Update dependencies

vendor/tailscale.com/net/routetable/routetable.go

@@ -0,0 +1,152 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+// Package routetable provides functions that operate on the system's route
+// table.
+package routetable
+
+import (
+	"bufio"
+	"fmt"
+	"net/netip"
+	"strconv"
+
+	"tailscale.com/types/logger"
+)
+
+var (
+	//lint:ignore U1000 used in routetable_linux_test.go and routetable_bsd_test.go
+	defaultRouteIPv4 = RouteDestination{Prefix: netip.PrefixFrom(netip.IPv4Unspecified(), 0)}
+	//lint:ignore U1000 used in routetable_bsd_test.go
+	defaultRouteIPv6 = RouteDestination{Prefix: netip.PrefixFrom(netip.IPv6Unspecified(), 0)}
+)
+
+// RouteEntry contains common cross-platform fields describing an entry in the
+// system route table.
+type RouteEntry struct {
+	// Family is the IP family of the route; it will be either 4 or 6.
+	Family int
+	// Type is the type of this route.
+	Type RouteType
+	// Dst is the destination of the route.
+	Dst RouteDestination
+	// Gatewayis the gateway address specified for this route.
+	// This value will be invalid (where !r.Gateway.IsValid()) in cases
+	// where there is no gateway address for this route.
+	Gateway netip.Addr
+	// Interface is the name of the network interface to use when sending
+	// packets that match this route. This field can be empty.
+	Interface string
+	// Sys contains platform-specific information about this route.
+	Sys any
+}
+
+// Format implements the fmt.Formatter interface.
+func (r RouteEntry) Format(f fmt.State, verb rune) {
+	logger.ArgWriter(func(w *bufio.Writer) {
+		switch r.Family {
+		case 4:
+			fmt.Fprintf(w, "{Family: IPv4")
+		case 6:
+			fmt.Fprintf(w, "{Family: IPv6")
+		default:
+			fmt.Fprintf(w, "{Family: unknown(%d)", r.Family)
+		}
+
+		// Match 'ip route' and other tools by not printing the route
+		// type if it's a unicast route.
+		if r.Type != RouteTypeUnicast {
+			fmt.Fprintf(w, ", Type: %s", r.Type)
+		}
+
+		if r.Dst.IsValid() {
+			fmt.Fprintf(w, ", Dst: %s", r.Dst)
+		} else {
+			w.WriteString(", Dst: invalid")
+		}
+
+		if r.Gateway.IsValid() {
+			fmt.Fprintf(w, ", Gateway: %s", r.Gateway)
+		}
+
+		if r.Interface != "" {
+			fmt.Fprintf(w, ", Interface: %s", r.Interface)
+		}
+
+		if r.Sys != nil {
+			var formatVerb string
+			switch {
+			case f.Flag('#'):
+				formatVerb = "%#v"
+			case f.Flag('+'):
+				formatVerb = "%+v"
+			default:
+				formatVerb = "%v"
+			}
+			fmt.Fprintf(w, ", Sys: "+formatVerb, r.Sys)
+		}
+
+		w.WriteString("}")
+	}).Format(f, verb)
+}
+
+// RouteDestination is the destination of a route.
+//
+// This is similar to net/netip.Prefix, but also contains an optional IPv6
+// zone.
+type RouteDestination struct {
+	netip.Prefix
+	Zone string
+}
+
+func (r RouteDestination) String() string {
+	ip := r.Prefix.Addr()
+	if r.Zone != "" {
+		ip = ip.WithZone(r.Zone)
+	}
+	return ip.String() + "/" + strconv.Itoa(r.Prefix.Bits())
+}
+
+// RouteType describes the type of a route.
+type RouteType int
+
+const (
+	// RouteTypeUnspecified is the unspecified route type.
+	RouteTypeUnspecified RouteType = iota
+	// RouteTypeLocal indicates that the destination of this route is an
+	// address that belongs to this system.
+	RouteTypeLocal
+	// RouteTypeUnicast indicates that the destination of this route is a
+	// "regular" address--one that neither belongs to this host, nor is a
+	// broadcast/multicast/etc. address.
+	RouteTypeUnicast
+	// RouteTypeBroadcast indicates that the destination of this route is a
+	// broadcast address.
+	RouteTypeBroadcast
+	// RouteTypeMulticast indicates that the destination of this route is a
+	// multicast address.
+	RouteTypeMulticast
+	// RouteTypeOther indicates that the route is of some other valid type;
+	// see the Sys field for the OS-provided route information to determine
+	// the exact type.
+	RouteTypeOther
+)
+
+func (r RouteType) String() string {
+	switch r {
+	case RouteTypeUnspecified:
+		return "unspecified"
+	case RouteTypeLocal:
+		return "local"
+	case RouteTypeUnicast:
+		return "unicast"
+	case RouteTypeBroadcast:
+		return "broadcast"
+	case RouteTypeMulticast:
+		return "multicast"
+	case RouteTypeOther:
+		return "other"
+	default:
+		return "invalid"
+	}
+}

