControlPrivate, with custom serialization.
ControlPrivate is just a MachinePrivate that serializes differently
in JSON, to be compatible with how the Tailscale control plane
historically serialized its private key.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-09-03 13:17:46 -07:00
David Anderson
61c3b98a24
Revert "types/key: add MachinePrivate and MachinePublic."
...
Broke the tailscale control plane due to surprise different serialization.
This reverts commit 4fdb88efe1
.
2021-09-03 11:34:34 -07:00
David Anderson
4fdb88efe1
types/key: add MachinePrivate and MachinePublic.
...
Plumb throughout the codebase as a replacement for the mixed use of
tailcfg.MachineKey and wgkey.Private/Public.
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-09-03 10:07:15 -07:00
Josh Bleecher Snyder
4c8b5fdec4
control/controlclient: do not periodically print full netmap
...
The netmaps can get really large.
Printing, processing, and uploading them is expensive.
Only print the header on an ongoing basis.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-08-17 12:57:49 -07:00
Josh Bleecher Snyder
25df067dd0
all: adapt to opaque netaddr types
...
This commit is a mishmash of automated edits using gofmt:
gofmt -r 'netaddr.IPPort{IP: a, Port: b} -> netaddr.IPPortFrom(a, b)' -w .
gofmt -r 'netaddr.IPPrefix{IP: a, Port: b} -> netaddr.IPPrefixFrom(a, b)' -w .
gofmt -r 'a.IP.Is4 -> a.IP().Is4' -w .
gofmt -r 'a.IP.As16 -> a.IP().As16' -w .
gofmt -r 'a.IP.Is6 -> a.IP().Is6' -w .
gofmt -r 'a.IP.As4 -> a.IP().As4' -w .
gofmt -r 'a.IP.String -> a.IP().String' -w .
And regexps:
\w*(.*)\.Port = (.*) -> $1 = $1.WithPort($2)
\w*(.*)\.IP = (.*) -> $1 = $1.WithIP($2)
And lots of manual fixups.
Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-05-16 14:52:00 -07:00
Brad Fitzpatrick
eb06ec172f
wgengine/netstack: don't pass non-subnet traffic to netstack in hybrid mode
...
Fixes tailscale/corp#1725
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-05-05 13:38:55 -07:00
Brad Fitzpatrick
6d64107f26
types/netmap: remove some old TODOs
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-18 19:30:13 -07:00
Brad Fitzpatrick
64c80129f1
types/netmap: add some docs/warning to NetworkMap
...
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-12 12:49:25 -07:00
Brad Fitzpatrick
1e7a35b225
types/netmap: split controlclient.NetworkMap off into its own leaf package
...
Updates #1278
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-02-05 16:18:52 -08:00