You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/ipn/ipnlocal
Andrew Lytvynov c9179bc261
various: disable stateful filtering by default (#12197)
After some analysis, stateful filtering is only necessary in tailnets
that use `autogroup:danger-all` in `src` in ACLs. And in those cases
users explicitly specify that hosts outside of the tailnet should be
able to reach their nodes. To fix local DNS breakage in containers, we
disable stateful filtering by default.

Updates #12108

Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
6 months ago
..
testdata ipn/ipnlocal: fix the path for writing cert files (#7203) 2 years ago
breaktcp_darwin.go cmd/tailscale: add debug commands to break connections 1 year ago
breaktcp_linux.go cmd/tailscale: add debug commands to break connections 1 year ago
c2n.go ipn/ipnlocal,ssh/tailssh: reject c2n /update if SSH conns are active (#11820) 7 months ago
c2n_pprof.go ipn/ipnlocal: add c2n /debug/pprof/allocs endpoint 8 months ago
c2n_test.go util/cmpx: delete now that we're using Go 1.22 9 months ago
cert.go ipn/ipnlocal: remove ancient transition mechanism for https certs 9 months ago
cert_js.go ipn/ipnlocal: add c2n method to check on TLS cert fetch status 1 year ago
cert_test.go all: use Go 1.21 slices, maps instead of x/exp/{slices,maps} 1 year ago
dnsconfig_test.go util/cmpx: delete now that we're using Go 1.22 9 months ago
drive.go ipn/ipnlocal: reuse transport across Taildrive remotes 7 months ago
expiry.go ssh/tailssh: use control server time instead of local time 1 year ago
expiry_test.go types/netmap, all: make NetworkMap.SelfNode a tailcfg.NodeView 1 year ago
local.go various: disable stateful filtering by default (#12197) 6 months ago
local_test.go ipnlocal, magicsock: add more description to storing last suggested exit (#11998) 6 months ago
loglines_test.go ipn/ipnlocal, all: plumb health trackers in tests 6 months ago
network-lock.go ipn/{ipnlocal,localapi},wgengine{,/magicsock}: plumb health.Tracker 7 months ago
network-lock_test.go ipn/ipnlocal: plumb health.Tracker into profileManager constructor 7 months ago
peerapi.go net/{interfaces,netmon}, all: merge net/interfaces package into net/netmon 7 months ago
peerapi_h2c.go all: update copyright and license headers 2 years ago
peerapi_macios_ext.go net/netmon, add: add netmon.State type alias of interfaces.State 7 months ago
peerapi_test.go ipn/ipnlocal, all: plumb health trackers in tests 6 months ago
profiles.go various: disable stateful filtering by default (#12197) 6 months ago
profiles_notwindows.go ipn/ipnlocal: fix profile duplication 1 year ago
profiles_test.go various: disable stateful filtering by default (#12197) 6 months ago
profiles_windows.go ipn/ipnlocal: set default NoStatefulFiltering in ipn.NewPrefs (#12031) 6 months ago
serve.go all: use Go 1.22 range-over-int 7 months ago
serve_test.go ipn/ipnlocal, all: plumb health trackers in tests 6 months ago
ssh.go ipnlocal: log failure to get ssh host keys 10 months ago
ssh_stub.go ipnlocal: log failure to get ssh host keys 10 months ago
ssh_test.go ipn/ipnlocal: plumb health.Tracker into profileManager constructor 7 months ago
state_test.go control/controlclient: delete unused Client.Login Oauth2Token field 6 months ago
taildrop.go ipn/localapi: add support for multipart POST to file-put 8 months ago
web_client.go all: remove LenIter, use Go 1.22 range-over-int instead 9 months ago
web_client_stub.go ipn/ipnlocal: add mutex to webClient struct 1 year ago