mirror of
https://github.com/tailscale/tailscale.git
synced 2026-06-11 21:02:39 +08:00
1dc08f4d41
modifying DNS responses for domains they are also connectors for For Connectors 2025, determine if a client is configured as a connector and what domains it is a connector for. When acting as a client, don't install Split DNS routes to other connectors for those domains, and don't alter DNS responses for those domains. The responses are forwarded back to the original client, which in turn does the alteration, swapping the real IP for a Magic IP. A client is also a connector for a domain if it has tags that overlap with tags in the configured policy, and --advertise-connector=true in the prefs (not in the self-node Hostinfo from the netmap). We use the prefs as the source of truth because control only gets a copy from the prefs, and may drift. And the AppConnector field is currently zeroed out in the self-node Hostinfo from control. The extension adds a ProfileStateChange hook to process prefs changes, and the config type is split into prefs and nodeview sub-configs. Fixes tailscale/corp#39317 Signed-off-by: Michael Ben-Ami <mzb@tailscale.com> |
||
|---|---|---|
| .. | ||
| ace | ||
| appconnectors | ||
| awsparamstore | ||
| buildfeatures | ||
| c2n | ||
| capture | ||
| clientupdate | ||
| condlite/expvar | ||
| condregister | ||
| conn25 | ||
| debugportmapper | ||
| doctor | ||
| drive | ||
| featuretags | ||
| identityfederation | ||
| linkspeed | ||
| linuxdnsfight | ||
| oauthkey | ||
| portlist | ||
| portmapper | ||
| posture | ||
| relayserver | ||
| sdnotify | ||
| ssh | ||
| syspolicy | ||
| taildrop | ||
| tap | ||
| tpm | ||
| tundevstats | ||
| useproxy | ||
| wakeonlan | ||
| feature.go | ||
| hooks.go | ||
| sdnotify.go | ||