ipn/ipnlocal: restrict local lan access to linux machines.

Signed-off-by: Maisem Ali <maisem@tailscale.com>
4 years ago · 36fa29feec
parent 8570f82c8b
commit 36fa29feec
1 changed files with 13 additions and 10 deletions
--- a/ipn/ipnlocal/local.go
+++ b/ipn/ipnlocal/local.go
@ -1861,6 +1861,8 @@ func (b *LocalBackend) routerConfig(cfg *wgcfg.Config, prefs *ipn.Prefs) *router
 		if !default6 {
 			rs.Routes = append(rs.Routes, ipv6Default)
 		}
 		if runtime.GOOS == "linux" {
 			// Only allow local lan access on linux machines for now.
 			ips, _, err := interfaceRoutes()
 			if err != nil {
 				b.logf("failed to discover interface ips: %v", err)
@ -1873,6 +1875,7 @@ func (b *LocalBackend) routerConfig(cfg *wgcfg.Config, prefs *ipn.Prefs) *router
 				rs.Routes = append(rs.Routes, ips.Prefixes()...)
 			}
 		}
 	}
 	rs.Routes = append(rs.Routes, netaddr.IPPrefix{
 		IP:   tsaddr.TailscaleServiceIP(),