You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
tailscale/util
Maisem Ali c3a8e63100 util/linuxfw: add additional nftable detection logic
We were previously using the netlink API to see if there are chains/rules that
already exist. This works fine in environments where there is either full
nftable support or no support at all. However, we have identified certain
environments which have partial nftable support and the only feasible way of
detecting such an environment is to try to create some of the chains that we
need.

This adds a check to create a dummy postrouting chain which is immediately
deleted. The goal of the check is to ensure we are able to use nftables and
that it won't error out later. This check is only done in the path where we
detected that the system has no preexisting nftable rules.

Updates #5621
Updates #8555
Updates #8762

Signed-off-by: Maisem Ali <maisem@tailscale.com>
1 year ago
..
cibuild all: update copyright and license headers 2 years ago
clientmetric util/clientmetric: allow client metric values to be provided by a function 2 years ago
cloudenv all: update copyright and license headers 2 years ago
cmpver util/cmpver: only consider ascii numerals (#9741) 1 year ago
cmpx all: update exp/slices and fix call sites 1 year ago
codegen util/codegen: support embedded fields 2 years ago
cstruct all: update copyright and license headers 2 years ago
deephash util/deephash: add IncludeFields, ExcludeFields HasherForType Options 1 year ago
dirwalk all: use tstest.Replace more 2 years ago
dnsname cmd/tailscale: extend hostname validation (#7678) 2 years ago
goroutines util/goroutines: let ScrubbedGoroutineDump get only current stack 1 year ago
groupmember all: update copyright and license headers 2 years ago
hashx all: update copyright and license headers 2 years ago
httphdr util/httphdr: add new package for parsing HTTP headers (#9797) 1 year ago
httpm util/httpm, all: add a test to make sure httpm is used consistently 1 year ago
jsonutil all: update copyright and license headers 2 years ago
limiter util/lru, util/limiter: add debug helper to dump state as HTML 1 year ago
lineread all: update copyright and license headers 2 years ago
linuxfw util/linuxfw: add additional nftable detection logic 1 year ago
lru util/lru: update c.head when deleting the most recently used entry 1 year ago
mak various: add golangci-lint, fix issues (#7905) 2 years ago
multierr all: use Go 1.21 slices, maps instead of x/exp/{slices,maps} 1 year ago
must all: update copyright and license headers 2 years ago
nocasemaps util/nocasemaps: import nocasemaps from corp 1 year ago
osdiag util/osdiag: add query for Windows page file configuration and status 1 year ago
osshare all: update copyright and license headers 2 years ago
pidowner all: update copyright and license headers 2 years ago
precompress all: update copyright and license headers 2 years ago
quarantine all: update copyright and license headers 2 years ago
race util/race: add test to confirm we don't leak goroutines 1 year ago
racebuild all: update copyright and license headers 2 years ago
rands util/rands: add package with HexString func 1 year ago
ringbuffer util/ringbuffer: move generic ringbuffer from corp repo 2 years ago
set util/set: add some useful utility functions for Set (#9535) 1 year ago
singleflight all: update copyright and license headers 2 years ago
slicesx util/slicesx: add EqualSameNil, like slices.Equal but same nilness 1 year ago
syspolicy ipn/ipnlocal: change serial number policy to be PreferenceOption 1 year ago
sysresources util/sysresources, magicsock: scale DERP buffer based on system memory 2 years ago
systemd all: update copyright and license headers 2 years ago
testenv util/testenv: add new package to hold InTest 1 year ago
truncate util: add truncate package (#7490) 2 years ago
uniq all: update copyright and license headers 2 years ago
vizerror util/vizerror: add As function to get wrapped Error 2 years ago
winutil winutil: refactor methods to get values from registry to also return (#9536) 1 year ago