tailscale/util
Irbe Krumina 9bd158cc09
cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, clean up if needed (#13658)
The AddSNATRuleForDst rule was adding a new rule each time it was called including:
- if a rule already existed
- if a rule matching the destination, but with different desired source already existed

This was causing issues especially for the in-progress egress HA proxies work,
where the rules are now refreshed more frequently, so more redundant rules
were being created.

This change:
- only creates the rule if it doesn't already exist
- if a rule for the same dst, but different source is found, delete it
- also ensures that egress proxies refresh firewall rules
if the node's tailnet IP changes

Updates tailscale/tailscale#13406

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
2024-10-03 20:15:00 +01:00
..
cache util/cache: fix missing interface methods (#11275) 2024-02-27 23:03:49 -05:00
cibuild all: update copyright and license headers 2023-01-27 15:36:29 -08:00
clientmetric util/clientmetric: allow client metric values to be provided by a function 2023-04-05 17:21:16 -07:00
cloudenv all: use math/rand/v2 more 2024-06-05 15:24:04 -07:00
cmpver util/cmpver: add Less/LessEq helper funcs 2024-03-05 16:57:04 +00:00
codegen cmd/cloner, cmd/viewer, util/codegen: add support for aliases of cloneable types 2024-08-23 15:43:40 -05:00
cstruct all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
ctxkey all: use reflect.TypeFor now available in Go 1.22 (#11078) 2024-02-08 17:34:22 -08:00
deephash util/deephash: fix test regression on 32-bit 2024-06-19 12:25:53 -07:00
dirwalk all: use tstest.Replace more 2023-03-04 12:24:55 -08:00
dnsname all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
execqueue control/controlclient,util/execqueue: extract execqueue into a package 2024-01-18 12:08:13 -08:00
expvarx all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
fastuuid all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
goroutines util/goroutines: let ScrubbedGoroutineDump get only current stack 2023-06-23 12:50:45 -07:00
groupmember util/groupmember: fail earlier if group doesn't exist, use slices.Contains 2023-11-01 19:23:16 -07:00
hashx all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
httphdr util/httphdr: add new package for parsing HTTP headers (#9797) 2023-10-13 15:38:22 -07:00
httpm util/httpm: don't run test if .git doesn't exist 2023-11-22 12:09:59 -05:00
jsonutil all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
limiter all: add test for package comments, fix, add comments as needed 2024-07-10 09:57:00 -07:00
lineread all: update copyright and license headers 2023-01-27 15:36:29 -08:00
linuxfw cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, clean up if needed (#13658) 2024-10-03 20:15:00 +01:00
lru util/lru: add Clear method 2024-05-17 20:01:40 -04:00
mak various: add golangci-lint, fix issues (#7905) 2023-04-17 18:38:24 -04:00
multierr all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
must all: update copyright and license headers 2023-01-27 15:36:29 -08:00
nocasemaps all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
osdiag all: add test for package comments, fix, add comments as needed 2024-07-10 09:57:00 -07:00
osshare all: add test for package comments, fix, add comments as needed 2024-07-10 09:57:00 -07:00
osuser util/osuser: turn wasm check into a const expression 2024-07-29 19:39:55 -07:00
pidowner all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
pool util/pool: add package for storing and using a pool of items 2024-05-24 14:11:19 -04:00
precompress all: update copyright and license headers 2023-01-27 15:36:29 -08:00
progresstracking ipn/localapi: add support for multipart POST to file-put 2024-03-27 08:53:52 -05:00
quarantine all: update copyright and license headers 2023-01-27 15:36:29 -08:00
race all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
racebuild all: update copyright and license headers 2023-01-27 15:36:29 -08:00
rands wgengine/magicsock: use math/rands/v2 2024-06-05 15:57:27 -07:00
reload all: use math/rand/v2 more 2024-06-05 15:24:04 -07:00
ringbuffer all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
set util/set: add Of variant of SetOf that takes variadic parameter 2024-05-05 21:14:28 -07:00
singleflight util/singleflight: add DoChanContext 2024-06-10 18:38:27 -04:00
slicesx util/slicesx: add FirstElementEqual and LastElementEqual 2024-09-11 18:36:00 -07:00
syspolicy control/controlclient,posture,util/syspolicy: use predefined syspolicy keys instead of string literals 2024-09-04 15:25:19 -05:00
sysresources util/sysresources, magicsock: scale DERP buffer based on system memory 2023-04-03 17:14:14 -04:00
systemd all: update copyright and license headers 2023-01-27 15:36:29 -08:00
testenv util/testenv: add new package to hold InTest 2023-08-08 19:51:44 -06:00
topk all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
truncate util/truncate: support []byte as well (#11614) 2024-04-04 14:38:16 -07:00
uniq all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
usermetric util/usermetrics: make usermetrics non-global 2024-09-25 15:57:00 +02:00
vizerror util/vizerror: add As function to get wrapped Error 2023-02-01 14:39:13 -08:00
winutil util/winutil: add GetRegUserString/SetRegUserString accessors for storage and retrieval of string values in HKEY_CURRENT_USER 2024-08-20 08:07:57 -06:00
zstdframe all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00