From 061422affcc4278d0400c248432f39ee60fcf16e Mon Sep 17 00:00:00 2001
From: Denton Gentry <dgentry@tailscale.com>
Date: Wed, 3 Mar 2021 11:34:37 -0800
Subject: [PATCH] freebsd: ignore IPv6 for now

FreeBSD tun devices don't work with the way we implement IPv6
https://github.com/tailscale/tailscale/issues/1307

At least for now, remove any IPv6 addresses from the netmap.

Signed-off-by: Denton Gentry <dgentry@tailscale.com>
---
 wgengine/router/config_clone.go         | 39 +++++++++++++++++++++++++
 wgengine/router/dns/config.go           |  2 ++
 wgengine/router/dns/config_clone.go     | 33 +++++++++++++++++++++
 wgengine/router/router.go               |  2 ++
 wgengine/router/router_userspace_bsd.go | 32 ++++++++++++++++++++
 5 files changed, 108 insertions(+)
 create mode 100644 wgengine/router/config_clone.go
 create mode 100644 wgengine/router/dns/config_clone.go

diff --git a/wgengine/router/config_clone.go b/wgengine/router/config_clone.go
new file mode 100644
index 000000000..e35c21043
--- /dev/null
+++ b/wgengine/router/config_clone.go
@@ -0,0 +1,39 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Code generated by tailscale.com/cmd/cloner -type Config; DO NOT EDIT.
+
+package router
+
+import (
+	"inet.af/netaddr"
+	"tailscale.com/types/preftype"
+	"tailscale.com/wgengine/router/dns"
+)
+
+// Clone makes a deep copy of Config.
+// The result aliases no memory with the original.
+func (src *Config) Clone() *Config {
+	if src == nil {
+		return nil
+	}
+	dst := new(Config)
+	*dst = *src
+	dst.LocalAddrs = append(src.LocalAddrs[:0:0], src.LocalAddrs...)
+	dst.Routes = append(src.Routes[:0:0], src.Routes...)
+	dst.DNS = *src.DNS.Clone()
+	dst.SubnetRoutes = append(src.SubnetRoutes[:0:0], src.SubnetRoutes...)
+	return dst
+}
+
+// A compilation failure here means this code must be regenerated, with command:
+//   tailscale.com/cmd/cloner -type Config
+var _ConfigNeedsRegeneration = Config(struct {
+	LocalAddrs       []netaddr.IPPrefix
+	Routes           []netaddr.IPPrefix
+	DNS              dns.Config
+	SubnetRoutes     []netaddr.IPPrefix
+	SNATSubnetRoutes bool
+	NetfilterMode    preftype.NetfilterMode
+}{})
diff --git a/wgengine/router/dns/config.go b/wgengine/router/dns/config.go
index 2b6ff615a..e1adfefce 100644
--- a/wgengine/router/dns/config.go
+++ b/wgengine/router/dns/config.go
@@ -10,6 +10,8 @@ import (
 	"tailscale.com/types/logger"
 )
 
+//go:generate go run tailscale.com/cmd/cloner -type=Config -output=config_clone.go
+
 // Config is the set of parameters that uniquely determine
 // the state to which a manager should bring system DNS settings.
 type Config struct {
diff --git a/wgengine/router/dns/config_clone.go b/wgengine/router/dns/config_clone.go
new file mode 100644
index 000000000..42e91a6e1
--- /dev/null
+++ b/wgengine/router/dns/config_clone.go
@@ -0,0 +1,33 @@
+// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Code generated by tailscale.com/cmd/cloner -type Config; DO NOT EDIT.
+
+package dns
+
+import (
+	"inet.af/netaddr"
+)
+
+// Clone makes a deep copy of Config.
+// The result aliases no memory with the original.
+func (src *Config) Clone() *Config {
+	if src == nil {
+		return nil
+	}
+	dst := new(Config)
+	*dst = *src
+	dst.Nameservers = append(src.Nameservers[:0:0], src.Nameservers...)
+	dst.Domains = append(src.Domains[:0:0], src.Domains...)
+	return dst
+}
+
+// A compilation failure here means this code must be regenerated, with command:
+//   tailscale.com/cmd/cloner -type Config
+var _ConfigNeedsRegeneration = Config(struct {
+	Nameservers []netaddr.IP
+	Domains     []string
+	PerDomain   bool
+	Proxied     bool
+}{})
diff --git a/wgengine/router/router.go b/wgengine/router/router.go
index 9c3f1003f..b8f626e7b 100644
--- a/wgengine/router/router.go
+++ b/wgengine/router/router.go
@@ -54,6 +54,8 @@ func Cleanup(logf logger.Logf, interfaceName string) {
 	cleanup(logf, interfaceName)
 }
 
+//go:generate go run tailscale.com/cmd/cloner -type=Config -output=config_clone.go
+
 // Config is the subset of Tailscale configuration that is relevant to
 // the OS's network stack.
 type Config struct {
diff --git a/wgengine/router/router_userspace_bsd.go b/wgengine/router/router_userspace_bsd.go
index fb81d62fb..b867f8a4e 100644
--- a/wgengine/router/router_userspace_bsd.go
+++ b/wgengine/router/router_userspace_bsd.go
@@ -10,6 +10,7 @@ import (
 	"fmt"
 	"log"
 	"os/exec"
+	"runtime"
 
 	"github.com/tailscale/wireguard-go/device"
 	"github.com/tailscale/wireguard-go/tun"
@@ -101,9 +102,40 @@ func inet(p netaddr.IPPrefix) string {
 	return "inet"
 }
 
+// See https://github.com/tailscale/tailscale/issues/1307#issuecomment-786045280
+// Remove all IPv6 entries.
+func (r *userspaceBSDRouter) modifiedConfigForFreeBSDBugWorkaround(cfg *Config) *Config {
+	n := cfg.Clone()
+
+	n.LocalAddrs = n.LocalAddrs[:0]
+	for _, addr := range cfg.LocalAddrs {
+		if !addr.IP.Is6() {
+			n.LocalAddrs = append(n.LocalAddrs, addr)
+		}
+	}
+
+	n.Routes = n.Routes[:0]
+	for _, addr := range cfg.Routes {
+		if !addr.IP.Is6() {
+			n.Routes = append(n.Routes, addr)
+		}
+	}
+
+	n.SubnetRoutes = n.SubnetRoutes[:0]
+	for _, addr := range cfg.SubnetRoutes {
+		if !addr.IP.Is6() {
+			n.SubnetRoutes = append(n.SubnetRoutes, addr)
+		}
+	}
+
+	return n
+}
+
 func (r *userspaceBSDRouter) Set(cfg *Config) (reterr error) {
 	if cfg == nil {
 		cfg = &shutdownConfig
+	} else if runtime.GOOS == "freebsd" {
+		cfg = r.modifiedConfigForFreeBSDBugWorkaround(cfg)
 	}
 
 	var errq error