Open bottiger1 opened 1 week ago
Executing this command after tailscale up fixes the problem, but this is a very bad workaround as there doesn't seem to be any hook to execute commands to add or remove this rule, and tailscale always puts it's own rules at the top.
iptables -I INPUT 1 -s 100.100.0.0 -j ACCEPT
I would suggest just removing the iptables rule: DROP all -- !tailscale0 * 100.64.0.0/10
Relevant line is here.
If there's some good reason for this rule then I would like to suggest adding a command line option to specify ips to whitelist.
What is the issue?
I have a vm that needs to communicate with another server in the same lan that has the ip 100.100.0.0 which happens to be on the tailscale ip range of 100.64.0.0/10. When I turn on tailscale, I cannot ping or connect to 100.100.0.0 anymore.
I don't have any tailscale ips that use 100.100.0.0 but it is still blocked even if I set ipv4 to false.
I think the reason it is blocked is because of this iptables rule created by tailscale that drops any packets.
Can this rule be removed? What is the point of this rule? Or is there any automated workaround for this?
Steps to reproduce
No response
Are there any recent changes that introduced the issue?
No response
OS
Linux
OS version
Ubuntu 22.04
Tailscale version
1.68.1
Other software
No response
Bug report
No response