vendor/tailscale.com/net/routetable/routetable_bsd.go

@@ -0,0 +1,293 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build darwin || freebsd
+
+package routetable
+
+import (
+	"bufio"
+	"fmt"
+	"net"
+	"net/netip"
+	"runtime"
+	"sort"
+	"strings"
+	"syscall"
+
+	"golang.org/x/net/route"
+	"golang.org/x/sys/unix"
+	"tailscale.com/net/netmon"
+	"tailscale.com/types/logger"
+)
+
+type RouteEntryBSD struct {
+	// GatewayInterface is the name of the interface specified as a gateway
+	// for this route, if any.
+	GatewayInterface string
+	// GatewayIdx is the index of the interface specified as a gateway for
+	// this route, if any.
+	GatewayIdx int
+	// GatewayAddr is the link-layer address of the gateway for this route,
+	// if any.
+	GatewayAddr string
+	// Flags contains a string representation of common flags for this
+	// route.
+	Flags []string
+	// RawFlags contains the raw flags that were returned by the operating
+	// system for this route.
+	RawFlags int
+}
+
+// Format implements the fmt.Formatter interface.
+func (r RouteEntryBSD) Format(f fmt.State, verb rune) {
+	logger.ArgWriter(func(w *bufio.Writer) {
+		var pstart bool
+		pr := func(format string, args ...any) {
+			if pstart {
+				fmt.Fprintf(w, ", "+format, args...)
+			} else {
+				fmt.Fprintf(w, format, args...)
+				pstart = true
+			}
+		}
+
+		w.WriteString("{")
+		if r.GatewayInterface != "" {
+			pr("GatewayInterface: %s", r.GatewayInterface)
+		}
+		if r.GatewayIdx > 0 {
+			pr("GatewayIdx: %d", r.GatewayIdx)
+		}
+		if r.GatewayAddr != "" {
+			pr("GatewayAddr: %s", r.GatewayAddr)
+		}
+		pr("Flags: %v", r.Flags)
+
+		unknownFlags := r.RawFlags
+		for fv := range flags {
+			if r.RawFlags&fv == fv {
+				unknownFlags &= ^fv
+			}
+		}
+		if unknownFlags != 0 {
+			pr("UnknownFlags: %x ", unknownFlags)
+		}
+
+		w.WriteString("}")
+	}).Format(f, verb)
+}
+
+// ipFromRMAddr returns a netip.Addr converted from one of the
+// route.Inet{4,6}Addr types.
+func ipFromRMAddr(ifs map[int]netmon.Interface, addr any) netip.Addr {
+	switch v := addr.(type) {
+	case *route.Inet4Addr:
+		return netip.AddrFrom4(v.IP)
+
+	case *route.Inet6Addr:
+		ip := netip.AddrFrom16(v.IP)
+		if v.ZoneID != 0 {
+			if iif, ok := ifs[v.ZoneID]; ok {
+				ip = ip.WithZone(iif.Name)
+			} else {
+				ip = ip.WithZone(fmt.Sprint(v.ZoneID))
+			}
+		}
+
+		return ip
+	}
+
+	return netip.Addr{}
+}
+
+// populateGateway populates gateway fields on a RouteEntry/RouteEntryBSD.
+func populateGateway(re *RouteEntry, reSys *RouteEntryBSD, ifs map[int]netmon.Interface, addr any) {
+	// If the address type has a valid IP, use that.
+	if ip := ipFromRMAddr(ifs, addr); ip.IsValid() {
+		re.Gateway = ip
+		return
+	}
+
+	switch v := addr.(type) {
+	case *route.LinkAddr:
+		reSys.GatewayIdx = v.Index
+		if iif, ok := ifs[v.Index]; ok {
+			reSys.GatewayInterface = iif.Name
+		}
+		var sb strings.Builder
+		for i, x := range v.Addr {
+			if i != 0 {
+				sb.WriteByte(':')
+			}
+			fmt.Fprintf(&sb, "%02x", x)
+		}
+		reSys.GatewayAddr = sb.String()
+	}
+}
+
+// populateDestination populates the 'Dst' field on a RouteEntry based on the
+// RouteMessage's destination and netmask fields.
+func populateDestination(re *RouteEntry, ifs map[int]netmon.Interface, rm *route.RouteMessage) {
+	dst := rm.Addrs[unix.RTAX_DST]
+	if dst == nil {
+		return
+	}
+
+	ip := ipFromRMAddr(ifs, dst)
+	if !ip.IsValid() {
+		return
+	}
+
+	if ip.Is4() {
+		re.Family = 4
+	} else {
+		re.Family = 6
+	}
+	re.Dst = RouteDestination{
+		Prefix: netip.PrefixFrom(ip, 32), // default if nothing more specific
+	}
+
+	// If the RTF_HOST flag is set, then this is a host route and there's
+	// no netmask in this RouteMessage.
