|
|
@ -1022,7 +1022,18 @@ var removeFromDefaultRoute = []netaddr.IPPrefix{
|
|
|
|
// Given that "internal" routes don't leave the device, we choose to
|
|
|
|
// Given that "internal" routes don't leave the device, we choose to
|
|
|
|
// trust them more, allowing access to them when an Exit Node is enabled.
|
|
|
|
// trust them more, allowing access to them when an Exit Node is enabled.
|
|
|
|
func internalAndExternalInterfaces() (internal, external []netaddr.IPPrefix, err error) {
|
|
|
|
func internalAndExternalInterfaces() (internal, external []netaddr.IPPrefix, err error) {
|
|
|
|
if err := interfaces.ForeachInterfaceAddress(func(iface interfaces.Interface, pfx netaddr.IPPrefix) {
|
|
|
|
il, err := interfaces.GetList()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
|
|
return nil, nil, err
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
return internalAndExternalInterfacesFrom(il, runtime.GOOS)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func internalAndExternalInterfacesFrom(il interfaces.List, goos string) (internal, external []netaddr.IPPrefix, err error) {
|
|
|
|
|
|
|
|
// We use an IPSetBuilder here to canonicalize the prefixes
|
|
|
|
|
|
|
|
// and to remove any duplicate entries.
|
|
|
|
|
|
|
|
var internalBuilder, externalBuilder netaddr.IPSetBuilder
|
|
|
|
|
|
|
|
if err := il.ForeachInterfaceAddress(func(iface interfaces.Interface, pfx netaddr.IPPrefix) {
|
|
|
|
if tsaddr.IsTailscaleIP(pfx.IP()) {
|
|
|
|
if tsaddr.IsTailscaleIP(pfx.IP()) {
|
|
|
|
return
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -1030,10 +1041,10 @@ func internalAndExternalInterfaces() (internal, external []netaddr.IPPrefix, err
|
|
|
|
return
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if iface.IsLoopback() {
|
|
|
|
if iface.IsLoopback() {
|
|
|
|
internal = append(internal, pfx)
|
|
|
|
internalBuilder.AddPrefix(pfx)
|
|
|
|
return
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if runtime.GOOS == "windows" {
|
|
|
|
if goos == "windows" {
|
|
|
|
// Windows Hyper-V prefixes all MAC addresses with 00:15:5d.
|
|
|
|
// Windows Hyper-V prefixes all MAC addresses with 00:15:5d.
|
|
|
|
// https://docs.microsoft.com/en-us/troubleshoot/windows-server/virtualization/default-limit-256-dynamic-mac-addresses
|
|
|
|
// https://docs.microsoft.com/en-us/troubleshoot/windows-server/virtualization/default-limit-256-dynamic-mac-addresses
|
|
|
|
//
|
|
|
|
//
|
|
|
@ -1044,16 +1055,24 @@ func internalAndExternalInterfaces() (internal, external []netaddr.IPPrefix, err
|
|
|
|
// configuration breaks WSL2 DNS without this.
|
|
|
|
// configuration breaks WSL2 DNS without this.
|
|
|
|
mac := iface.Interface.HardwareAddr
|
|
|
|
mac := iface.Interface.HardwareAddr
|
|
|
|
if len(mac) == 6 && mac[0] == 0x00 && mac[1] == 0x15 && mac[2] == 0x5d {
|
|
|
|
if len(mac) == 6 && mac[0] == 0x00 && mac[1] == 0x15 && mac[2] == 0x5d {
|
|
|
|
internal = append(internal, pfx)
|
|
|
|
internalBuilder.AddPrefix(pfx)
|
|
|
|
return
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
external = append(external, pfx)
|
|
|
|
externalBuilder.AddPrefix(pfx)
|
|
|
|
}); err != nil {
|
|
|
|
}); err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
iSet, err := internalBuilder.IPSet()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
|
|
return nil, nil, err
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
eSet, err := externalBuilder.IPSet()
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
|
|
return nil, nil, err
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return internal, external, nil
|
|
|
|
return iSet.Prefixes(), eSet.Prefixes(), nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func interfaceRoutes() (ips *netaddr.IPSet, hostIPs []netaddr.IP, err error) {
|
|
|
|
func interfaceRoutes() (ips *netaddr.IPSet, hostIPs []netaddr.IP, err error) {
|
|
|
|