ccde8d18a1
This changes the default firewall method used by Tailscale to nftables.
The 'autodetection' mode is only supported by arm64 and amd64 for now[1].
This causes mips devices to not do proper detection and incorrectly default back to
iptables.
I added a fw_mode variable to the tailscale.conf file that could be
set to iptables for easy conversion for someone still using iptables.
I was able to test on an older mips device and my current aarch64
without issues.
Also a few readme updates to bring it up to the current status.
1. dc7aa98b76/util/linuxfw/linuxfw_unsupported.go (L4C58-L4C58)
Signed-off-by: Tyler Young <git@yfh.addy.io>
30 lines
1 KiB
Markdown
30 lines
1 KiB
Markdown
# Tailscale
|
|
This readme should help you with tailscale client setup.
|
|
|
|
## Install
|
|
There are two packages related to tailscale. Tailscaled (daemon which has to run every time you want to be connected to VPN) and tailscale (package with a utility which is necessary for registering device).
|
|
|
|
To install them run
|
|
```
|
|
opkg install tailscale tailscaled
|
|
```
|
|
> [!NOTE]
|
|
> By default this package will use nftables. If you wish to use iptables, the config file `/etc/config/tailscale` can be modfied, changing the line `fw_mode 'nftables'` to `fw_mode 'iptables'`. You can then run `/etc/init.d/tailscale restart` to restart tailscale using your chosen method
|
|
|
|
## First setup
|
|
|
|
First, enable and run daemon
|
|
|
|
```
|
|
/etc/init.d/tailscale enable
|
|
/etc/init.d/tailscale start
|
|
```
|
|
|
|
Then you should use tailscale utility to get a login link for your device.
|
|
|
|
Run command and finish device registration with the given URL.
|
|
```
|
|
tailscale up
|
|
```
|
|
|
|
See the [OpenWrt wiki](https://openwrt.org/docs/guide-user/services/vpn/tailscale/start) for more detailed setup instructions
|