+	if rm.Flags&unix.RTF_HOST != 0 {
+		return
+	}
+
+	// As above if there's no netmask in the list of addrs
+	if len(rm.Addrs) < unix.RTAX_NETMASK || rm.Addrs[unix.RTAX_NETMASK] == nil {
+		return
+	}
+
+	nm := ipFromRMAddr(ifs, rm.Addrs[unix.RTAX_NETMASK])
+	if !ip.IsValid() {
+		return
+	}
+
+	// Count the number of bits in the netmask IP and use that to make our prefix.
+	ones, _ /* bits */ := net.IPMask(nm.AsSlice()).Size()
+
+	// Print this ourselves instead of using netip.Prefix so that we don't
+	// lose the zone (since netip.Prefix strips that).
+	//
+	// NOTE(andrew): this doesn't print the same values as the 'netstat' tool
+	// for some addresses on macOS, and I have no idea why. Specifically,
+	// 'netstat -rn' will show something like:
+	//    ff00::/8   ::1      UmCI     lo0
+	//
+	// But we will get:
+	//    destination=ff00::/40 [...]
+	//
+	// The netmask that we get back from FetchRIB has 32 more bits in it
+	// than netstat prints, but only for multicast routes.
+	//
+	// For consistency's sake, we're going to do the same here so that we
+	// get the same values as netstat returns.
+	if runtime.GOOS == "darwin" && ip.Is6() && ip.IsMulticast() && ones > 32 {
+		ones -= 32
+	}
+	re.Dst = RouteDestination{
+		Prefix: netip.PrefixFrom(ip, ones),
+		Zone:   ip.Zone(),
+	}
+}
+
+// routeEntryFromMsg returns a RouteEntry from a single route.Message
+// returned by the operating system.
+func routeEntryFromMsg(ifsByIdx map[int]netmon.Interface, msg route.Message) (RouteEntry, bool) {
+	rm, ok := msg.(*route.RouteMessage)
+	if !ok {
+		return RouteEntry{}, false
+	}
+
+	// Ignore things that we don't understand
+	if rm.Version < 3 || rm.Version > 5 {
+		return RouteEntry{}, false
+	}
+	if rm.Type != rmExpectedType {
+		return RouteEntry{}, false
+	}
+	if len(rm.Addrs) < unix.RTAX_GATEWAY {
+		return RouteEntry{}, false
+	}
+
+	if rm.Flags&skipFlags != 0 {
+		return RouteEntry{}, false
+	}
+
+	reSys := RouteEntryBSD{
+		RawFlags: rm.Flags,
+	}
+	for fv, fs := range flags {
+		if rm.Flags&fv == fv {
+			reSys.Flags = append(reSys.Flags, fs)
+		}
+	}
+	sort.Strings(reSys.Flags)
+
+	re := RouteEntry{}
+	hasFlag := func(f int) bool { return rm.Flags&f != 0 }
+	switch {
+	case hasFlag(unix.RTF_LOCAL):
+		re.Type = RouteTypeLocal
+	case hasFlag(unix.RTF_BROADCAST):
+		re.Type = RouteTypeBroadcast
+	case hasFlag(unix.RTF_MULTICAST):
+		re.Type = RouteTypeMulticast
+
+	// From the manpage: "host entry (net otherwise)"
+	case !hasFlag(unix.RTF_HOST):
+		re.Type = RouteTypeUnicast
+
+	default:
+		re.Type = RouteTypeOther
+	}
+	populateDestination(&re, ifsByIdx, rm)
+	if unix.RTAX_GATEWAY < len(rm.Addrs) {
+		populateGateway(&re, &reSys, ifsByIdx, rm.Addrs[unix.RTAX_GATEWAY])
+	}
+
+	if outif, ok := ifsByIdx[rm.Index]; ok {
+		re.Interface = outif.Name
+	}
+
+	re.Sys = reSys
+	return re, true
+}
+
+// Get returns route entries from the system route table, limited to at most
+// 'max' results.
+func Get(max int) ([]RouteEntry, error) {
+	// Fetching the list of interfaces can race with fetching our route
+	// table, but we do it anyway since it's helpful for debugging.
+	ifs, err := netmon.GetInterfaceList()
+	if err != nil {
+		return nil, err
+	}
+
+	ifsByIdx := make(map[int]netmon.Interface)
+	for _, iif := range ifs {
+		ifsByIdx[iif.Index] = iif
+	}
+
+	rib, err := route.FetchRIB(syscall.AF_UNSPEC, ribType, 0)
+	if err != nil {
+		return nil, err
+	}
+	msgs, err := route.ParseRIB(parseType, rib)
+	if err != nil {
+		return nil, err
+	}
+
+	var ret []RouteEntry
+	for _, m := range msgs {
+		re, ok := routeEntryFromMsg(ifsByIdx, m)
+		if ok {
+			ret = append(ret, re)
+			if len(ret) == max {
+				break
+			}
+		}
+	}
+	return ret, nil
+}

