* Add method to retrieve peer's applied posture checks
* Add posture checks in server response and update proto messages
* Refactor
* Extends peer metadata synchronization through SyncRequest and propagate posture changes on syncResponse
* Remove account lock
* Pass system info on sync
* Fix tests
* Refactor
* resolve merge
* Evaluate process check on client (#1749)
* implement server and client sync peer meta alongside mocks
* wip: add check file and process
* Add files to peer metadata for process check
* wip: update peer meta on first sync
* Add files to peer's metadata
* Evaluate process check using files from peer metadata
* Fix panic and append windows path to files
* Fix check network address and files equality
* Evaluate active process on darwin
* Evaluate active process on linux
* Skip processing processes if no paths are set
* Return network map on peer meta-sync and update account peer's
* Update client network map on meta sync
* Get system info with applied checks
* Add windows package
* Remove a network map from sync meta-response
* Update checks proto message
* Keep client checks state and sync meta on checks change
* Evaluate a running process
* skip build for android and ios
* skip check file and process for android and ios
* bump gopsutil version
* fix tests
* move process check to separate os file
* refactor
* evaluate info with checks on receiving management events
* skip meta-update for an old client with no meta-sync support
* Check if peer meta is empty without reflection
All routes are now installed in a custom netbird routing table.
Management and wireguard traffic is now marked with a custom fwmark.
When the mark is present the traffic is routed via the main routing table, bypassing the VPN.
When the mark is absent the traffic is routed via the netbird routing table, if:
- there's no match in the main routing table
- it would match the default route in the routing table
IPv6 traffic is blocked when a default route IPv4 route is configured to avoid leakage.
This fixes the "Invite User" button in Dashboard v2.0.0
and enables the usage of the --user-delete-from-idp flag for Zitadel.
Unlike the NetBird SaaS solution, we rely on Zitadel to send
the emails on our behalf.
