wgengine/router: restore /etc/resolv.conf after tailscale down is called

This change is to restore /etc/resolv.conf after tailscale down is called. This is done by setting the dns.Manager before errors occur. Error collection is also added.

Fixes #723
reviewable/pr773/r1
Christina Wen 4 years ago committed by GitHub
parent 904a91038a
commit f0e9dcdc0a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -5,6 +5,7 @@ tailscale.com/cmd/tailscale dependencies: (generated by github.com/tailscale/dep
github.com/apenwarr/fixconsole from tailscale.com/cmd/tailscale github.com/apenwarr/fixconsole from tailscale.com/cmd/tailscale
W 💣 github.com/apenwarr/w32 from github.com/apenwarr/fixconsole W 💣 github.com/apenwarr/w32 from github.com/apenwarr/fixconsole
L github.com/coreos/go-iptables/iptables from tailscale.com/wgengine/router L github.com/coreos/go-iptables/iptables from tailscale.com/wgengine/router
L github.com/go-multierror/multierror from tailscale.com/wgengine/router
W 💣 github.com/go-ole/go-ole from github.com/go-ole/go-ole/oleutil+ W 💣 github.com/go-ole/go-ole from github.com/go-ole/go-ole/oleutil+
W 💣 github.com/go-ole/go-ole/oleutil from tailscale.com/wgengine/winnet W 💣 github.com/go-ole/go-ole/oleutil from tailscale.com/wgengine/winnet
L 💣 github.com/godbus/dbus/v5 from tailscale.com/wgengine/router/dns L 💣 github.com/godbus/dbus/v5 from tailscale.com/wgengine/router/dns

@ -5,6 +5,7 @@ tailscale.com/cmd/tailscaled dependencies: (generated by github.com/tailscale/de
github.com/apenwarr/fixconsole from tailscale.com/cmd/tailscaled github.com/apenwarr/fixconsole from tailscale.com/cmd/tailscaled
W 💣 github.com/apenwarr/w32 from github.com/apenwarr/fixconsole W 💣 github.com/apenwarr/w32 from github.com/apenwarr/fixconsole
L github.com/coreos/go-iptables/iptables from tailscale.com/wgengine/router L github.com/coreos/go-iptables/iptables from tailscale.com/wgengine/router
L github.com/go-multierror/multierror from tailscale.com/wgengine/router
W 💣 github.com/go-ole/go-ole from github.com/go-ole/go-ole/oleutil+ W 💣 github.com/go-ole/go-ole from github.com/go-ole/go-ole/oleutil+
W 💣 github.com/go-ole/go-ole/oleutil from tailscale.com/wgengine/winnet W 💣 github.com/go-ole/go-ole/oleutil from tailscale.com/wgengine/winnet
L 💣 github.com/godbus/dbus/v5 from tailscale.com/wgengine/router/dns L 💣 github.com/godbus/dbus/v5 from tailscale.com/wgengine/router/dns

@ -9,6 +9,7 @@ require (
github.com/coreos/go-iptables v0.4.5 github.com/coreos/go-iptables v0.4.5
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 // indirect github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 // indirect
github.com/gliderlabs/ssh v0.2.2 github.com/gliderlabs/ssh v0.2.2
github.com/go-multierror/multierror v1.0.2
github.com/go-ole/go-ole v1.2.4 github.com/go-ole/go-ole v1.2.4
github.com/godbus/dbus/v5 v5.0.3 github.com/godbus/dbus/v5 v5.0.3
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e

