| Age | Commit message (Expand) | Author | Files | Lines |
|---|
| 2026-04-24 | util/linuxfw/linuxfwtest: remove unused packageawly/deadcode-linuxfwtest | Andrew Lytvynov | 2 | -49/+0 |
| 2026-04-14 | util/linuxfw,wgengine/router: allow incoming CGNAT range traffic with nodeattr | Naman Sood | 6 | -46/+369 |
| 2026-04-14 | util/linuxfw: fix nil deref in nftables chain check | Brad Fitzpatrick | 2 | -2/+43 |
| 2026-04-10 | .github, tool/listpkgs: automatically find tests which use tstest.RequireRoot | Brad Fitzpatrick | 1 | -5/+1 |
| 2026-04-05 | cmd/vet: add subtestnames analyzer; fix all existing violations | Brad Fitzpatrick | 1 | -6/+6 |
| 2026-03-10 | util/linuxfw: fix nil pointer panic in connmark rules without IPv6 (#18946) | Mike O'Driscoll | 3 | -12/+154 |
| 2026-03-06 | all: use Go 1.26 things, run most gofix modernizers | Brad Fitzpatrick | 4 | -9/+8 |
| 2026-03-05 | types/ptr: deprecate ptr.To, use Go 1.26 new | Brad Fitzpatrick | 1 | -2/+1 |
| 2026-03-04 | util/linuxfw,wgengine/router: add connmark rules for rp_filter workaround (#1... | Mike O'Driscoll | 4 | -0/+588 |
| 2026-01-23 | all: remove AUTHORS file and references to it | Will Norris | 19 | -19/+19 |
| 2025-11-18 | all: rename variables with lowercase-l/uppercase-I | Alex Chan | 1 | -2/+2 |
| 2025-10-23 | util/linuxfw: fix 32-bit arm regression with iptables | Brad Fitzpatrick | 2 | -4/+2 |
| 2025-10-01 | all: use Go 1.20's errors.Join instead of our multierr package | Brad Fitzpatrick | 1 | -3/+2 |
| 2025-09-28 | tsconst, util/linuxfw, wgengine/router: move Linux fw consts to tsconst | Brad Fitzpatrick | 3 | -27/+18 |
| 2025-09-27 | util/linuxfw, feature/buildfeatures: add ts_omit_iptables to make IPTables op... | Brad Fitzpatrick | 10 | -216/+246 |
| 2025-07-10 | all: detect JetKVM and specialize a handful of things for it | Brad Fitzpatrick | 2 | -2/+8 |
| 2025-05-19 | cmd/containerboot,kube/ingressservices: proxy VIPService TCP/UDP traffic to c... | Irbe Krumina | 1 | -8/+8 |
| 2025-05-12 | util/linuxfw,wgengine/router: add new netfilter rules for HA ingresses (#15896) | Irbe Krumina | 6 | -39/+550 |
| 2025-05-01 | util/linuxfw: fix delete snat rule (#15763) | KevinLiang10 | 2 | -64/+98 |
| 2025-01-13 | all: use Go 1.21's binary.NativeEndian | Brad Fitzpatrick | 1 | -3/+3 |
| 2024-10-03 | cmd/containerboot,util/linuxfw: create a SNAT rule for dst/src only once, cle... | Irbe Krumina | 5 | -68/+264 |
| 2024-09-29 | cmd/containerboot,kube,util/linuxfw: configure kube egress proxies to route t... | Irbe Krumina | 6 | -1/+683 |
| 2024-09-11 | util/slicesx: add FirstElementEqual and LastElementEqual | Brad Fitzpatrick | 1 | -2/+4 |
| 2024-09-11 | util/linuxfw: fall back to nftables when iptables not found | Maisem Ali | 2 | -1/+18 |
| 2024-08-03 | util/linuxfw: return nil interface not concrete type | Maisem Ali | 1 | -2/+16 |
| 2024-07-10 | all: add test for package comments, fix, add comments as needed | Brad Fitzpatrick | 1 | -2/+1 |
| 2024-07-05 | cmd/containerboot,cmd/k8s-operator: enable IPv6 for fqdn egress proxies (#12577) | Tom Proctor | 1 | -2/+9 |
| 2024-06-25 | util/linuxfw: verify that IPv6 if available if (#12598) | Irbe Krumina | 1 | -10/+28 |
| 2024-05-29 | util/linuxfw: don't try cleaning iptables on gokrazy | Brad Fitzpatrick | 1 | -0/+6 |
| 2024-05-14 | util/linuxfw: fix IPv6 availability check for nftables (#12009) | Irbe Krumina | 4 | -77/+106 |
| 2024-05-09 | util/linuxfw: fix table name in DelStatefulRule | Andrew Dunham | 1 | -1/+1 |
| 2024-05-09 | util/linuxfw: fix stateful packet filtering in nftables mode | Anton Tolchanov | 1 | -1/+1 |
| 2024-05-06 | various: implement stateful firewalling on Linux (#12025) | Andrew Lytvynov | 3 | -0/+268 |
| 2024-04-23 | util/linuxfw,go.{mod,sum}: don't log errors when deleting non-existant chains... | Irbe Krumina | 3 | -37/+21 |
| 2024-04-23 | cmd{containerboot,k8s-operator},util/linuxfw: support ExternalName Services (... | Irbe Krumina | 2 | -2/+39 |
| 2024-04-09 | cmd/tailscaled: move cleanup to an implicit action during startup | James Tucker | 1 | -2/+2 |
| 2024-04-05 | util/linuxfw: fix chain comparison (#11639) | Irbe Krumina | 1 | -1/+1 |
| 2024-04-02 | util/linuxfw: fix MSS clamping in nftables mode (#11588) | Irbe Krumina | 1 | -4/+28 |
| 2024-03-29 | util/linuxfw,wgengine/router: skip IPv6 firewall configuration in partial ipt... | Irbe Krumina | 3 | -25/+46 |
| 2024-03-21 | util/linuxfw,wgengine/router: enable IPv6 configuration when netfilter is dis... | James Tucker | 3 | -3/+3 |
| 2024-03-08 | util/linuxfw: fix support for containers without IPv6 iptables filters (#11381) | James Tucker | 1 | -2/+22 |
| 2024-03-08 | util/linuxfw: correct logical error in NAT table check (#11380) | James Tucker | 1 | -1/+1 |
| 2024-03-06 | util/linuxfw: add container-friendly IPv6 NAT check (#11353) | Irbe Krumina | 3 | -33/+50 |
| 2024-02-29 | util/linuxfw: insert rather than append nftables DNAT rule (#11303) | Irbe Krumina | 1 | -1/+1 |
| 2024-02-07 | util/cmpx: delete now that we're using Go 1.22 | Brad Fitzpatrick | 1 | -4/+4 |
| 2024-02-07 | .github/workflows: add privileged tests workflow | James Tucker | 1 | -1/+1 |
| 2023-12-21 | all: cleanup unused code, part 2 (#10670) | Andrew Lytvynov | 2 | -1/+3 |
| 2023-12-12 | util/linuxfw: return created chain (#10563) | Irbe Krumina | 1 | -1/+1 |
| 2023-12-05 | util/linuxfw, wgengine: allow ingress to magicsock UDP port on Linux (#10370) | Naman Sood | 2 | -2/+199 |
| 2023-12-05 | linuxfw,wgengine/route,ipn: add c2n and nodeattrs to control linux netfilter | Naman Sood | 2 | -9/+18 |
