mirror of
https://github.com/tailscale/tailscale.git
synced 2026-05-07 05:06:30 +02:00
728622665f
* wgengine/router: fall back and set iptables as default again Due to the conflict between our nftables implementation and ufw, which is a common utility used on linux. We now want to take a step back to prevent regression. This will give us more chance to let users to test our nftables support and heuristic. Updates: #391 Signed-off-by: KevinLiang10 <kevinliang@tailscale.com> (cherry picked from commit 93cab562772fdd1719546d4c54b5ba09452eb411) * util/linuxfw: reorganize nftables rules to allow it to work with ufw This commit tries to mimic the way iptables-nft work with the filewall rules. We follow the convention of using tables like filter, nat and the conventional chains, to make our nftables implementation work with ufw. Updates: #391 Signed-off-by: KevinLiang10 <kevinliang@tailscale.com> (cherry picked from commit b040094b908cff76f63d2f81b93397706e2e4605) * tailcfg: update docs on NetInfo.FirewallMode Updates #391 Change-Id: Ifef196b31dd145f424fb0c0d0bb04565cc22c717 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com> (cherry picked from commit 282dad1b629981aeab05f2aca00e52337effa8b0) --------- Co-authored-by: KevinLiang10 <kevinliang@tailscale.com> Co-authored-by: Brad Fitzpatrick <bradfitz@tailscale.com>