Commit Graph

105 Commits (1dc3136a24042bc5adeb54d26caf67c3309bebc5)

Author SHA1 Message Date
David Anderson 8c0a0450d9 ipn/ipnlocal: allow client access to exit node's public IPs.
"public IP" is defined as an IP address configured on the exit node
itself that isn't in the list of forbidden ranges (RFC1918, CGNAT,
Tailscale).

Fixes #1522.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 82edf94df7 ipn/ipnlocal: make IPv6 OS routes be a single /48 for our ULA space
And if we have over 10,000 CGNAT routes, just route the entire
CGNAT range. (for the hello test server)

Fixes #1450

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
David Anderson f647e3daaf ipn/ipnlocal: transform default routes into "all but LAN" routes.
Fixes #1177.

Signed-off-by: David Anderson <danderson@tailscale.com>
4 years ago
Brad Fitzpatrick 1e7a35b225 types/netmap: split controlclient.NetworkMap off into its own leaf package
Updates #1278

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago
Brad Fitzpatrick d76334d2f0 ipn: split LocalBackend off into new ipn/ipnlocal package
And move a couple other types down into leafier packages.

Now cmd/tailscale doesn't bring in netlink, magicsock, wgengine, etc.

Fixes #1181

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
4 years ago