Documentation
¶
Overview ¶
Package tsconst exports some constants used elsewhere in the codebase.
Index ¶
Constants ¶
const ( HealthWarnableUpdateAvailable = "update-available" HealthWarnableSecurityUpdateAvailable = "security-update-available" HealthWarnableIsUsingUnstableVersion = "is-using-unstable-version" HealthWarnableNetworkStatus = "network-status" HealthWarnableWantRunningFalse = "wantrunning-false" HealthWarnableLocalLogConfigError = "local-log-config-error" HealthWarnableLoginState = "login-state" HealthWarnableNotInMapPoll = "not-in-map-poll" HealthWarnableNoDERPHome = "no-derp-home" HealthWarnableNoDERPConnection = "no-derp-connection" HealthWarnableDERPTimedOut = "derp-timed-out" HealthWarnableDERPRegionError = "derp-region-error" HealthWarnableNoUDP4Bind = "no-udp4-bind" HealthWarnableMapResponseTimeout = "mapresponse-timeout" HealthWarnableTLSConnectionFailed = "tls-connection-failed" HealthWarnableMagicsockReceiveFuncError = "magicsock-receive-func-error" HealthWarnableTestWarnable = "test-warnable" HealthWarnableApplyDiskConfig = "apply-disk-config" HealthWarnableWarmingUp = "warming-up" )
const ( // The mask for reading/writing the 'firewall mask' bits on a packet. // See the comment on the const block on why we only use the third byte. // // We claim bits 16:23 entirely. For now we only use the lower four // bits, leaving the higher 4 bits for future use. LinuxFwmarkMask = "0xff0000" LinuxFwmarkMaskNum = 0xff0000 // Packet is from Tailscale and to a subnet route destination, so // is allowed to be routed through this machine. LinuxSubnetRouteMark = "0x40000" LinuxSubnetRouteMarkNum = 0x40000 // Packet was originated by tailscaled itself, and must not be // routed over the Tailscale network. LinuxBypassMark = "0x80000" LinuxBypassMarkNum = 0x80000 )
The following bits are added to packet marks for Tailscale use.
We tried to pick bits sufficiently out of the way that it's unlikely to collide with existing uses. We have 4 bytes of mark bits to play with. We leave the lower byte alone on the assumption that sysadmins would use those. Kubernetes uses a few bits in the second byte, so we steer clear of that too.
Empirically, most of the documentation on packet marks on the internet gives the impression that the marks are 16 bits wide. Based on this, we theorize that the upper two bytes are relatively unused in the wild, and so we consume bits 16:23 (the third byte).
The constants are in the iptables/iproute2 string format for matching and setting the bits, so they can be directly embedded in commands.
const TailnetLockNotTrustedMsg = "this node is not trusted by network lock"
TailnetLockNotTrustedMsg is the error message used by network lock and sniffed (via substring) out of an error sent over the network.
const WebListenPort = 5252
WebListenPort is the static port used for the web client when run inside tailscaled. (5252 are the numbers above the letters "TSTS" on a qwerty keyboard.)
const WintunInterfaceDesc = "Tailscale Tunnel"
WintunInterfaceDesc is the description attached to Tailscale interfaces on Windows. This is set by the WinTun driver.
const WintunInterfaceDesc0_14 = "Wintun Userspace Tunnel"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files