tailscale

Commit Graph

Author	SHA1	Message	Date
KevinLiang10	b040094b90	util/linuxfw: reorganize nftables rules to allow it to work with ufw This commit tries to mimic the way iptables-nft work with the filewall rules. We follow the convention of using tables like filter, nat and the conventional chains, to make our nftables implementation work with ufw. Updates: #391 Signed-off-by: KevinLiang10 <kevinliang@tailscale.com>	2023-08-18 18:24:05 -07:00
KevinLiang10	a3c7b21cd1	util/linuxfw: add nftables support This commit adds nftable rule injection for tailscaled. If tailscaled is started with envknob TS_DEBUG_USE_NETLINK_NFTABLES = true, the router will use nftables to manage firewall rules. Updates: #391 Signed-off-by: KevinLiang10 <kevinliang@tailscale.com>	2023-07-19 14:33:23 -04:00

Author

SHA1

Message

Date

KevinLiang10

b040094b90

util/linuxfw: reorganize nftables rules to allow it to work with ufw

This commit tries to mimic the way iptables-nft work with the filewall rules. We
follow the convention of using tables like filter, nat and the conventional
chains, to make our nftables implementation work with ufw.

Updates: #391

Signed-off-by: KevinLiang10 <kevinliang@tailscale.com>

2023-08-18 18:24:05 -07:00

KevinLiang10

a3c7b21cd1

util/linuxfw: add nftables support

This commit adds nftable rule injection for tailscaled. If tailscaled is
started with envknob TS_DEBUG_USE_NETLINK_NFTABLES = true, the router
will use nftables to manage firewall rules.

Updates: #391

Signed-off-by: KevinLiang10 <kevinliang@tailscale.com>

2023-07-19 14:33:23 -04:00

2 Commits