mirror of
https://github.com/tailscale/tailscale.git
synced 2024-12-01 14:05:39 +00:00
1f51bb6891
In a configuration where the local node (ip1) has a different IP (ip2) that it uses to communicate with a peer (ip3) we would do UDP flow tracking on the `ip2->ip3` tuple. When we receive the response from the peer `ip3->ip2` we would dnat it back to `ip3->ip1` which would then not match the flow track state and the packet would get dropped. To fix this, we should do flow tracking on the `ip1->ip3` tuple instead of `ip2->ip3` which requires doing SNAT after the running filterPacketOutboundToWireGuard. Updates tailscale/corp#19971, tailscale/corp#8020 Signed-off-by: Maisem Ali <maisem@tailscale.com> |
||
---|---|---|
.. | ||
fake.go | ||
ifstatus_noop.go | ||
ifstatus_windows.go | ||
linkattrs_linux.go | ||
linkattrs_notlinux.go | ||
mtu_test.go | ||
mtu.go | ||
tap_linux.go | ||
tap_unsupported.go | ||
tstun_stub.go | ||
tun_features_linux.go | ||
tun_features_notlinux.go | ||
tun_linux.go | ||
tun_macos.go | ||
tun_notwindows.go | ||
tun_windows.go | ||
tun.go | ||
wrap_test.go | ||
wrap.go |