68a66ee81b
Some checks failed
checklocks / checklocks (push) Has been cancelled
CodeQL / Analyze (go) (push) Has been cancelled
Dockerfile build / deploy (push) Has been cancelled
CI / race-root-integration (1/4) (push) Has been cancelled
CI / race-root-integration (2/4) (push) Has been cancelled
CI / race-root-integration (3/4) (push) Has been cancelled
CI / race-root-integration (4/4) (push) Has been cancelled
CI / test (-coverprofile=/tmp/coverage.out, amd64) (push) Has been cancelled
CI / test (-race, amd64, 1/3) (push) Has been cancelled
CI / test (-race, amd64, 2/3) (push) Has been cancelled
CI / test (-race, amd64, 3/3) (push) Has been cancelled
CI / test (386) (push) Has been cancelled
CI / windows (push) Has been cancelled
CI / privileged (push) Has been cancelled
CI / vm (push) Has been cancelled
CI / race-build (push) Has been cancelled
CI / cross (386, linux) (push) Has been cancelled
CI / cross (amd64, darwin) (push) Has been cancelled
CI / cross (amd64, freebsd) (push) Has been cancelled
CI / cross (amd64, openbsd) (push) Has been cancelled
CI / cross (amd64, windows) (push) Has been cancelled
CI / cross (arm, 5, linux) (push) Has been cancelled
CI / cross (arm, 7, linux) (push) Has been cancelled
CI / cross (arm64, darwin) (push) Has been cancelled
CI / cross (arm64, linux) (push) Has been cancelled
CI / cross (arm64, windows) (push) Has been cancelled
CI / cross (loong64, linux) (push) Has been cancelled
CI / ios (push) Has been cancelled
CI / crossmin (amd64, illumos) (push) Has been cancelled
CI / crossmin (amd64, plan9) (push) Has been cancelled
CI / crossmin (amd64, solaris) (push) Has been cancelled
CI / crossmin (ppc64, aix) (push) Has been cancelled
CI / android (push) Has been cancelled
CI / wasm (push) Has been cancelled
CI / tailscale_go (push) Has been cancelled
CI / fuzz (push) Has been cancelled
CI / depaware (push) Has been cancelled
CI / go_generate (push) Has been cancelled
CI / go_mod_tidy (push) Has been cancelled
CI / licenses (push) Has been cancelled
CI / staticcheck (386, windows) (push) Has been cancelled
CI / staticcheck (amd64, darwin) (push) Has been cancelled
CI / staticcheck (amd64, linux) (push) Has been cancelled
CI / staticcheck (amd64, windows) (push) Has been cancelled
CI / notify_slack (push) Has been cancelled
CI / check_mergeability (push) Has been cancelled
We had the debug packet capture code + Lua dissector in the CLI + the iOS app. Now we don't, with tests to lock it in. As a bonus, tailscale.com/net/packet and tailscale.com/net/flowtrack no longer appear in the CLI's binary either. A new build tag ts_omit_capture disables the packet capture code and was added to build_dist.sh's --extra-small mode. Updates #12614 Change-Id: I79b0628c0d59911bd4d510c732284d97b0160f10 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
76 lines
2.7 KiB
Go
76 lines
2.7 KiB
Go
// Copyright (c) Tailscale Inc & AUTHORS
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
package packet
|
|
|
|
import (
|
|
"io"
|
|
"net/netip"
|
|
"time"
|
|
)
|
|
|
|
// Callback describes a function which is called to
|
|
// record packets when debugging packet-capture.
|
|
// Such callbacks must not take ownership of the
|
|
// provided data slice: it may only copy out of it
|
|
// within the lifetime of the function.
|
|
type CaptureCallback func(CapturePath, time.Time, []byte, CaptureMeta)
|
|
|
|
// CaptureSink is the minimal interface from [tailscale.com/feature/capture]'s
|
|
// Sink type that is needed by the core (magicsock/LocalBackend/wgengine/etc).
|
|
// This lets the relativel heavy feature/capture package be optionally linked.
|
|
type CaptureSink interface {
|
|
// Close closes
|
|
Close() error
|
|
|
|
// NumOutputs returns the number of outputs registered with the sink.
|
|
NumOutputs() int
|
|
|
|
// CaptureCallback returns a callback which can be used to
|
|
// write packets to the sink.
|
|
CaptureCallback() CaptureCallback
|
|
|
|
// WaitCh returns a channel which blocks until
|
|
// the sink is closed.
|
|
WaitCh() <-chan struct{}
|
|
|
|
// RegisterOutput connects an output to this sink, which
|
|
// will be written to with a pcap stream as packets are logged.
|
|
// A function is returned which unregisters the output when
|
|
// called.
|
|
//
|
|
// If w implements io.Closer, it will be closed upon error
|
|
// or when the sink is closed. If w implements http.Flusher,
|
|
// it will be flushed periodically.
|
|
RegisterOutput(w io.Writer) (unregister func())
|
|
}
|
|
|
|
// CaptureMeta contains metadata that is used when debugging.
|
|
type CaptureMeta struct {
|
|
DidSNAT bool // SNAT was performed & the address was updated.
|
|
OriginalSrc netip.AddrPort // The source address before SNAT was performed.
|
|
DidDNAT bool // DNAT was performed & the address was updated.
|
|
OriginalDst netip.AddrPort // The destination address before DNAT was performed.
|
|
}
|
|
|
|
// CapturePath describes where in the data path the packet was captured.
|
|
type CapturePath uint8
|
|
|
|
// CapturePath values
|
|
const (
|
|
// FromLocal indicates the packet was logged as it traversed the FromLocal path:
|
|
// i.e.: A packet from the local system into the TUN.
|
|
FromLocal CapturePath = 0
|
|
// FromPeer indicates the packet was logged upon reception from a remote peer.
|
|
FromPeer CapturePath = 1
|
|
// SynthesizedToLocal indicates the packet was generated from within tailscaled,
|
|
// and is being routed to the local machine's network stack.
|
|
SynthesizedToLocal CapturePath = 2
|
|
// SynthesizedToPeer indicates the packet was generated from within tailscaled,
|
|
// and is being routed to a remote Wireguard peer.
|
|
SynthesizedToPeer CapturePath = 3
|
|
|
|
// PathDisco indicates the packet is information about a disco frame.
|
|
PathDisco CapturePath = 254
|
|
)
|