| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
This PR adds DNSFilterURL to the DNSConfig type to be used by
control changes to add DNS filtering logic
Fixes #cleanup
Signed-off-by: Richard Castro <richard@tailscale.com>
|
|
* clientupdate: return NOTREACHED for macsys
The work is done in Swift; this is now a documentation placeholder.
Updates #6995
Signed-off-by: Chris Palmer <cpalmer@tailscale.com>
|
|
Updates tailscale/corp#13775
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
In preparation for a different refactor, but incidentally also saves
10-25% memory on overall table size in benchmarks.
Updates #7781
Signed-off-by: David Anderson <danderson@tailscale.com>
|
|
All exit nodes are shown under this subcommand.
Updates tailscale/corp#13025
Signed-off-by: Charlotte Brandhorst-Satzkorn <charlotte@tailscale.com>
|
|
If an optional request ID generating func is supplied to StdHandler,
then requests that return an error will be logged with a request ID that
is also shown as part of the response.
Updates tailscale/corp#2549
Change-Id: Ic7499706df42f95b6878d44d4aab253e2fc6a69b
Signed-off-by: Adrian Dewhurst <adrian@tailscale.com>
|
|
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
|
|
Updates tailscale/corp#13945
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
nftables
To record wether user is using iptables or nftables after we add support to nftables on linux, we
are adding a field FirewallMode to NetInfo in HostInfo to reflect what firewall mode the host is
running, and form metrics. The information is gained from a global constant in hostinfo.go. We
set it when selection heuristic made the decision, and magicsock reports this to control.
Updates: tailscale/corp#13943
Signed-off-by: KevinLiang10 <kevinliang@tailscale.com>
|
|
If a node is flapping or otherwise generating lots of STUN endpoints, we
can end up caching a ton of useless values and sending them to peers.
Instead, let's apply a fixed per-Addr limit of endpoints that we cache,
so that we're only sending peers up to the N most recent.
Updates tailscale/corp#13890
Signed-off-by: Andrew Dunham <andrew@du.nham.ca>
Change-Id: I8079a05b44220c46da55016c0e5fc96dd2135ef8
|
|
This copies the existing go template frontend into very crude react
components that will be driven by a simple JSON api for fetching and
updating data. For now, this returns a static set of test data.
This just implements the simple existing UI, so I've put these all in a
"legacy" component, with the expectation that we will rebuild this with
more properly defined components, some pulled from corp.
Updates tailscale/corp#13775
Signed-off-by: Will Norris <will@tailscale.com>
|
|
Updates tailscale/corp#13775
Signed-off-by: Will Norris <will@tailscale.com>
|
|
Stupid mistake in earlier refactor.
Updates gokrazy/gokrazy#209
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Updates gokrazy/gokrazy#209
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Updates #cleanup
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
When trying to use serve with https, send users through https cert
provisioning enablement before editing the ServeConfig.
Updates tailscale/corp#10577
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
1. Add metrics to funnel flow.
2. Stop blocking users from turning off funnels when no longer in
their node capabilities.
3. Rename LocalClient.IncrementMetric to IncrementCounter to better
callout its usage is only for counter clientmetrics.
Updates tailscale/corp#10577
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
A #cleanup to add a func to utilize the already-present
"/localapi/v0/upload-client-metrics" localapi endpoint.
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
bugreports
The Layered Service Provider (LSP) is a deprecated (but still supported)
mechanism for inserting user-mode DLLs into a filter chain between the
Winsock API surface (ie, ws2_32.dll) and the internal user-mode interface
to the networking stack.
While their use is becoming more rare due to the aforementioned deprecation,
it is still possible for third-party software to install their DLLs into
this filter chain and interfere with Winsock API calls. Knowing whether
this is happening is useful for troubleshooting.
Fixes https://github.com/tailscale/tailscale/issues/8142
Signed-off-by: Aaron Klotz <aaron@tailscale.com>
|
|
The current router errors out when neither iptables nor nftables support is present. We
should fall back to the previous behaviour which we creates a dummy iptablesRunner.
Fixes: #8878
Signed-off-by: KevinLiang10 <kevinliang@tailscale.com>
|
|
Updates tailscale/corp#13775
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
A #cleanup PR.
Signed-off-by: Aaron Klotz <aaron@tailscale.com>
|
|
No need to have it on Auto or be behind a mutex; it's only read/written
from a single goroutine. Move it there.
Updates tailscale/corp#5761
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
See issue. This is a baby step towards passing through deltas
end-to-end from node to control back to node and down to the various
engine subsystems, not computing diffs from two full netmaps at
various levels. This will then let us support larger netmaps without
burning CPU.
But this change itself changes no behavior. It just changes a func
type to an interface with one method. That paves the way for future
changes to then add new NetmapUpdater methods that do more
fine-grained work than updating the whole world.
Updates #1909
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Deepin Linux 20.x reports its version as "apricot"
Set it to bullseye, the Debian version it corresponds to.
Also fix the installer CI: OpenSUSE Leap appears to have removed
curl from the base image recently, we have to install it now.
