personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2025-11-09 00:33:58 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Immediately forward packets received on the nebula TUN device from self to self (#501)

Browse Source 
* Immediately forward packets received on the nebula TUN device with a destination of our Nebula VPN IP right back out that same TUN device on MacOS.
This commit is contained in:
brad-defined 2022-06-27 14:36:10 -04:00 committed by GitHub
parent 0d1ee4214a
commit 169cdbbd35
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
inside.go
View File

@ -23,8 +23,18 @@ func (f *Interface) consumeInsidePacket(packet []byte, fwPacket *firewall.Packet
return return
} }
// Ignore packets from self to self
if fwPacket.RemoteIP == f.myVpnIp { if fwPacket.RemoteIP == f.myVpnIp {
// Immediately forward packets from self to self.
// This should only happen on Darwin-based hosts, which routes packets from
// the Nebula IP to the Nebula IP through the Nebula TUN device.
if immediatelyForwardToSelf {
_, err := f.readers[q].Write(packet)
if err != nil {
f.l.WithError(err).Error("Failed to forward to tun")
}
}
// Otherwise, drop. On linux, we should never see these packets - Linux
// routes packets from the nebula IP to the nebula IP through the loopback device.
return return
} }

3
inside_darwin.go Normal file
View File

@ -0,0 +1,3 @@
package nebula
const immediatelyForwardToSelf bool = true

6
inside_generic.go Normal file
View File

@ -0,0 +1,6 @@
//go:build !darwin
// +build !darwin
package nebula
const immediatelyForwardToSelf bool = false