Skip to content

Latest commit

 

History

History
33 lines (22 loc) · 1 KB

README.md

File metadata and controls

33 lines (22 loc) · 1 KB
Raw

tsblock

Licensed under GPL-3.0 CI

tsblock prevents Tailscale from using specific network interfaces.

tsblock is developed to work around tailscale/tailscale#7594. Currently, interfaces whose name matches ^cilium_|^lxc are blocked. The pattern is hard-coded in main.go.

Requirements

  • Tailscale must be running as a systemd service.
  • tsblock must run as root. It is recommended to run tsblock as a systemd service.

How it works

tsblock utilizes eBPF to drop packets sent from tailscaled.service systemd unit.

Install

go build
sudo ./systemd/install.sh
sudo systemctl daemon-reload
sudo systemctl enable --now tsblock.service

Uninstall

sudo systemctl disable --now tsblock.service
sudo ./systemd/uninstall.sh