65fbb9c303
This depends on improved support from the control server, to send the new subnet width (Bits) fields. If these are missing, we fall back to assuming their value is /32. Conversely, if the server sends Bits fields to an older client, it will interpret them as /32 addresses. Since the only rules we allow are "accept" rules, this will be narrower or equal to the intended rule, so older clients will simply reject hosts on the wider subnet (fail closed). With this change, the internal filter.Matches format has diverged from the wire format used by controlclient, so move the wire format into tailcfg and convert it to filter.Matches in controlclient. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
Tailscale
Private WireGuard® networks made easy
Overview
This repository contains all the open source Tailscale code. It currently includes the Linux client.
The Linux client is currently cmd/relaynode, but will
soon be replaced by cmd/tailscaled.
Using
We serve packages for a variety of distros at https://pkgs.tailscale.com .
Building
go install tailscale.com/cmd/tailscale{,d}
We only guarantee to support the latest Go release and any Go beta or release candidate builds (currently Go 1.14) in module mode. It might work in earlier Go versions or in GOPATH mode, but we're making no effort to keep those working.
Bugs
Please file any issues about this code or the hosted service on the issue tracker.
Contributing
under_construction.gif
PRs welcome, but we are still working out our contribution process and tooling.
We require Developer Certificate of
Origin
Signed-off-by lines in commits.
About Us
We are apenwarr, bradfitz, crawshaw, danderson, dfcarney, from Tailscale Inc. You can learn more about us from our website.
WireGuard is a registered trademark of Jason A. Donenfeld.