acls.json
配置,即可解决tailscale客户端的隔离以及客户端exit nodes无法访问的问题。原版tailscale服务提供
autogroup:internet
配置,但headscale不支持。代码: 全选
{
"acls": [
{
"action": "accept",
"src": ["bobmaster"],
"dst": [
"bobmaster:*",
"0.0.0.0/5:*",
"8.0.0.0/7:*",
"11.0.0.0/8:*",
"12.0.0.0/6:*",
"16.0.0.0/4:*",
"32.0.0.0/3:*",
"64.0.0.0/3:*",
"96.0.0.0/6:*",
"100.0.0.0/10:*",
"100.128.0.0/9:*",
"101.0.0.0/8:*",
"102.0.0.0/7:*",
"104.0.0.0/5:*",
"112.0.0.0/5:*",
"120.0.0.0/6:*",
"124.0.0.0/7:*",
"126.0.0.0/8:*",
"128.0.0.0/3:*",
"160.0.0.0/5:*",
"168.0.0.0/6:*",
"172.0.0.0/12:*",
"172.32.0.0/11:*",
"172.64.0.0/10:*",
"172.128.0.0/9:*",
"173.0.0.0/8:*",
"174.0.0.0/7:*",
"176.0.0.0/4:*",
"192.0.0.0/9:*",
"192.128.0.0/11:*",
"192.160.0.0/13:*",
"192.169.0.0/16:*",
"192.170.0.0/15:*",
"192.172.0.0/14:*",
"192.176.0.0/12:*",
"192.192.0.0/10:*",
"193.0.0.0/8:*",
"194.0.0.0/7:*",
"196.0.0.0/6:*",
"200.0.0.0/5:*",
"208.0.0.0/4:*"
]
}
]
}