public/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-02-21 20:20:31 +09:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity
Files
e44b402fe461b4bb90115b3751ee0ea39aa9952b
headscale/hscontrol
History
Kristoffer Dalby 835b7eb960 policy: autogroup:internet does not generate packet filters 
According to Tailscale SaaS behavior, autogroup:internet is handled
by exit node routing via AllowedIPs, not by packet filtering. ACL
rules with autogroup:internet as destination should produce no
filter rules for any node.

Previously, Headscale expanded autogroup:internet to public CIDR
ranges and distributed filters to exit nodes (because 0.0.0.0/0
"covers" internet destinations). This was incorrect.

Add detection for AutoGroupInternet in filter compilation to skip
filter generation for this autogroup. Update test expectations
accordingly.
2026-02-05 19:29:16 +01:00
..
assets
editorconfig: add basic editor config
2025-12-16 10:12:36 +01:00
capver
capver: generate
2025-12-18 10:02:23 +01:00
db
db: use PolicyManager for RequestTags migration
2026-01-21 15:10:29 +01:00
derp
derp: migrate to derpserver package API
2026-01-21 19:17:10 +00:00
dns
integration: replace time.Sleep with assert.EventuallyWithT (#2680)
2025-07-10 23:38:55 +02:00
mapper
state: set User pointer during tagged→user-owned conversion
2026-02-04 15:44:55 +01:00
policy
policy: autogroup:internet does not generate packet filters
2026-02-05 19:29:16 +01:00
routes
debug: add json and improve
2025-09-09 09:40:00 +02:00
state
state: set User pointer during tagged→user-owned conversion
2026-02-04 15:44:55 +01:00
templates
Link to headscale.net for docs
2026-01-16 14:54:04 +01:00
types
gen: regenerate protobuf and type views
2026-01-21 19:17:10 +00:00
util
util/dns: fix variable redeclaration in ValidateDNSName
2026-01-17 10:13:24 +01:00
app.go
app: only wire up debug server if set
2025-12-17 12:32:04 +01:00
auth_tags_test.go
state: fix expiry handling during node tag conversion
2026-02-04 15:44:55 +01:00
auth_test.go
integration: add test for tagged→user-owned conversion panic
2026-02-04 15:44:55 +01:00
auth.go
cli: ensure tagged-devices is included in profile list (#2991)
2026-01-09 16:31:23 +01:00
debug.go
lint and leftover
2025-09-09 09:40:00 +02:00
grpcv1_test.go
grpc: support expire/delete API keys by ID
2026-01-20 17:13:38 +01:00
grpcv1.go
grpc: support expire/delete API keys by ID
2026-01-20 17:13:38 +01:00
handlers.go
all: remove deadcode (#2952)
2025-12-10 15:55:15 +01:00
metrics.go
all: remove deadcode (#2952)
2025-12-10 15:55:15 +01:00
noise.go
all: remove deadcode (#2952)
2025-12-10 15:55:15 +01:00
oidc_template_test.go
make tags first class node owner (#2885)
2025-12-02 12:01:25 +01:00
oidc_test.go
oidc: make email verification configurable
2025-12-18 11:42:32 +00:00
oidc.go
oidc: make email verification configurable
2025-12-18 11:42:32 +00:00
platform_config.go
Return better web errors to the user (#2398)
2025-02-01 15:25:18 +01:00
poll.go
all: remove deadcode (#2952)
2025-12-10 15:55:15 +01:00
tailsql.go
integration: replace time.Sleep with assert.EventuallyWithT (#2680)
2025-07-10 23:38:55 +02:00
templates_consistency_test.go
Link to headscale.net for docs
2026-01-16 14:54:04 +01:00