[client] Support random wireguard port on client (#4085)

Adds support for using a random available WireGuard port when the user specifies port `0`. - Updates `freePort` logic to bind to the requested port (including `0`) without falling back to the default. - Removes default port assignment in the configuration path, allowing `0` to propagate. - Adjusts tests to handle dynamically assigned ports when using `0`.
2025-08-15 09:42:47 +02:00 · 2025-07-02 09:01:02 +02:00
parent d9402168ad
commit 56a1a75e3f
3 changed files with 15 additions and 16 deletions
--- a/client/internal/config.go
+++ b/client/internal/config.go
@ -319,10 +319,6 @@ func (config *Config) apply(input ConfigInput) (updated bool, err error) {
 			*input.WireguardPort, config.WgPort)
 		config.WgPort = *input.WireguardPort
 		updated = true
-	} else if config.WgPort == 0 {
-		config.WgPort = iface.DefaultWgPort
-		log.Infof("using default Wireguard port %d", config.WgPort)
-		updated = true
 	}

 	if input.InterfaceName != nil && *input.InterfaceName != config.WgIface {
--- a/client/internal/connect.go
+++ b/client/internal/connect.go
@ -17,7 +17,6 @@ import (
 	"google.golang.org/grpc/codes"
 	gstatus "google.golang.org/grpc/status"

-	"github.com/netbirdio/netbird/client/iface"
 	"github.com/netbirdio/netbird/client/iface/device"
 	"github.com/netbirdio/netbird/client/internal/dns"
 	"github.com/netbirdio/netbird/client/internal/listener"
@ -526,17 +525,13 @@ func statusRecorderToSignalConnStateNotifier(statusRecorder *peer.Status) signal

 // freePort attempts to determine if the provided port is available, if not it will ask the system for a free port.
 func freePort(initPort int) (int, error) {
-	addr := net.UDPAddr{}
-	if initPort == 0 {
-		initPort = iface.DefaultWgPort
-	}
-
-	addr.Port = initPort
+	addr := net.UDPAddr{Port: initPort}

 	conn, err := net.ListenUDP("udp", &addr)
 	if err == nil {
+		returnPort := conn.LocalAddr().(*net.UDPAddr).Port
 		closeConnWithLog(conn)
-		return initPort, nil
+		return returnPort, nil
 	}

 	// if the port is already in use, ask the system for a free port
--- a/client/internal/connect_test.go
+++ b/client/internal/connect_test.go
@ -13,10 +13,10 @@ func Test_freePort(t *testing.T) {
 		shouldMatch bool
 	}{
 		{
-			name:        "not provided, fallback to default",
+			name:        "when port is 0 use random port",
 			port:        0,
-			want:        51820,
-			shouldMatch: true,
+			want:        0,
+			shouldMatch: false,
 		},
 		{
 			name:        "provided and available",
@ -31,7 +31,7 @@ func Test_freePort(t *testing.T) {
 			shouldMatch: false,
 		},
 	}
-	c1, err := net.ListenUDP("udp", &net.UDPAddr{Port: 51830})
+	c1, err := net.ListenUDP("udp", &net.UDPAddr{Port: 0})
 	if err != nil {
 		t.Errorf("freePort error = %v", err)
 	}
@ -39,6 +39,14 @@ func Test_freePort(t *testing.T) {
 		_ = c1.Close()
 	}(c1)

+	if tests[1].port == c1.LocalAddr().(*net.UDPAddr).Port {
+		tests[1].port++
+		tests[1].want++
+	}
+
+	tests[2].port = c1.LocalAddr().(*net.UDPAddr).Port
+	tests[2].want = c1.LocalAddr().(*net.UDPAddr).Port
+
 	for _, tt := range tests {

 		t.Run(tt.name, func(t *testing.T) {