wgengine/router: enable ip forwarding on gokrazy

Only on Gokrazy, set sysctls to enable IP forwarding so subnet routing
and advertised exit node works.

Fixes #11405

Signed-off-by: Joonas Kuorilehto <joneskoo@derbian.fi>
pull/11639/head
Joonas Kuorilehto 9 months ago committed by Brad Fitzpatrick
parent 4bbac72868
commit fe0cfec4ad

@ -403,6 +403,12 @@ func (r *linuxRouter) Set(cfg *Config) error {
} }
r.snatSubnetRoutes = cfg.SNATSubnetRoutes r.snatSubnetRoutes = cfg.SNATSubnetRoutes
// Issue 11405: enable IP forwarding on gokrazy.
advertisingRoutes := len(cfg.SubnetRoutes) > 0
if distro.Get() == distro.Gokrazy && advertisingRoutes {
r.enableIPForwarding()
}
return multierr.New(errs...) return multierr.New(errs...)
} }
@ -911,6 +917,28 @@ func (r *linuxRouter) upInterface() error {
return netlink.LinkSetUp(link) return netlink.LinkSetUp(link)
} }
func (r *linuxRouter) enableIPForwarding() {
sysctls := map[string]string{
"net.ipv4.ip_forward": "1",
"net.ipv6.conf.all.forwarding": "1",
}
for k, v := range sysctls {
if err := writeSysctl(k, v); err != nil {
r.logf("warning: %v", k, v, err)
continue
}
r.logf("sysctl(%v=%v): ok", k, v)
}
}
func writeSysctl(key, val string) error {
fn := "/proc/sys/" + strings.Replace(key, ".", "/", -1)
if err := os.WriteFile(fn, []byte(val), 0644); err != nil {
return fmt.Errorf("sysctl(%v=%v): %v", key, val, err)
}
return nil
}
// downInterface sets the tunnel interface administratively down. // downInterface sets the tunnel interface administratively down.
func (r *linuxRouter) downInterface() error { func (r *linuxRouter) downInterface() error {
if r.useIPCommand() { if r.useIPCommand() {

Loading…
Cancel
Save