tailscale/wgengine/router
Andrew Lytvynov c9179bc261
various: disable stateful filtering by default (#12197)
After some analysis, stateful filtering is only necessary in tailnets
that use `autogroup:danger-all` in `src` in ACLs. And in those cases
users explicitly specify that hosts outside of the tailnet should be
able to reach their nodes. To fix local DNS breakage in containers, we
disable stateful filtering by default.

Updates #12108

Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
2024-05-20 11:44:29 -07:00
..
callback.go wgengine/router: implement UpdateMagicsockPort for CallbackRouter (#10494) 2023-12-07 10:45:14 -05:00
consolidating_router.go wgengine/router: consolidate routes before reconfiguring router for mobile clients 2024-04-23 20:15:56 -05:00
consolidating_router_test.go wgengine/router: consolidate routes before reconfiguring router for mobile clients 2024-04-23 20:15:56 -05:00
ifconfig_windows.go net/{interfaces,netmon}, all: merge net/interfaces package into net/netmon 2024-04-28 07:34:52 -07:00
ifconfig_windows_test.go all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
router.go various: implement stateful firewalling on Linux (#12025) 2024-05-06 16:22:17 -06:00
router_darwin.go health, all: remove health.Global, finish plumbing health.Tracker 2024-04-26 12:03:11 -07:00
router_default.go health, all: remove health.Global, finish plumbing health.Tracker 2024-04-26 12:03:11 -07:00
router_fake.go util/linuxfw, wgengine: allow ingress to magicsock UDP port on Linux (#10370) 2023-12-05 18:12:02 -05:00
router_freebsd.go health, all: remove health.Global, finish plumbing health.Tracker 2024-04-26 12:03:11 -07:00
router_linux.go various: disable stateful filtering by default (#12197) 2024-05-20 11:44:29 -07:00
router_linux_test.go wgengine/router: print Docker warning when stateful filtering is enabled 2024-05-09 12:26:11 -06:00
router_openbsd.go health, all: remove health.Global, finish plumbing health.Tracker 2024-04-26 12:03:11 -07:00
router_test.go various: implement stateful firewalling on Linux (#12025) 2024-05-06 16:22:17 -06:00
router_userspace_bsd.go health, all: remove health.Global, finish plumbing health.Tracker 2024-04-26 12:03:11 -07:00
router_windows.go health, all: remove health.Global, finish plumbing health.Tracker 2024-04-26 12:03:11 -07:00
router_windows_test.go wgengine/router: look up absolute path to netsh.exe on Windows 2024-01-10 20:20:19 -05:00
runner.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00