summaryrefslogtreecommitdiffhomepage
path: root/wgengine/netstack
AgeCommit message (Collapse)AuthorFilesLines
2021-05-16all: adapt to opaque netaddr typesJosh Bleecher Snyder1-10/+10
This commit is a mishmash of automated edits using gofmt: gofmt -r 'netaddr.IPPort{IP: a, Port: b} -> netaddr.IPPortFrom(a, b)' -w . gofmt -r 'netaddr.IPPrefix{IP: a, Port: b} -> netaddr.IPPrefixFrom(a, b)' -w . gofmt -r 'a.IP.Is4 -> a.IP().Is4' -w . gofmt -r 'a.IP.As16 -> a.IP().As16' -w . gofmt -r 'a.IP.Is6 -> a.IP().Is6' -w . gofmt -r 'a.IP.As4 -> a.IP().As4' -w . gofmt -r 'a.IP.String -> a.IP().String' -w . And regexps: \w*(.*)\.Port = (.*) -> $1 = $1.WithPort($2) \w*(.*)\.IP = (.*) -> $1 = $1.WithIP($2) And lots of manual fixups. Signed-off-by: Josh Bleecher Snyder <josh@tailscale.com>
2021-05-14tsnet: add Tailscale-as-a-library packageBrad Fitzpatrick1-2/+12
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-05-06wgengine/netstack: avoid delivering incoming packets to both netstack + hostBrad Fitzpatrick1-1/+8
The earlier eb06ec172f1d984bb87c589da1dd2d3f15dc6d82 fixed the flaky SSH issue (tailscale/corp#1725) by making sure that packets addressed to Tailscale IPs in hybrid netstack mode weren't delivered to netstack, but another issue remained: All traffic handled by netstack was also potentially being handled by the host networking stack, as the filter hook returned "Accept", which made it keep processing. This could lead to various random racey chaos as a function of OS/firewalls/routes/etc. Instead, once we inject into netstack, stop our caller's packet processing. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-05-05wgengine/netstack: don't pass non-subnet traffic to netstack in hybrid modeBrad Fitzpatrick1-1/+22
Fixes tailscale/corp#1725 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-04-21wgengine/netstack: log error when acceptUDP failsJosh Bleecher Snyder1-1/+1
I see a bunch of these in some logs I'm looking at, separated only by a few seconds. Log the error so we can tell what's going on here. Signed-off-by: Josh Bleecher Snyder <josharian@gmail.com>
2021-04-21wgengine/netstack: log ForwarderRequest in readable form, only in debug mode ↵Naman Sood1-5/+12
(#1758) * wgengine/netstack: log ForwarderRequest in readable form, only in debug mode Fixes #1757 Signed-off-by: Naman Sood <mail@nsood.in>
2021-04-06cmd/tailscaled, wgengine{,/netstack}: add netstack hybrid mode, add to WindowsBrad Fitzpatrick2-7/+54
For #707 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-31wgengine/netstack: stop re-adding IPs registered by active TCP connections ↵Naman Sood1-1/+0
(#1629) Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-29wgengine/netstack: Allow userspace networking mode to expose subnets (#1588)Naman Sood1-38/+114
wgengine/netstack: Allow userspace networking mode to expose subnets Updates #504 Updates #707 Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-26net/tstun: rename TUN to Wrapper.David Anderson1-3/+3
The tstun packagen contains both constructors for generic tun Devices, and a wrapper that provides additional functionality. Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-26net/tstun: merge in wgengine/tstun.David Anderson1-1/+1
Signed-off-by: David Anderson <danderson@tailscale.com>
2021-03-23all: s/Magic DNS/MagicDNS/ for consistencyBrad Fitzpatrick1-1/+1
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-17wgengine/netstack: use inet.af/netstack, remove 64-bit only limitationBrad Fitzpatrick2-54/+14
This reverts the revert commit 84aba349d9a8d4e43585856c8155385f2569d35a. And changes us to use inet.af/netstack. Updates #1518 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-16Revert "wgengine/netstack: update gvisor to remove 64-bit only limitation"David Anderson2-2/+42
Breaks our corp repo due to gRPC dependency hell. This reverts commit d42f8b7f9a29a288058a03ebdf740e11b843bf26.
2021-03-15wgengine/netstack: update gvisor to remove 64-bit only limitationBrad Fitzpatrick2-42/+2
gVisor fixed their google/gvisor#1446 so we can include gVisor mode on 32-bit machines. A few minor upstream API changes, as normal. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-15client, cmd/hello, ipn, wgengine: fix whois for netstack-forwarded connectionsNaman Sood1-3/+17
Updates #504 Updates #707 Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-08wgengine/netstack: stop UDP forwarding when one side diesNaman Sood1-5/+8
Updates #504 Updates #707 Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-08wgengine/netstack: add support for incoming UDP connectionsNaman Sood1-9/+67
Updates #504 Updates #707 Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-03wgengine/netstack: remove some v2 logging by defaultBrad Fitzpatrick1-4/+13
Even with [v2], it still logtails and takes time to format. Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-03wgengine/netstack: use system dialer to contact servers on localhostNaman Sood1-1/+2
Updates #504 Updates #707 Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-02wgengine/netstack: forward incoming connections to localhostNaman Sood1-13/+15
Updates #707 Updates #504 Signed-off-by: Naman Sood <mail@nsood.in>
2021-03-01wgengine/netstack: fix 32-bit build broken from prior commitBrad Fitzpatrick1-1/+17
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-01cmd/tailscaled, wgengine: remove --fake, replace with netstackBrad Fitzpatrick1-36/+30
And add a --socks5-server flag. And fix a race in SOCKS5 replies where the response header was written concurrently with the copy from the backend. Co-authored with Naman Sood. Updates #707 Updates #504 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-03-01wgengine/netstack: add Magic DNS + DNS resolution to SOCKS5 dialingBrad Fitzpatrick1-3/+79
Updates #707 Updates #504 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-02-26wgengine/netstack: start SOCKS5 server in netstack modeNaman Sood1-0/+18
Updates #707 Updates #504 Signed-off-by: Naman Sood <mail@nsood.in>
2021-02-25wgengine, cmd/tailscaled: refactor netstack, forward TCP to hello as demo ↵Naman Sood2-116/+226
(#1301) Updates #707 Updates #504 Signed-off-by: Naman Sood <mail@nsood.in>
2021-02-05types/netmap: split controlclient.NetworkMap off into its own leaf packageBrad Fitzpatrick1-2/+2
Updates #1278 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2021-01-15wgengine/netstack: use tailscale IPs instead of a hardcoded one (#1131)Naman Sood1-1/+41
Signed-off-by: Naman Sood <mail@nsood.in>
2021-01-11wengine/netstack: bump gvisor to latest versionNaman Sood1-2/+2
* wengine/netstack: bump gvisor to latest version Signed-off-by: Naman Sood <naman@tailscale.com> * update dependencies Signed-off-by: Naman Sood <naman@tailscale.com> * Don't change hardcoded IP Signed-off-by: Naman Sood <naman@tailscale.com>
2021-01-11wgengine/netstack: don't build netstack on 32-bit platformsBrad Fitzpatrick2-0/+24
See google/gvisor#5241
2021-01-11cmd/tailscaled, wgengine/netstack: add start of gvisor userspace netstack workBrad Fitzpatrick1-0/+154
Not usefully functional yet (mostly a proof of concept), but getting it submitted for some work @namansood is going to do atop this. Updates #707 Updates #634 Updates #48 Updates #835
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.