isOSNetworkProbe reports whether the target is likely a network connectivity probe target from e.g. iOS or Ubuntu network-manager. iOS likes to probe Apple IPs on all interfaces to check for connectivity. Don't start timers tracking those. They won't succeed anyway. Avoids log spam like:
(dst netip.AddrPort)
| 128 | // Don't start timers tracking those. They won't succeed anyway. Avoids log |
| 129 | // spam like: |
| 130 | func (e *userspaceEngine) isOSNetworkProbe(dst netip.AddrPort) bool { |
| 131 | // iOS had log spam like: |
| 132 | // open-conn-track: timeout opening (100.115.73.60:52501 => 17.125.252.5:443); no associated peer node |
| 133 | if runtime.GOOS == "ios" && dst.Port() == 443 && appleIPRange.Contains(dst.Addr()) { |
| 134 | if _, ok := e.PeerForIP(dst.Addr()); !ok { |
| 135 | return true |
| 136 | } |
| 137 | } |
| 138 | // NetworkManager; https://github.com/tailscale/tailscale/issues/13687 |
| 139 | // open-conn-track: timeout opening (TCP 100.96.229.119:42798 => 185.125.190.49:80); no associated peer node |
| 140 | if runtime.GOOS == "linux" && dst.Port() == 80 && canonicalIPs()(dst.Addr()) { |
| 141 | if _, ok := e.PeerForIP(dst.Addr()); !ok { |
| 142 | return true |
| 143 | } |
| 144 | } |
| 145 | return false |
| 146 | } |
| 147 | |
| 148 | func (e *userspaceEngine) trackOpenPostFilterOut(pp *packet.Parsed, t *tstun.Wrapper) (res filter.Response) { |
| 149 | res = filter.Accept // always |
no test coverage detected