wip

2026-05-08 13:46:46 +02:00 · 2024-03-27 16:59:20 -04:00 · 2024-03-27 16:59:20 -04:00 · 1d460731bd
commit 1d460731bd
parent 7ae5f3a5ce
2 changed files with 14 additions and 0 deletions
--- a/ipn/ipnlocal/local.go
+++ b/ipn/ipnlocal/local.go
@ -1142,6 +1142,9 @@ func (b *LocalBackend) SetControlClientStatus(c controlclient.Client, st control
 	if setExitNodeID(prefs, st.NetMap) {
 		prefsChanged = true
 	}
+	if setExitNodeDstLogging(prefs) {
+		prefsChanged = true
+	}
 	if applySysPolicy(prefs) {
 		prefsChanged = true
 	}
@ -1327,6 +1330,14 @@ func applySysPolicy(prefs *ipn.Prefs) (anyChange bool) {
 	return anyChange
 }

+func setExitNodeDstLogging(prefs *ipn.Prefs) (anyChange bool) {
+	if enable, err := syspolicy.GetBoolean(syspolicy.ExitDestinationFlowLogs, prefs.ExitDestinationFlowLog); err == nil && prefs.ExitDestinationFlowLog != enable {
+		prefs.ExitDestinationFlowLog = enable
+		anyChange = true
+	}
+	return anyChange
+}
+
 var _ controlclient.NetmapDeltaUpdater = (*LocalBackend)(nil)

 // UpdateNetmapDelta implements controlclient.NetmapDeltaUpdater.
@ -3239,6 +3250,7 @@ func (b *LocalBackend) setPrefsLockedOnEntry(caller string, newp *ipn.Prefs) ipn
 	// everything in this function treats b.prefs as completely new
 	// anyway. No-op if no exit node resolution is needed.
 	setExitNodeID(newp, netMap)
+	setExitNodeDstLogging(newp)
 	// applySysPolicy does likewise so we can also ignore its return value.
 	applySysPolicy(newp)
 	// We do this to avoid holding the lock while doing everything else.
--- a/ipn/prefs.go
+++ b/ipn/prefs.go
@ -109,6 +109,8 @@ type Prefs struct {
 	// routed directly or via the exit node.
 	ExitNodeAllowLANAccess bool

+	ExitDestinationFlowLog bool
+
 	// CorpDNS specifies whether to install the Tailscale network's
 	// DNS configuration, if it exists.
 	CorpDNS bool