lzc256
/
tailscale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wgengine/router: disable IPv6 if v6 policy routing is unavailable. 

Fixes #895.

Signed-off-by: David Anderson <danderson@tailscale.com>
(cherry picked from commit a664aac877)
release-branch/1.2
David Anderson 2020-11-11 15:05:15 -08:00
parent e29f92f653
commit c242540a97
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
wgengine/router/router_linux.go
View File

@ -1023,6 +1023,20 @@ func supportsV6() bool {
return false return false
} }
// Older kernels don't support IPv6 policy routing.
bs, err = ioutil.ReadFile("/proc/sys/net/ipv6/conf/all/disable_policy")
if err != nil {
// Absent knob means policy routing is unsupported.
return false
}
disabled, err = strconv.ParseBool(strings.TrimSpace(string(bs)))
if err != nil {
return false
}
if disabled {
return false
}
// Some distros ship ip6tables separately from iptables. // Some distros ship ip6tables separately from iptables.
if _, err := exec.LookPath("ip6tables"); err != nil { if _, err := exec.LookPath("ip6tables"); err != nil {
return false return false