mirrors/tailscale
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity
e5f67f90a2
tailscale/wgengine
History
Andrea Gottardo e5f67f90a2
xcode: allow ICMP ping relay on macOS + iOS platforms (#12048) 
Fixes tailscale/tailscale#10393
Fixes tailscale/corp#15412
Fixes tailscale/corp#19808

On Apple platforms, exit nodes and subnet routers have been unable to relay pings from Tailscale devices to non-Tailscale devices due to sandbox restrictions imposed on our network extensions by Apple. The sandbox prevented the code in netstack.go from spawning the `ping` process which we were using.

Replace that exec call with logic to send an ICMP echo request directly, which appears to work in userspace, and not trigger a sandbox violation in the syslog.

Signed-off-by: Andrea Gottardo <andrea@gottardo.me>
2024-05-16 11:57:57 -07:00
..
bench ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
capture various: add golangci-lint, fix issues (#7905) 2023-04-17 18:38:24 -04:00
filter all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
magicsock ipnlocal, magicsock: add more description to storing last suggested exit (#11998) 2024-05-10 10:30:10 -04:00
netlog wgengine: add exit destination logging enable for wgengine logger (#11952) 2024-05-02 13:55:05 -04:00
netstack xcode: allow ICMP ping relay on macOS + iOS platforms (#12048) 2024-05-16 11:57:57 -07:00
router wgengine/router: print Docker warning when stateful filtering is enabled 2024-05-09 12:26:11 -06:00
wgcfg tailcfg,all: add/plumb Node.IsJailed 2024-05-06 15:32:22 -07:00
wgint wgengine{,/wgint}: add wgint.Peer wrapper type, add to wgengine.Engine 2024-02-28 09:50:18 -08:00
wglog all: use Go 1.22 range-over-int 2024-04-16 15:32:38 -07:00
winnet all: update copyright and license headers 2023-01-27 15:36:29 -08:00
mem_ios.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
pendopen.go wgengine: make pendOpen time later, after dup check 2024-02-26 19:09:12 -08:00
userspace_ext_test.go ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
userspace_test.go ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
userspace.go ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
watchdog_js.go all: update copyright and license headers 2023-01-27 15:36:29 -08:00
watchdog_test.go ipn/ipnlocal, all: plumb health trackers in tests 2024-05-07 22:22:10 -07:00
watchdog.go ipn/ipnlocal,net/tstun,wgengine: create and plumb jailed packet filter 2024-05-06 15:32:22 -07:00
wgengine.go ipn/ipnlocal,net/tstun,wgengine: create and plumb jailed packet filter 2024-05-06 15:32:22 -07:00