Página Principal Explorar Ajuda
Iniciar Sessão
Tailscale
/
tailscale
mirror de https://github.com/tailscale/tailscale.git
2
0
Fork 0
Ficheiros Problemas 0 Wiki
Ver Fonte

net/tstun,wgengine: split PreFilterOut into multiple hooks

A subsequent commit implements handling of magicDNS traffic via netstack.
Implementing this requires a hook for traffic originating from the host and
hitting the tun, so we make another hook to support this.

Signed-off-by: Tom DNetto <[email protected]>
Tom DNetto há 3 anos atrás
pai
9dee6adfab
commit
dc71d3559f
2 ficheiros alterados com 21 adições e 7 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 20 6
      net/tstun/wrap.go
  2. 1 1
      wgengine/userspace.go

+ 20 - 6
net/tstun/wrap.go
Ver Ficheiro 

@@ -135,9 +135,16 @@ type Wrapper struct {
 
 	PreFilterIn FilterFunc
 
 	// PostFilterIn is the inbound filter function that runs after the main filter.
 
 	PostFilterIn FilterFunc
 
-	// PreFilterOut is the outbound filter function that runs before the main filter
 
-	// and therefore sees the packets that may be later dropped by it.
 
-	PreFilterOut FilterFunc
 
+	// PreFilterFromTunToNetstack is a filter function that runs before the main filter
 
+	// for packets from the local system. This filter is populated by netstack to hook
 
+	// packets that should be handled by netstack. If set, this filter runs before
 
+	// PreFilterFromTunToEngine.
 
+	PreFilterFromTunToNetstack FilterFunc
 
+	// PreFilterFromTunToEngine is a filter function that runs before the main filter
 
+	// for packets from the local system. This filter is populated by wgengine to hook
 
+	// packets which it handles internally. If both this and PreFilterFromTunToNetstack
 
+	// filter functions are non-nil, this filter runs second.
 
+	PreFilterFromTunToEngine FilterFunc
 
 	// PostFilterOut is the outbound filter function that runs after the main filter.
 
 	PostFilterOut FilterFunc
 
 
@@ -451,9 +458,16 @@ func (t *Wrapper) filterOut(p *packet.Parsed) filter.Response {
 
 		return filter.DropSilently
 
 	}
 
 
-	if t.PreFilterOut != nil {
 
-		if res := t.PreFilterOut(p, t); res.IsDrop() {
 
-			// Handled by userspaceEngine.handleLocalPackets (quad-100 DNS primarily).
 
+	if t.PreFilterFromTunToNetstack != nil {
 
+		if res := t.PreFilterFromTunToNetstack(p, t); res.IsDrop() {
 
+			// Handled by netstack.Impl.handleLocalPackets (quad-100 DNS primarily)
 
+			return res
 
+		}
 
+	}
 
+	if t.PreFilterFromTunToEngine != nil {
 
+		if res := t.PreFilterFromTunToEngine(p, t); res.IsDrop() {
 
+			// Handled by userspaceEngine.handleLocalPackets (primarily handles
 
+			// quad-100 if netstack is not installed).
 
 			return res
 
 		}
 
 	}

+ 1 - 1
wgengine/userspace.go
Ver Ficheiro 

@@ -362,7 +362,7 @@ func NewUserspaceEngine(logf logger.Logf, conf Config) (_ Engine, reterr error)
 
 	if conf.RespondToPing {
 
 		e.tundev.PostFilterIn = echoRespondToAll
 
 	}
 
-	e.tundev.PreFilterOut = e.handleLocalPackets
 
+	e.tundev.PreFilterFromTunToEngine = e.handleLocalPackets
 
 
 	if envknob.BoolDefaultTrue("TS_DEBUG_CONNECT_FAILURES") {
 
 		if e.tundev.PreFilterIn != nil {