Skip to content
Snippets Groups Projects

systemd-services/tailscale: use nftables backend

Merged systemd-services/tailscale: use nftables backend
caleb/tailscale-nftables into master
Merged Casey requested to merge caleb/tailscale-nftables into master
  1. Mar 26, 2025
    • Casey's avatar
      systemd-services/tailscale: use nftables backend · f2e83e42
      Casey authored and Oliver Smith's avatar Oliver Smith committed 
      
The iptables frontend for nftables seems to not play nice. Since we use
nftables in postmarketOS anyway, tell tailscale to use it directly. This
fixes routing not working and the following error seen in tailscale status

- adding [-i tailscale0 -j MARK --set-mark 0x40000/0xff0000] in v4/filter/ts-forward: running [/usr/sbin/iptables -t filter -A ts-forward -i tailscale0 -j MARK --set-mark 0x40000/0xff0000 --wait]: exit status 2: Warning: Extension MARK revision 0 not supported, missing kernel module?

Signed-off-by: default avatarCaleb Connolly <caleb@postmarketos.org>
Part-of: !6344
      Unverified
      f2e83e42