vendor/tailscale.com/net/routetable/routetable_darwin.go

@@ -0,0 +1,36 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build darwin
+
+package routetable
+
+import "golang.org/x/sys/unix"
+
+const (
+	ribType        = unix.NET_RT_DUMP2
+	parseType      = unix.NET_RT_IFLIST2
+	rmExpectedType = unix.RTM_GET2
+
+	// Skip routes that were cloned from a parent
+	skipFlags = unix.RTF_WASCLONED
+)
+
+var flags = map[int]string{
+	unix.RTF_BLACKHOLE: "blackhole",
+	unix.RTF_BROADCAST: "broadcast",
+	unix.RTF_GATEWAY:   "gateway",
+	unix.RTF_GLOBAL:    "global",
+	unix.RTF_HOST:      "host",
+	unix.RTF_IFSCOPE:   "ifscope",
+	unix.RTF_LOCAL:     "local",
+	unix.RTF_MULTICAST: "multicast",
+	unix.RTF_REJECT:    "reject",
+	unix.RTF_ROUTER:    "router",
+	unix.RTF_STATIC:    "static",
+	unix.RTF_UP:        "up",
+	// More obscure flags, just to have full coverage.
+	unix.RTF_LLINFO:    "{RTF_LLINFO}",
+	unix.RTF_PRCLONING: "{RTF_PRCLONING}",
+	unix.RTF_CLONING:   "{RTF_CLONING}",
+}

vendor/tailscale.com/net/routetable/routetable_freebsd.go

@@ -0,0 +1,28 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build freebsd
+
+package routetable
+
+import "golang.org/x/sys/unix"
+
+const (
+	ribType        = unix.NET_RT_DUMP
+	parseType      = unix.NET_RT_IFLIST
+	rmExpectedType = unix.RTM_GET
+
+	// Nothing to skip
+	skipFlags = 0
+)
+
+var flags = map[int]string{
+	unix.RTF_BLACKHOLE: "blackhole",
+	unix.RTF_BROADCAST: "broadcast",
+	unix.RTF_GATEWAY:   "gateway",
+	unix.RTF_HOST:      "host",
+	unix.RTF_MULTICAST: "multicast",
+	unix.RTF_REJECT:    "reject",
+	unix.RTF_STATIC:    "static",
+	unix.RTF_UP:        "up",
+}

