@ -106,8 +106,8 @@ type Wrapper struct {
// timeNow, if non-nil, will be used to obtain the current time.
// timeNow, if non-nil, will be used to obtain the current time.
timeNow func ( ) time . Time
timeNow func ( ) time . Time
// nat Config stores the current NAT configuration.
// peer Config stores the current NAT configuration.
natConfig atomic . Pointer [ nat Config]
peerConfig atomic . Pointer [ peer Config]
// vectorBuffer stores the oldest unconsumed packet vector from tdev. It is
// vectorBuffer stores the oldest unconsumed packet vector from tdev. It is
// allocated in wrap() and the underlying arrays should never grow.
// allocated in wrap() and the underlying arrays should never grow.
@ -505,9 +505,9 @@ func (t *Wrapper) sendVectorOutbound(r tunVectorReadResult) {
// snat does SNAT on p if the destination address requires a different source address.
// snat does SNAT on p if the destination address requires a different source address.
func ( t * Wrapper ) snat ( p * packet . Parsed ) {
func ( t * Wrapper ) snat ( p * packet . Parsed ) {
nc := t . nat Config. Load ( )
pc := t . peer Config. Load ( )
oldSrc := p . Src . Addr ( )
oldSrc := p . Src . Addr ( )
newSrc := n c. selectSrcIP ( oldSrc , p . Dst . Addr ( ) )
newSrc := p c. selectSrcIP ( oldSrc , p . Dst . Addr ( ) )
if oldSrc != newSrc {
if oldSrc != newSrc {
checksum . UpdateSrcAddr ( p , newSrc )
checksum . UpdateSrcAddr ( p , newSrc )
}
}
@ -515,9 +515,9 @@ func (t *Wrapper) snat(p *packet.Parsed) {
// dnat does destination NAT on p.
// dnat does destination NAT on p.
func ( t * Wrapper ) dnat ( p * packet . Parsed ) {
func ( t * Wrapper ) dnat ( p * packet . Parsed ) {
nc := t . nat Config. Load ( )
pc := t . peer Config. Load ( )
oldDst := p . Dst . Addr ( )
oldDst := p . Dst . Addr ( )
newDst := n c. mapDstIP ( oldDst )
newDst := p c. mapDstIP ( oldDst )
if newDst != oldDst {
if newDst != oldDst {
checksum . UpdateDstAddr ( p , newDst )
checksum . UpdateDstAddr ( p , newDst )
}
}
@ -545,11 +545,11 @@ func findV6(addrs []netip.Prefix) netip.Addr {
return netip . Addr { }
return netip . Addr { }
}
}
// natConfig is the configuration for NAT .
// peerConfig is the configuration for different peers .
// It should be treated as immutable.
// It should be treated as immutable.
//
//
// The nil value is a valid configuration.
// The nil value is a valid configuration.
type nat Config struct {
type peer Config struct {
// nativeAddr4 and nativeAddr6 are the IPv4/IPv6 Tailscale Addresses of
// nativeAddr4 and nativeAddr6 are the IPv4/IPv6 Tailscale Addresses of
// the current node.
// the current node.
//
//
@ -573,12 +573,12 @@ type natConfig struct {
masqAddrCounts map [ netip . Addr ] int
masqAddrCounts map [ netip . Addr ] int
}
}
func ( c * nat Config) String ( ) string {
func ( c * peer Config) String ( ) string {
if c == nil {
if c == nil {
return " nat Config(nil)"
return " peer Config(nil)"
}
}
var b strings . Builder
var b strings . Builder
b . WriteString ( " nat Config{")
b . WriteString ( " peer Config{")
fmt . Fprintf ( & b , "nativeAddr4: %v, " , c . nativeAddr4 )
fmt . Fprintf ( & b , "nativeAddr4: %v, " , c . nativeAddr4 )
fmt . Fprintf ( & b , "nativeAddr6: %v, " , c . nativeAddr6 )
fmt . Fprintf ( & b , "nativeAddr6: %v, " , c . nativeAddr6 )
fmt . Fprint ( & b , "listenAddrs: [" )
fmt . Fprint ( & b , "listenAddrs: [" )
@ -610,7 +610,7 @@ func (c *natConfig) String() string {
// mapDstIP returns the destination IP to use for a packet to dst.
// mapDstIP returns the destination IP to use for a packet to dst.
// If dst is not one of the listen addresses, it is returned as-is,
// If dst is not one of the listen addresses, it is returned as-is,
// otherwise the native address is returned.
// otherwise the native address is returned.
func ( c * nat Config) mapDstIP ( oldDst netip . Addr ) netip . Addr {
func ( c * peer Config) mapDstIP ( oldDst netip . Addr ) netip . Addr {
if c == nil {
if c == nil {
return oldDst
return oldDst
}
}
@ -627,7 +627,7 @@ func (c *natConfig) mapDstIP(oldDst netip.Addr) netip.Addr {
// selectSrcIP returns the source IP to use for a packet to dst.
// selectSrcIP returns the source IP to use for a packet to dst.
// If the packet is not from the native address, it is returned as-is.
// If the packet is not from the native address, it is returned as-is.
func ( c * nat Config) selectSrcIP ( oldSrc , dst netip . Addr ) netip . Addr {
func ( c * peer Config) selectSrcIP ( oldSrc , dst netip . Addr ) netip . Addr {
if c == nil {
if c == nil {
return oldSrc
return oldSrc
}
}
@ -644,9 +644,9 @@ func (c *natConfig) selectSrcIP(oldSrc, dst netip.Addr) netip.Addr {
return eip
return eip
}
}
// natConfigFromWGConfig generates a nat Config from nm. If NAT is not required,
// peerConfigFromWGConfig generates a peer Config from nm. If NAT is not required,
// it returns nil.
// and no additional configuration is present, it returns nil.
func nat ConfigFromWGConfig( wcfg * wgcfg . Config ) * nat Config {
func peer ConfigFromWGConfig( wcfg * wgcfg . Config ) * peer Config {
if wcfg == nil {
if wcfg == nil {
return nil
return nil
}
}
@ -728,7 +728,7 @@ func natConfigFromWGConfig(wcfg *wgcfg.Config) *natConfig {
if len ( listenAddrs ) == 0 && len ( masqAddrCounts ) == 0 {
if len ( listenAddrs ) == 0 && len ( masqAddrCounts ) == 0 {
return nil
return nil
}
}
return & nat Config{
return & peer Config{
nativeAddr4 : nativeAddr4 ,
nativeAddr4 : nativeAddr4 ,
nativeAddr6 : nativeAddr6 ,
nativeAddr6 : nativeAddr6 ,
listenAddrs : views . MapOf ( listenAddrs ) ,
listenAddrs : views . MapOf ( listenAddrs ) ,
@ -739,11 +739,11 @@ func natConfigFromWGConfig(wcfg *wgcfg.Config) *natConfig {
// SetNetMap is called when a new NetworkMap is received.
// SetNetMap is called when a new NetworkMap is received.
func ( t * Wrapper ) SetWGConfig ( wcfg * wgcfg . Config ) {
func ( t * Wrapper ) SetWGConfig ( wcfg * wgcfg . Config ) {
cfg := nat ConfigFromWGConfig( wcfg )
cfg := peer ConfigFromWGConfig( wcfg )
old := t . nat Config. Swap ( cfg )
old := t . peer Config. Swap ( cfg )
if ! reflect . DeepEqual ( old , cfg ) {
if ! reflect . DeepEqual ( old , cfg ) {
t . logf ( " nat config: %v", cfg )
t . logf ( " peer config: %v", cfg )
}
}
}
}