@ -30,6 +30,8 @@ github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjr
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0=
github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
github.com/go-multierror/multierror v1.0.2 h1:AwsKbEXkmf49ajdFJgcFXqSG0aLo0HEyAE9zk9JguJo=
github.com/go-multierror/multierror v1.0.2/go.mod h1:U7SZR/D9jHgt2nkSj8XcbCWdmVM2igraCHQ3HC1HiKY=
github.com/go-ole/go-ole v1.2.4 h1:nNBDSCOigTSiarFpYE9J/KtEA1IOW4CNeqT9TQDqCxI= github.com/go-ole/go-ole v1.2.4 h1:nNBDSCOigTSiarFpYE9J/KtEA1IOW4CNeqT9TQDqCxI=
github.com/go-ole/go-ole v1.2.4/go.mod h1:XCwSNxSkXRo4vlyPy93sltvi/qJq0jqQhjqQNIwKuxM= github.com/go-ole/go-ole v1.2.4/go.mod h1:XCwSNxSkXRo4vlyPy93sltvi/qJq0jqQhjqQNIwKuxM=
github.com/godbus/dbus/v5 v5.0.3 h1:ZqHaoEF7TBzh4jzPmqVhE/5A1z9of6orkAe5uHoAeME= github.com/godbus/dbus/v5 v5.0.3 h1:ZqHaoEF7TBzh4jzPmqVhE/5A1z9of6orkAe5uHoAeME=

@ -10,6 +10,7 @@ import (
"strings" "strings"
"github.com/coreos/go-iptables/iptables" "github.com/coreos/go-iptables/iptables"
"github.com/go-multierror/multierror"
"github.com/tailscale/wireguard-go/device" "github.com/tailscale/wireguard-go/device"
"github.com/tailscale/wireguard-go/tun" "github.com/tailscale/wireguard-go/tun"
"inet.af/netaddr" "inet.af/netaddr"
@ -145,7 +146,7 @@ func (r *linuxRouter) Up() error {
func (r *linuxRouter) Close() error { func (r *linuxRouter) Close() error {
if err := r.dns.Down(); err != nil { if err := r.dns.Down(); err != nil {
return fmt.Errorf("dns down: %v", err) return fmt.Errorf("dns down: %w", err)
} }
if err := r.downInterface(); err != nil { if err := r.downInterface(); err != nil {
return err return err
@ -165,23 +166,28 @@ func (r *linuxRouter) Close() error {
// Set implements the Router interface. // Set implements the Router interface.
func (r *linuxRouter) Set(cfg *Config) error { func (r *linuxRouter) Set(cfg *Config) error {
var errs []error
if cfg == nil { if cfg == nil {
cfg = &shutdownConfig cfg = &shutdownConfig
} }
if err := r.dns.Set(cfg.DNS); err != nil {
errs = append(errs, fmt.Errorf("dns set: %w", err))
}
if err := r.setNetfilterMode(cfg.NetfilterMode); err != nil { if err := r.setNetfilterMode(cfg.NetfilterMode); err != nil {
return err errs = append(errs, err)
} }
newRoutes, err := cidrDiff("route", r.routes, cfg.Routes, r.addRoute, r.delRoute, r.logf) newRoutes, err := cidrDiff("route", r.routes, cfg.Routes, r.addRoute, r.delRoute, r.logf)
if err != nil { if err != nil {
return err errs = append(errs, err)
} }
r.routes = newRoutes r.routes = newRoutes
newAddrs, err := cidrDiff("addr", r.addrs, cfg.LocalAddrs, r.addAddress, r.delAddress, r.logf) newAddrs, err := cidrDiff("addr", r.addrs, cfg.LocalAddrs, r.addAddress, r.delAddress, r.logf)
if err != nil { if err != nil {
return err errs = append(errs, err)
} }
r.addrs = newAddrs r.addrs = newAddrs
@ -190,20 +196,16 @@ func (r *linuxRouter) Set(cfg *Config) error {
// state already correct, nothing to do. // state already correct, nothing to do.
case cfg.SNATSubnetRoutes: case cfg.SNATSubnetRoutes:
if err := r.addSNATRule(); err != nil { if err := r.addSNATRule(); err != nil {
return err errs = append(errs, err)
} }
default: default:
if err := r.delSNATRule(); err != nil { if err := r.delSNATRule(); err != nil {
return err errs = append(errs, err)
} }
} }
r.snatSubnetRoutes = cfg.SNATSubnetRoutes r.snatSubnetRoutes = cfg.SNATSubnetRoutes
if err := r.dns.Set(cfg.DNS); err != nil { return multierror.New(errs)
return fmt.Errorf("dns set: %v", err)
}
return nil
} }
// setNetfilterMode switches the router to the given netfilter // setNetfilterMode switches the router to the given netfilter

Loading…
Cancel
Save