summaryrefslogtreecommitdiffhomepage
path: root/wgengine/router/router.go
diff options
context:
space:
mode:
Diffstat (limited to 'wgengine/router/router.go')
-rw-r--r--wgengine/router/router.go9
1 files changed, 5 insertions, 4 deletions
diff --git a/wgengine/router/router.go b/wgengine/router/router.go
index 6868acb43..f8d702d47 100644
--- a/wgengine/router/router.go
+++ b/wgengine/router/router.go
@@ -132,10 +132,11 @@ type Config struct {
SubnetRoutes []netip.Prefix
// Linux-only things below, ignored on other platforms.
- SNATSubnetRoutes bool // SNAT traffic to local subnets
- StatefulFiltering bool // Apply stateful filtering to inbound connections
- NetfilterMode preftype.NetfilterMode // how much to manage netfilter rules
- NetfilterKind string // what kind of netfilter to use ("nftables", "iptables", or "" to auto-detect)
+ SNATSubnetRoutes bool // SNAT traffic to local subnets
+ StatefulFiltering bool // Apply stateful filtering to inbound connections
+ NetfilterMode preftype.NetfilterMode // how much to manage netfilter rules
+ NetfilterKind string // what kind of netfilter to use ("nftables", "iptables", or "" to auto-detect)
+ RemoveCGNATDropRule bool // whether to remove the firewall rule to drop non-Tailscale inbound traffic from CGNAT IPs
}
func (a *Config) Equal(b *Config) bool {
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.