diff --git a/ipn/ipnlocal/local.go b/ipn/ipnlocal/local.go index 13d13718f..1f11fa1a1 100644 --- a/ipn/ipnlocal/local.go +++ b/ipn/ipnlocal/local.go @@ -287,8 +287,6 @@ type LocalBackend struct { serveListeners map[netip.AddrPort]*localListener // listeners for local serve traffic serveProxyHandlers sync.Map // string (HTTPHandler.Proxy) => *reverseProxy - tailFSListeners map[netip.AddrPort]*localListener // listeners for local tailfs traffic - // statusLock must be held before calling statusChanged.Wait() or // statusChanged.Broadcast(). statusLock sync.Mutex @@ -4770,10 +4768,6 @@ func (b *LocalBackend) setTCPPortsInterceptedFromNetmapAndPrefsLocked(prefs ipn. } } - if !b.sys.IsNetstack() { - b.updateTailFSListenersLocked() - } - b.reloadServeConfigLocked(prefs) if b.serveConfig.Valid() { servePorts := make([]uint16, 0, 3) diff --git a/ipn/ipnlocal/tailfs.go b/ipn/ipnlocal/tailfs.go index 4a3b83104..d06599661 100644 --- a/ipn/ipnlocal/tailfs.go +++ b/ipn/ipnlocal/tailfs.go @@ -4,22 +4,16 @@ package ipnlocal import ( - "context" "encoding/json" "errors" "fmt" - "net" - "net/netip" "os" "regexp" "strings" - "time" "tailscale.com/ipn" - "tailscale.com/logtail/backoff" "tailscale.com/tailcfg" "tailscale.com/tailfs" - "tailscale.com/types/logger" "tailscale.com/types/netmap" ) @@ -241,60 +235,6 @@ func (b *LocalBackend) tailFSGetSharesLocked() (map[string]*tailfs.Share, error) return shares, nil } -// updateTailFSListenersLocked creates listeners on the local TailFS port. -// This is needed to properly route local traffic when using kernel networking -// mode. -func (b *LocalBackend) updateTailFSListenersLocked() { - if b.netMap == nil { - return - } - - addrs := b.netMap.GetAddresses() - oldListeners := b.tailFSListeners - newListeners := make(map[netip.AddrPort]*localListener, addrs.Len()) - for i := range addrs.LenIter() { - if fs, ok := b.sys.TailFSForLocal.GetOK(); ok { - addrPort := netip.AddrPortFrom(addrs.At(i).Addr(), TailFSLocalPort) - if sl, ok := b.tailFSListeners[addrPort]; ok { - newListeners[addrPort] = sl - delete(oldListeners, addrPort) - continue // already listening - } - - sl := b.newTailFSListener(context.Background(), fs, addrPort, b.logf) - newListeners[addrPort] = sl - go sl.Run() - } - } - - // At this point, anything left in oldListeners can be stopped. - for _, sl := range oldListeners { - sl.cancel() - } -} - -// newTailFSListener returns a listener for local connections to a tailfs -// WebDAV FileSystem. -func (b *LocalBackend) newTailFSListener(ctx context.Context, fs tailfs.FileSystemForLocal, ap netip.AddrPort, logf logger.Logf) *localListener { - ctx, cancel := context.WithCancel(ctx) - return &localListener{ - b: b, - ap: ap, - ctx: ctx, - cancel: cancel, - logf: logf, - - handler: func(conn net.Conn) error { - if !b.TailFSAccessEnabled() { - conn.Close() - return nil - } - return fs.HandleConn(conn, conn.RemoteAddr()) - }, - bo: backoff.NewBackoff(fmt.Sprintf("tailfs-listener-%d", ap.Port()), logf, 30*time.Second), - } -} - // updateTailFSPeersLocked sets all applicable peers from the netmap as tailfs // remotes. func (b *LocalBackend) updateTailFSPeersLocked(nm *netmap.NetworkMap) { diff --git a/wgengine/netstack/netstack.go b/wgengine/netstack/netstack.go index 2df8e2bb9..c58f11023 100644 --- a/wgengine/netstack/netstack.go +++ b/wgengine/netstack/netstack.go @@ -919,10 +919,10 @@ func (ns *Impl) acceptTCP(r *tcp.ForwarderRequest) { return gonet.NewTCPConn(&wq, ep) } - // Local DNS Service (DNS and WebDAV) + // Local Services (DNS and WebDAV) hittingServiceIP := dialIP == serviceIP || dialIP == serviceIPv6 hittingDNS := hittingServiceIP && reqDetails.LocalPort == 53 - hittingTailFS := hittingServiceIP && ns.tailFSForLocal != nil && reqDetails.LocalPort == 8080 + hittingTailFS := hittingServiceIP && ns.tailFSForLocal != nil && reqDetails.LocalPort == ipnlocal.TailFSLocalPort if hittingDNS || hittingTailFS { c := getConnOrReset() if c == nil {