Fixes https://github.com/tailscale/tailscale/issues/8850
Updates https://github.com/tailscale/tailscale/issues/7862
Updates https://github.com/tailscale/corp/issues/8952
Signed-off-by: Denton Gentry <dgentry@tailscale.com>
|
|
The read of the synced field for logging takes place outside the lock, and
races with other (locked) writes of this field, including for example the one
at current line 556 in mapRoutine.
Updates tailscale/corp#13856
Change-Id: I056b36d7a93025aafdf73528dd7645f10b791af6
Signed-off-by: M. J. Fromberger <fromberger@tailscale.com>
|
|
Implement naive update for Synology packages, using latest versions from
pkgs.tailscale.com. This is naive because we completely trust
pkgs.tailscale.com to give us a safe package. We should switch this to
some better signing mechanism later.
I've only tested this on one DS218 box, so all the CPU architecture
munging is purely based on docs.
Updates #6995
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
|
|
This removes the unsafe/linkname and only uses the standard library.
It's a bit slower, for now, but https://go.dev/cl/518336 should get us
back.
On darwin/arm64, without https://go.dev/cl/518336
pkg: tailscale.com/tstime/mono
│ before │ after │
│ sec/op │ sec/op vs base │
MonoNow-8 16.20n ± 0% 19.75n ± 0% +21.92% (p=0.000 n=10)
TimeNow-8 39.46n ± 0% 39.40n ± 0% -0.16% (p=0.002 n=10)
geomean 25.28n 27.89n +10.33%
And with it,
MonoNow-8 16.34n ± 1% 16.93n ± 0% +3.67% (p=0.001 n=10)
TimeNow-8 39.55n ± 15% 38.46n ± 1% -2.76% (p=0.000 n=10)
geomean 25.42n 25.52n +0.41%
Updates #8839
Updates tailscale/go#70
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Fixes #8856
Signed-off-by: Shayne Sweeney <shayne@tailscale.com>
|
|
Netcheck no longer performs I/O itself, instead it makes requests via
SendPacket and expects users to route reply traffic to
ReceiveSTUNPacket.
Netcheck gains a Standalone function that stands up sockets and
goroutines to implement I/O when used in a standalone fashion.
Magicsock now unconditionally routes STUN traffic to the netcheck.Client
that it hosts, and plumbs the send packet sink.
The CLI is updated to make use of the Standalone mode.
Fixes #8723
Signed-off-by: James Tucker <james@tailscale.com>
|
|
Also allows us to use absolute import paths (see change in index.tsx).
Updates tailscale/corp#13775
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
Updates #cleanup
Signed-off-by: Maisem Ali <maisem@tailscale.com>
|
|
Updates tailscale/corp#13775
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
Updates #cleanup
Signed-off-by: Maisem Ali <maisem@tailscale.com>
|
|
For testing reconnects.
Updates tailscale/corp#5761
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
This sets the Don't Fragment flag, for now behind the
TS_DEBUG_ENABLE_PMTUD envknob.
Updates #311.
Signed-off-by: Val <valerie@tailscale.com>
Signed-off-by: salman <salman@tailscale.com>
|
|
Currently just serving a "Hello world" page when running the web
cli in --dev mode.
Updates tailscale/corp#13775
Co-authored-by: Will Norris <will@tailscale.com>
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
Extract the self-update logic from cmd/tailscale/cli into a standalone
package that could be used from tailscaled later.
Updates #6995
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
|
|
Syncing these up with what we've got in corp.
Updates tailscale/corp#13775
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
Instead of having updates replace the map polls, create
a third goroutine which is solely responsible for making
sure that control is aware of the latest client state.
This also makes it so that the streaming map polls are only
broken when there are auth changes, or the client is paused.
Updates tailscale/corp#5761
Signed-off-by: Maisem Ali <maisem@tailscale.com>
|
|
Go style is for error variables to start with "err" (or "Err")
and for error types to end in "Error".
Updates #cleanup
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
|
|
Updates tailscale/corp#13775
Co-authored-by: Sonia Appasamy <sonia@tailscale.com>
Signed-off-by: Will Norris <will@tailscale.com>
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
Fixes #8837
Signed-off-by: Will Norris <will@tailscale.com>
|
|
Updates tailscale/corp#13775
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
Updates tailscale/corp#10577
Signed-off-by: Sonia Appasamy <sonia@tailscale.com>
|
|
These specific tests rely on some timers in the controlhttp code.
Without time moving forward and timers triggering, the tests fail.
Updates #8587
Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
|
|
A #cleanup PR
Signed-off-by: Aaron Klotz <aaron@tailscale.com>
|
|
move the tailscale web client out of the cmd/tailscale/cli package, into
a new client/web package. The remaining cli/web.go file is still
responsible for parsing CLI flags and such, and then calls into
client/web. This will allow the web client to be hooked into from other
contexts (for example, from a tsnet server), and provide a dedicated
space to add more functionality to this client.
Updates tailscale/corp#13775
Signed-off-by: Will Norris <will@tailscale.com>
|
|
Refactor two shared functions used by the tailscale cli,
calcAdvertiseRoutes and licensesURL. These are used by the web client as
well as other tailscale subcommands. The web client is being moved out
of the cli package, so move these two functions to new locations.
Updates tailscale/corp#13775
Signed-off-by: Will Norris <will@tailscale.com>
|
