wgengine/router: fix router_test to match the new marks.

Signed-off-by: David Anderson <danderson@tailscale.com>

wgengine/router/router_linux_test.go

@@ -34,9 +34,9 @@ func mustCIDRs(ss ...string) []netaddr.IPPrefix {
 
 func TestRouterStates(t *testing.T) {
 	basic := `
-ip rule add pref 8810 fwmark 0x20000 table main
+ip rule add pref 8810 fwmark 0x80000 table main
-ip rule add pref 8830 fwmark 0x20000 table default
+ip rule add pref 8830 fwmark 0x80000 table default
-ip rule add pref 8850 fwmark 0x20000 type unreachable
+ip rule add pref 8850 fwmark 0x80000 type unreachable
 ip rule add pref 8888 table 88
 `
 	states := []struct {
@@ -106,15 +106,15 @@ ip route add 10.0.0.0/8 dev tailscale0 table 88
 ip route add 100.100.100.100/32 dev tailscale0 table 88` + basic +
 				`filter/FORWARD -j ts-forward
 filter/INPUT -j ts-input
-filter/ts-forward -i tailscale0 -j MARK --set-mark 0x10000
+filter/ts-forward -i tailscale0 -j MARK --set-mark 0x40000
-filter/ts-forward -m mark --mark 0x10000 -j ACCEPT
+filter/ts-forward -m mark --mark 0x40000 -j ACCEPT
 filter/ts-forward -o tailscale0 -s 100.64.0.0/10 -j DROP
 filter/ts-forward -o tailscale0 -j ACCEPT
 filter/ts-input -i lo -s 100.101.102.104 -j ACCEPT
 filter/ts-input ! -i tailscale0 -s 100.115.92.0/23 -j RETURN
 filter/ts-input ! -i tailscale0 -s 100.64.0.0/10 -j DROP
 nat/POSTROUTING -j ts-postrouting
-nat/ts-postrouting -m mark --mark 0x10000 -j MASQUERADE
+nat/ts-postrouting -m mark --mark 0x40000 -j MASQUERADE
 `,
 		},
 		{
@@ -131,8 +131,8 @@ ip route add 10.0.0.0/8 dev tailscale0 table 88
 ip route add 100.100.100.100/32 dev tailscale0 table 88` + basic +
 				`filter/FORWARD -j ts-forward
 filter/INPUT -j ts-input
-filter/ts-forward -i tailscale0 -j MARK --set-mark 0x10000
+filter/ts-forward -i tailscale0 -j MARK --set-mark 0x40000
-filter/ts-forward -m mark --mark 0x10000 -j ACCEPT
+filter/ts-forward -m mark --mark 0x40000 -j ACCEPT
 filter/ts-forward -o tailscale0 -s 100.64.0.0/10 -j DROP
 filter/ts-forward -o tailscale0 -j ACCEPT
 filter/ts-input -i lo -s 100.101.102.104 -j ACCEPT
@@ -158,8 +158,8 @@ ip route add 10.0.0.0/8 dev tailscale0 table 88
 ip route add 100.100.100.100/32 dev tailscale0 table 88` + basic +
 				`filter/FORWARD -j ts-forward
 filter/INPUT -j ts-input
-filter/ts-forward -i tailscale0 -j MARK --set-mark 0x10000
+filter/ts-forward -i tailscale0 -j MARK --set-mark 0x40000
-filter/ts-forward -m mark --mark 0x10000 -j ACCEPT
+filter/ts-forward -m mark --mark 0x40000 -j ACCEPT
 filter/ts-forward -o tailscale0 -s 100.64.0.0/10 -j DROP
 filter/ts-forward -o tailscale0 -j ACCEPT
 filter/ts-input -i lo -s 100.101.102.104 -j ACCEPT
@@ -182,8 +182,8 @@ ip route add 10.0.0.0/8 dev tailscale0 table 88
 ip route add 100.100.100.100/32 dev tailscale0 table 88` + basic +
 				`filter/FORWARD -j ts-forward
 filter/INPUT -j ts-input
-filter/ts-forward -i tailscale0 -j MARK --set-mark 0x10000
+filter/ts-forward -i tailscale0 -j MARK --set-mark 0x40000
-filter/ts-forward -m mark --mark 0x10000 -j ACCEPT
+filter/ts-forward -m mark --mark 0x40000 -j ACCEPT
 filter/ts-forward -o tailscale0 -s 100.64.0.0/10 -j DROP
 filter/ts-forward -o tailscale0 -j ACCEPT
 filter/ts-input -i lo -s 100.101.102.104 -j ACCEPT
@@ -205,8 +205,8 @@ up
 ip addr add 100.101.102.104/10 dev tailscale0
 ip route add 10.0.0.0/8 dev tailscale0 table 88
 ip route add 100.100.100.100/32 dev tailscale0 table 88` + basic +
-				`filter/ts-forward -i tailscale0 -j MARK --set-mark 0x10000
+				`filter/ts-forward -i tailscale0 -j MARK --set-mark 0x40000
-filter/ts-forward -m mark --mark 0x10000 -j ACCEPT
+filter/ts-forward -m mark --mark 0x40000 -j ACCEPT
 filter/ts-forward -o tailscale0 -s 100.64.0.0/10 -j DROP
 filter/ts-forward -o tailscale0 -j ACCEPT
 filter/ts-input -i lo -s 100.101.102.104 -j ACCEPT
@@ -228,8 +228,8 @@ ip route add 10.0.0.0/8 dev tailscale0 table 88
 ip route add 100.100.100.100/32 dev tailscale0 table 88` + basic +
 				`filter/FORWARD -j ts-forward
 filter/INPUT -j ts-input
-filter/ts-forward -i tailscale0 -j MARK --set-mark 0x10000
+filter/ts-forward -i tailscale0 -j MARK --set-mark 0x40000
-filter/ts-forward -m mark --mark 0x10000 -j ACCEPT
+filter/ts-forward -m mark --mark 0x40000 -j ACCEPT
 filter/ts-forward -o tailscale0 -s 100.64.0.0/10 -j DROP
 filter/ts-forward -o tailscale0 -j ACCEPT
 filter/ts-input -i lo -s 100.101.102.104 -j ACCEPT