From 162055e2db178312fef7b602bf7261829ee7a1b1 Mon Sep 17 00:00:00 2001
From: Frank Edwards <frank.edwards@fluentnetworks.com.au>
Date: Thu, 16 Jan 2025 09:28:42 +1000
Subject: [PATCH] 0.1.34

Migrate to nftables.
---
 Dockerfile   | 2 +-
 build.sh     | 2 +-
 tailscale.sh | 3 +++
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 9538664..e679f2e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -60,7 +60,7 @@ RUN upx /go/bin/tailscale && upx /go/bin/tailscaled
 
 FROM alpine:3.19
 
-RUN apk add --no-cache ca-certificates iptables iproute2 ip6tables bash openssh curl jq
+RUN apk add --no-cache ca-certificates nftables iproute2 bash openssh curl jq
 
 RUN ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
 RUN ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
diff --git a/build.sh b/build.sh
index 06c56ac..6eb9115 100755
--- a/build.sh
+++ b/build.sh
@@ -28,7 +28,7 @@
 #
 PLATFORM="linux/amd64"
 TAILSCALE_VERSION=1.78.1
-VERSION=0.1.33
+VERSION=0.1.34
 
 set -eu
 
diff --git a/tailscale.sh b/tailscale.sh
index 3422ac9..931ee91 100755
--- a/tailscale.sh
+++ b/tailscale.sh
@@ -38,6 +38,9 @@ if [[ -n "$STARTUP_SCRIPT" ]]; then
        bash "$STARTUP_SCRIPT" || exit $?
 fi
 
+# Flag tailscale to use nftables
+TS_DEBUG_FIREWALL_MODE=nftables
+
 # Start tailscaled and bring tailscale up
 /usr/local/bin/tailscaled ${TAILSCALED_ARGS} &
 until /usr/local/bin/tailscale up \