-
### Description
gVisor already supports iptables to enable packet filtering, mangling, NAT, etc. But Linux users are migrating over time to a newer system to support a similar set of features: nftabl…
-
### What is the issue?
After closing the serve command the tailscale daemon starts consuming all the available cpu power.
I did run the ```tailscale debug --cpu-profile=cpu.prof2```
and this …
-
### 问题
在macOS 15下TUN模式完全不可用,控制台的connection处也收到不到任何请求,系统代理可以正常使用。同样的Yaml配置文件换用Verge的TUN模式是可用的,查看网络的DNS也已经被自动修改为198.18.0.2。
### clashX config
```
redir-port: 7892
tproxy-port: 7895
port: 7890
…
-
### Description
We're seeing pods getting stuck in a Terminating state permanently. Any commands done via `crictl` or `ctr` fail in the same way as the containerd and kubelet logs suggest (see belo…
-
Some gVisor syscall tests are almost identical and can easily be combined. This requires changes to the parameterized test parameter.
Example tests are UDPBroadcastSendRecvOnSocketBoundToAny and UDPB…
-
https://github.com/GoogleCloudPlatform/govanityurls
-
https://github.com/google/gvisor/blob/257703c050e5901aeb3734f200f5a6b41856b4d9/pkg/tcpip/link/tun/device.go#L155
TAP devices do not have a link address when it is created. TAP devices emulate a lin…
-
intro(5) says
>All directories must support walks to the directory .. (dot–dot) meaning parent directory, although by convention directories contain no explicit entry for .. or . (dot). The parent …
-
In many places `strings.Split(remote, ":")` is used to split the ip and port. This does not work for ipv6 addresses.
https://github.com/containers/gvisor-tap-vsock/blob/9d8e7a5c6c5ac56290da3d78c5cd…
-
Currently `containerd-driver` gives the ability to set the [`runtime at the plugin level`](https://github.com/Roblox/nomad-driver-containerd/blob/master/example/agent.hcl#L6)
It doesn't allow you t…