| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2024-10-03 | cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, ↵ | Irbe Krumina | 1 | -1/+1 | |
| clean up if needed (#13658) The AddSNATRuleForDst rule was adding a new rule each time it was called including: - if a rule already existed - if a rule matching the destination, but with different desired source already existed This was causing issues especially for the in-progress egress HA proxies work, where the rules are now refreshed more frequently, so more redundant rules were being created. This change: - only creates the rule if it doesn't already exist - if a rule for the same dst, but different source is found, delete it - also ensures that egress proxies refresh firewall rules if the node's tailnet IP changes Updates tailscale/tailscale#13406 Signed-off-by: Irbe Krumina <irbe@tailscale.com> | |||||
| 2024-09-19 | cmd/containerboot: split main.go (#13517) | Tom Proctor | 1 | -0/+262 | |
| containerboot's main.go had grown to well over 1000 lines with lots of disparate bits of functionality. This commit is pure copy- paste to group related functionality outside of the main function into its own set of files. Everything is still in the main package to keep the diff incremental and reviewable. Updates #cleanup Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com> | |||||
 |
index : tailscale | |
| The easiest, most secure way to use WireGuard and 2FA |
| summaryrefslogtreecommitdiffhomepage |