TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2024-11-26 11:35:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
a20e46a80f
tailscale/net
History
Anton Tolchanov 8cc5c51888 health: warn about reverse path filtering and exit nodes 
When reverse path filtering is in strict mode on Linux, using an exit
node blocks all network connectivity. This change adds a warning about
this to `tailscale status` and the logs.

Example in `tailscale status`:

```
- not connected to home DERP region 22
- The following issues on your machine will likely make usage of exit nodes impossible: [interface "eth0" has strict reverse-path filtering enabled], please set rp_filter=2 instead of rp_filter=1; see https://github.com/tailscale/tailscale/issues/3310
```

Example in the logs:
```
2024/02/21 21:17:07 health("overall"): error: multiple errors:
	not in map poll
	The following issues on your machine will likely make usage of exit nodes impossible: [interface "eth0" has strict reverse-path filtering enabled], please set rp_filter=2 instead of rp_filter=1; see https://github.com/tailscale/tailscale/issues/3310
```

Updates #3310

Signed-off-by: Anton Tolchanov <anton@tailscale.com>
2024-02-27 00:43:01 +00:00
..
art all: cleanup unused code, part 2 (#10670) 2023-12-21 17:40:03 -08:00
connstats net/connstats: exclude traffic with internal Tailscale service (#7904) 2023-04-17 14:24:29 -07:00
dns cmd/tailscaled, ipn/ipnlocal, wgengine: shutdown tailscaled if wgdevice is closed 2024-02-26 14:45:35 -06:00
dnscache util/cmpx: delete now that we're using Go 1.22 2024-02-07 18:10:15 -08:00
dnsfallback net/dnsfallback: add singleflight to recursive resolver 2023-11-15 13:57:49 -05:00
flowtrack all: update copyright and license headers 2023-01-27 15:36:29 -08:00
interfaces net/interfaces: reduce & cleanup logs on iOS 2024-02-23 16:37:06 -08:00
ktimeout net/ktimeout: add a package to set TCP user timeout 2024-02-20 10:49:58 -08:00
memnet net/memnet: export the network name (#9111) 2023-08-28 11:43:51 -07:00
netaddr all: update copyright and license headers 2023-01-27 15:36:29 -08:00
netcheck util/cmpx: delete now that we're using Go 1.22 2024-02-07 18:10:15 -08:00
neterror net/neterror, wgengine/magicsock: use UDP GSO and GRO on Linux (#7791) 2023-04-04 16:32:16 -07:00
netkernelconf client/tailscale,ipn/{ipnlocal,localapi}: check UDP GRO config (#10071) 2023-11-09 11:34:41 -08:00
netknob all: update copyright and license headers 2023-01-27 15:36:29 -08:00
netmon net/netmon: when a new network is added, trigger netmon update (#10840) 2024-01-12 16:03:04 -08:00
netns net/{interfaces,netmon}: remove "interesting", EqualFiltered API 2023-08-29 11:57:30 -07:00
netstat net/{netns,netstat}: use new x/sys/cpu.IsBigEndian 2023-02-02 07:41:49 -08:00
netutil health: warn about reverse path filtering and exit nodes 2024-02-27 00:43:01 +00:00
packet all: cleanup unused code, part 1 (#10661) 2023-12-20 14:50:30 -08:00
ping net/ping: fix ICMP echo code field to 0 2023-09-15 17:08:39 -07:00
portmapper net/portmapper: support legacy "urn:dslforum-org" portmapping services 2024-01-23 21:29:29 -05:00
proxymux all: cleanup unused code, part 1 (#10661) 2023-12-20 14:50:30 -08:00
routetable all: cleanup unused code, part 2 (#10670) 2023-12-21 17:40:03 -08:00
socks5 net/socks5: add password auth support 2023-03-05 14:08:34 -08:00
sockstats net/dns: retry forwarder requests over TCP 2023-09-25 16:42:07 -04:00
speedtest all: update copyright and license headers 2023-01-27 15:36:29 -08:00
stun wgengine/magicsock, types/nettype, etc: finish ReadFromUDPAddrPort netip migration 2023-04-15 13:40:15 -07:00
stunserver cmd/{derper,stund},net/stunserver: add standalone stun server 2024-01-08 16:22:33 -08:00
tcpinfo net/tcpinfo: add package to allow fetching TCP information 2023-06-27 21:59:43 -04:00
tlsdial cmd/tailscale/cli: make netcheck run even if machine lacks TLS certs 2023-08-23 21:11:04 -07:00
tsaddr all: remove LenIter, use Go 1.22 range-over-int instead 2024-02-25 12:29:45 -08:00
tsdial all: remove LenIter, use Go 1.22 range-over-int instead 2024-02-25 12:29:45 -08:00
tshttpproxy net/tshttpproxy: log when we're using a proxy 2024-02-22 19:22:50 -05:00
tstun all: cleanup unused code, part 2 (#10670) 2023-12-21 17:40:03 -08:00
wsconn net/wsconn: accept a remote addr string and plumb it through 2023-08-29 16:57:16 -07:00