mirror of
https://github.com/Control-D-Inc/ctrld.git
synced 2026-05-27 12:52:27 +02:00
Codescribe
1735d3d55b
When WFP loopback protect is active, the upstream.os healthcheck will always fail because an external WFP block filter is interfering with plain DNS. This demotes those expected failures to debug level and returns errOsHealthcheckSuppressed so the recovery loop treats them as non-fatal, eliminating the log spam described in #526.
44 lines
1.3 KiB
Go
44 lines
1.3 KiB
Go
//go:build !windows && !darwin
|
|
|
|
package cli
|
|
|
|
import (
|
|
"fmt"
|
|
)
|
|
|
|
// startDNSIntercept is not supported on this platform.
|
|
// DNS intercept mode is only available on Windows (via WFP) and macOS (via pf).
|
|
func (p *prog) startDNSIntercept() error {
|
|
return fmt.Errorf("dns intercept: not supported on this platform (only Windows and macOS)")
|
|
}
|
|
|
|
// stopDNSIntercept is a no-op on unsupported platforms.
|
|
func (p *prog) stopDNSIntercept() error {
|
|
return nil
|
|
}
|
|
|
|
// exemptVPNDNSServers is a no-op on unsupported platforms.
|
|
func (p *prog) exemptVPNDNSServers(exemptions []vpnDNSExemption) error {
|
|
return nil
|
|
}
|
|
|
|
// ensurePFAnchorActive is a no-op on unsupported platforms.
|
|
func (p *prog) ensurePFAnchorActive() bool {
|
|
return false
|
|
}
|
|
|
|
// checkTunnelInterfaceChanges is a no-op on unsupported platforms.
|
|
func (p *prog) checkTunnelInterfaceChanges() bool {
|
|
return false
|
|
}
|
|
|
|
// scheduleDelayedRechecks is a no-op on unsupported platforms.
|
|
func (p *prog) scheduleDelayedRechecks() {}
|
|
|
|
// pfInterceptMonitor is a no-op on unsupported platforms.
|
|
func (p *prog) pfInterceptMonitor() {}
|
|
|
|
// osHealthcheckSuppressed always returns false on non-Windows platforms —
|
|
// WFP loopback protect (the trigger for suppression) is Windows-only.
|
|
func (p *prog) osHealthcheckSuppressed() bool { return false }
|