Tyler Young ccde8d18a1 tailscale: set nftables as default

This changes the default firewall method used by Tailscale to nftables.
The 'autodetection' mode is only supported by arm64 and amd64 for now[1].
This causes mips devices to not do proper detection and incorrectly default back to
iptables.

I added a fw_mode variable to the tailscale.conf file that could be
set to iptables for easy conversion for someone still using iptables.
I was able to test on an older mips device and my current aarch64
without issues.

Also a few readme updates to bring it up to the current status.

1. dc7aa98b76/util/linuxfw/linuxfw_unsupported.go (L4C58-L4C58)

Signed-off-by: Tyler Young <git@yfh.addy.io>

2023-09-15 09:49:47 +08:00

1 KiB

Raw Permalink Blame History

Tailscale

This readme should help you with tailscale client setup.

Install

There are two packages related to tailscale. Tailscaled (daemon which has to run every time you want to be connected to VPN) and tailscale (package with a utility which is necessary for registering device).

To install them run

opkg install tailscale tailscaled

Note

By default this package will use nftables. If you wish to use iptables, the config file /etc/config/tailscale can be modfied, changing the line fw_mode 'nftables' to fw_mode 'iptables'. You can then run /etc/init.d/tailscale restart to restart tailscale using your chosen method

First setup

First, enable and run daemon

/etc/init.d/tailscale enable
/etc/init.d/tailscale start

Then you should use tailscale utility to get a login link for your device.

Run command and finish device registration with the given URL.

tailscale up

See the OpenWrt wiki for more detailed setup instructions

1 KiB Raw Permalink Blame History

Tailscale

Install

First setup

1 KiB

Raw Permalink Blame History