vendor/tailscale.com/net/routetable/routetable_linux.go

@@ -0,0 +1,229 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build linux
+
+package routetable
+
+import (
+	"bufio"
+	"fmt"
+	"net/netip"
+	"strconv"
+
+	"github.com/tailscale/netlink"
+	"golang.org/x/sys/unix"
+	"tailscale.com/net/netaddr"
+	"tailscale.com/net/netmon"
+	"tailscale.com/types/logger"
+)
+
+// RouteEntryLinux is the structure that makes up the Sys field of the
+// RouteEntry structure.
+type RouteEntryLinux struct {
+	// Type is the raw type of the route.
+	Type int
+	// Table is the routing table index of this route.
+	Table int
+	// Src is the source of the route (if any).
+	Src netip.Addr
+	// Proto describes the source of the route--i.e. what caused this route
+	// to be added to the route table.
+	Proto netlink.RouteProtocol
+	// Priority is the route's priority.
+	Priority int
+	// Scope is the route's scope.
+	Scope int
+	// InputInterfaceIdx is the input interface index.
+	InputInterfaceIdx int
+	// InputInterfaceName is the input interface name (if available).
+	InputInterfaceName string
+}
+
+// Format implements the fmt.Formatter interface.
+func (r RouteEntryLinux) Format(f fmt.State, verb rune) {
+	logger.ArgWriter(func(w *bufio.Writer) {
+		// TODO(andrew): should we skip printing anything if type is unicast?
+		fmt.Fprintf(w, "{Type: %s", r.TypeName())
+
+		// Match 'ip route' behaviour when printing these fields
+		if r.Table != unix.RT_TABLE_MAIN {
+			fmt.Fprintf(w, ", Table: %s", r.TableName())
+		}
+		if r.Proto != unix.RTPROT_BOOT {
+			fmt.Fprintf(w, ", Proto: %s", r.Proto)
+		}
+
+		if r.Src.IsValid() {
+			fmt.Fprintf(w, ", Src: %s", r.Src)
+		}
+		if r.Priority != 0 {
+			fmt.Fprintf(w, ", Priority: %d", r.Priority)
+		}
+		if r.Scope != unix.RT_SCOPE_UNIVERSE {
+			fmt.Fprintf(w, ", Scope: %s", r.ScopeName())
+		}
+		if r.InputInterfaceName != "" {
+			fmt.Fprintf(w, ", InputInterfaceName: %s", r.InputInterfaceName)
+		} else if r.InputInterfaceIdx != 0 {
+			fmt.Fprintf(w, ", InputInterfaceIdx: %d", r.InputInterfaceIdx)
+		}
+		w.WriteString("}")
+	}).Format(f, verb)
+}
+
+// TypeName returns the string representation of this route's Type.
+func (r RouteEntryLinux) TypeName() string {
+	switch r.Type {
+	case unix.RTN_UNSPEC:
+		return "none"
+	case unix.RTN_UNICAST:
+		return "unicast"
+	case unix.RTN_LOCAL:
+		return "local"
+	case unix.RTN_BROADCAST:
+		return "broadcast"
+	case unix.RTN_ANYCAST:
+		return "anycast"
+	case unix.RTN_MULTICAST:
+		return "multicast"
+	case unix.RTN_BLACKHOLE:
+		return "blackhole"
+	case unix.RTN_UNREACHABLE:
+		return "unreachable"
+	case unix.RTN_PROHIBIT:
+		return "prohibit"
+	case unix.RTN_THROW:
+		return "throw"
+	case unix.RTN_NAT:
+		return "nat"
+	case unix.RTN_XRESOLVE:
+		return "xresolve"
+	default:
+		return strconv.Itoa(r.Type)
+	}
+}
+
+// TableName returns the string representation of this route's Table.
+func (r RouteEntryLinux) TableName() string {
+	switch r.Table {
+	case unix.RT_TABLE_DEFAULT:
+		return "default"
+	case unix.RT_TABLE_MAIN:
+		return "main"
+	case unix.RT_TABLE_LOCAL:
+		return "local"
+	default:
+		return strconv.Itoa(r.Table)
+	}
+}
+
+// ScopeName returns the string representation of this route's Scope.
