mirror of
https://github.com/tailscale/tailscale.git
synced 2025-01-10 01:53:49 +00:00
b560386c1a
This adds a new IP Protocol type, TSMP on protocol number 99 for sending inter-tailscale messages over WireGuard, currently just for why a peer rejects TCP SYNs (ACL rejection, shields up, and in the future: nothing listening, something listening on that port but wrong interface, etc) Updates #1094 Updates tailscale/corp#1185 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
67 lines
1.8 KiB
Go
67 lines
1.8 KiB
Go
// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package packet
|
|
|
|
// IPProto is an IP subprotocol as defined by the IANA protocol
|
|
// numbers list
|
|
// (https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml),
|
|
// or the special values Unknown or Fragment.
|
|
type IPProto uint8
|
|
|
|
const (
|
|
// Unknown represents an unknown or unsupported protocol; it's
|
|
// deliberately the zero value. Strictly speaking the zero
|
|
// value is IPv6 hop-by-hop extensions, but we don't support
|
|
// those, so this is still technically correct.
|
|
Unknown IPProto = 0x00
|
|
|
|
// Values from the IANA registry.
|
|
ICMPv4 IPProto = 0x01
|
|
IGMP IPProto = 0x02
|
|
ICMPv6 IPProto = 0x3a
|
|
TCP IPProto = 0x06
|
|
UDP IPProto = 0x11
|
|
|
|
// TSMP is the Tailscale Message Protocol (our ICMP-ish
|
|
// thing), an IP protocol used only between Tailscale nodes
|
|
// (still encrypted by WireGuard) that communicates why things
|
|
// failed, etc.
|
|
//
|
|
// Proto number 99 is reserved for "any private encryption
|
|
// scheme". We never accept these from the host OS stack nor
|
|
// send them to the host network stack. It's only used between
|
|
// nodes.
|
|
TSMP IPProto = 99
|
|
|
|
// Fragment represents any non-first IP fragment, for which we
|
|
// don't have the sub-protocol header (and therefore can't
|
|
// figure out what the sub-protocol is).
|
|
//
|
|
// 0xFF is reserved in the IANA registry, so we steal it for
|
|
// internal use.
|
|
Fragment IPProto = 0xFF
|
|
)
|
|
|
|
func (p IPProto) String() string {
|
|
switch p {
|
|
case Fragment:
|
|
return "Frag"
|
|
case ICMPv4:
|
|
return "ICMPv4"
|
|
case IGMP:
|
|
return "IGMP"
|
|
case ICMPv6:
|
|
return "ICMPv6"
|
|
case UDP:
|
|
return "UDP"
|
|
case TCP:
|
|
return "TCP"
|
|
case TSMP:
|
|
return "TSMP"
|
|
default:
|
|
return "Unknown"
|
|
}
|
|
}
|