+func (r RouteEntryLinux) ScopeName() string {
+	switch r.Scope {
+	case unix.RT_SCOPE_UNIVERSE:
+		return "global"
+	case unix.RT_SCOPE_NOWHERE:
+		return "nowhere"
+	case unix.RT_SCOPE_HOST:
+		return "host"
+	case unix.RT_SCOPE_LINK:
+		return "link"
+	case unix.RT_SCOPE_SITE:
+		return "site"
+	default:
+		return strconv.Itoa(r.Scope)
+	}
+}
+
+// Get returns route entries from the system route table, limited to at most
+// max results.
+func Get(max int) ([]RouteEntry, error) {
+	// Fetching the list of interfaces can race with fetching our route
+	// table, but we do it anyway since it's helpful for debugging.
+	ifs, err := netmon.GetInterfaceList()
+	if err != nil {
+		return nil, err
+	}
+
+	ifsByIdx := make(map[int]netmon.Interface)
+	for _, iif := range ifs {
+		ifsByIdx[iif.Index] = iif
+	}
+
+	filter := &netlink.Route{}
+	routes, err := netlink.RouteListFiltered(netlink.FAMILY_ALL, filter, netlink.RT_FILTER_TABLE)
+	if err != nil {
+		return nil, err
+	}
+
+	var ret []RouteEntry
+	for _, route := range routes {
+		if route.Family != netlink.FAMILY_V4 && route.Family != netlink.FAMILY_V6 {
+			continue
+		}
+
+		re := RouteEntry{}
+		if route.Family == netlink.FAMILY_V4 {
+			re.Family = 4
+		} else {
+			re.Family = 6
+		}
+		switch route.Type {
+		case unix.RTN_UNSPEC:
+			re.Type = RouteTypeUnspecified
+		case unix.RTN_UNICAST:
+			re.Type = RouteTypeUnicast
+		case unix.RTN_LOCAL:
+			re.Type = RouteTypeLocal
+		case unix.RTN_BROADCAST:
+			re.Type = RouteTypeBroadcast
+		case unix.RTN_MULTICAST:
+			re.Type = RouteTypeMulticast
+		default:
+			re.Type = RouteTypeOther
+		}
+		if route.Dst != nil {
+			if d, ok := netaddr.FromStdIPNet(route.Dst); ok {
+				re.Dst = RouteDestination{Prefix: d}
+			}
+		} else if route.Family == netlink.FAMILY_V4 {
+			re.Dst = RouteDestination{Prefix: netip.PrefixFrom(netip.IPv4Unspecified(), 0)}
+		} else {
+			re.Dst = RouteDestination{Prefix: netip.PrefixFrom(netip.IPv6Unspecified(), 0)}
+		}
+		if gw := route.Gw; gw != nil {
+			if gwa, ok := netip.AddrFromSlice(gw); ok {
+				re.Gateway = gwa
+			}
+		}
+		if outif, ok := ifsByIdx[route.LinkIndex]; ok {
+			re.Interface = outif.Name
+		} else if route.LinkIndex > 0 {
+			re.Interface = fmt.Sprintf("link#%d", route.LinkIndex)
+		}
+		reSys := RouteEntryLinux{
+			Type:              route.Type,
+			Table:             route.Table,
+			Proto:             route.Protocol,
+			Priority:          route.Priority,
+			Scope:             int(route.Scope),
+			InputInterfaceIdx: route.ILinkIndex,
+		}
+		if src, ok := netip.AddrFromSlice(route.Src); ok {
+			reSys.Src = src
+		}
+		if iif, ok := ifsByIdx[route.ILinkIndex]; ok {
+			reSys.InputInterfaceName = iif.Name
+		}
+
+		re.Sys = reSys
+		ret = append(ret, re)
+
+		// Stop after we've reached the maximum number of routes
+		if len(ret) == max {
+			break
+		}
+	}
+	return ret, nil
+}

vendor/tailscale.com/net/routetable/routetable_other.go

@@ -0,0 +1,17 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !linux && !darwin && !freebsd
+
+package routetable
+
+import (
+	"errors"
+	"runtime"
+)
+
+var errUnsupported = errors.New("cannot get route table on platform " + runtime.GOOS)
+
+func Get(max int) ([]RouteEntry, error) {
+	return nil, errUnsupported
+}