extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-06-29 06:01:47 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,977 Commits 199 Branches 240 Tags
Commit Graph

1977 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Zoltan Papp
1ffa519387
[client,relay] Add QUIC support (#2962) 2025-01-15 16:28:19 +01:00
Edouard Vanbelle
e4a25b6a60
[client-android] add serial, product model, product manufacturer (#2958) 
Signed-off-by: Edouard Vanbelle <edouard.vanbelle@shadow.tech>
 2025-01-15 16:02:16 +01:00
Zoltan Papp
6a6b527f24
[relay] Code cleaning (#3074) 
- Keep message byte processing in message.go file
- Add new unit tests
 2025-01-15 16:01:08 +01:00
Viktor Liu
b34887a920
[client] Fix a panic on shutdown if dns host manager failed to initialize (#3182) 2025-01-15 13:14:46 +01:00
Viktor Liu
b9efda3ce8
[client] Disable DNS host manager for netstack mode (#3183) 2025-01-15 13:14:13 +01:00
James Hilliard
516de93627
[client] Fix gvisor.dev/gvisor commit (#3179) 
Commit b8a429915ff1 was replaced with db3d49b921f9 in gvisor project.
 2025-01-15 10:54:51 +01:00
Viktor Liu
15f0a665f8
[client] Allow ssh server on freebsd (#3170) 
* Enable ssh server on freebsd

* Fix listening in netstack mode

* Fix panic if login cmd fails

* Tidy up go mod
 2025-01-14 12:43:13 +01:00
Viktor Liu
9b5b632ff9
[client] Support non-openresolv for DNS on Linux (#3176) 2025-01-14 10:39:37 +01:00
adasauce
0c28099712
[management] enable optional zitadel configuration of a PAT (#3159) 
* [management] enable optional zitadel configuration of a PAT for service user via the ExtraConfig fields

* [management] validate both PAT and JWT configurations for zitadel
 2025-01-14 12:38:08 +03:00
Krzysztof Nazarewski (kdn)
522dd44bfa
[client] make /var/lib/netbird paths configurable (#3084) 
- NB_STATE_DIR
- NB_UNCLEAN_SHUTDOWN_RESOLV_FILE
- NB_DNS_STATE_FILE
 2025-01-13 10:15:01 +01:00
Maycon Santos
8154069e77
[misc] Skip docker step when fork PR (#3175) 2025-01-13 10:11:54 +01:00
Viktor Liu
e161a92898
[client] Update fyne dependency (#3155) 2025-01-12 16:29:25 +01:00
Bethuel Mmbaga
3fce8485bb
Enabled new network resource and router by default (#3174) 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2025-01-11 20:09:29 +01:00
Maycon Santos
1cc88a2190
[management] adjust benchmark (#3168) 2025-01-11 14:08:13 +01:00
Bethuel Mmbaga
168ea9560e
[Management] Send peer network map when SSH status is toggled (#3172) 2025-01-11 13:19:30 +01:00
Viktor Liu
f48e33b395
[client] Don't fail on v6 ops when disabled via kernel params (#3165) 2025-01-10 18:16:21 +01:00
Simon Smith
f1ed8599fc
[misc] add missing relay to docker-compose.yml.tmpl.traefik (#3163) 2025-01-10 18:16:11 +01:00
Viktor Liu
93f3e1b14b
[client] Prevent local routes in status from being overridden by updates (#3166) 2025-01-10 11:02:05 +01:00
Maycon Santos
649bfb236b
[management] Send relay credentials with turn updates (#3164) 
send relay credentials when sending turn credentials update to avoid removing servers
from clients
 2025-01-10 09:44:02 +01:00
Bethuel Mmbaga
409003b4f9
[management] Add support for disabling resources and routing peers in networks (#3154) 
* sync openapi changes

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add option to disable network resource(s)

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add network resource enabled state from api

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add option to disable network router(s)

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* fix tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Add tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* migrate old network resources and routers

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2025-01-08 19:35:57 +03:00
Simon Smith
9e6e34b42d
[misc] Upgrade go to 1.23 inn devcontainer (#3160) 2025-01-08 11:48:10 +01:00
Viktor Liu
d9905d1a57
[client] Add disable system flags (#3153) 2025-01-07 20:38:18 +01:00
Joakim Nohlgård
2bd68efc08
[relay] Handle IPv6 addresses in X-Real-IP header on relay service (#3085) 2025-01-06 17:31:35 +01:00
Viktor Liu
6848e1e128
[client] Add rootless container and fix client routes in netstack mode (#3150) 2025-01-06 14:16:31 +01:00
Viktor Liu
668aead4c8
[misc] remove outdated readme header (#3151) 2025-01-06 14:12:28 +01:00
Viktor Liu
f08605a7f1
[client] Enable network map persistence by default (#3152) 2025-01-06 14:11:43 +01:00
Bethuel Mmbaga
02a3feddb8
[management] Add MySQL Support (#3108) 
* Add mysql store support
* Add support to disable activity events recording
 2025-01-06 13:38:30 +01:00
Pascal Fischer
d9487a5749
[misc] separate integration and benchmark test workflows (#3147) 2025-01-03 15:48:31 +01:00
Pascal Fischer
cfa6d09c5e
[management] add peers benchmark (#3143) 2025-01-03 15:28:15 +01:00
Pascal Fischer
a01253c3c8
[management] add users benchmark (#3141) 2025-01-03 15:24:30 +01:00
Pascal Fischer
bc013e4888
[management] exclude self from network map if self is routing peer (#3142) 2025-01-02 18:46:28 +01:00
Pascal Fischer
782e3f8853
[management] Add integration test for the setup-keys API endpoints (#2936) 2025-01-02 13:51:01 +01:00
Maycon Santos
03fd656344
[management] Fix policy tests (#3135) 
- Add firewall rule isEqual method
- Fix tests
v0.35.2 		2024-12-31 18:45:40 +01:00
Pascal Fischer
18b049cd24
[management] remove sorting from network map generation (#3126) 2024-12-31 18:10:40 +01:00
Bethuel Mmbaga
2bdb4cb44a
[management] Preserve jwt groups when accessing API with PAT (#3128) 
* Skip JWT group sync for token-based authentication

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Add tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-12-31 18:59:37 +03:00
Viktor Liu
abbdf20f65
[client] Allow inbound rosenpass port (#3109) 2024-12-31 14:08:48 +01:00
Viktor Liu
43ef64cf67
[client] Ignore case when matching domains in handler chain (#3133) 2024-12-31 14:07:21 +01:00
Pascal Fischer
18316be09a
[management] add selfhosted metrics for networks (#3118) 2024-12-30 12:53:51 +01:00
Maycon Santos
1a623943c8
[management] Fix networks net map generation with posture checks (#3124) 2024-12-30 12:40:24 +01:00
Pascal Fischer
fbce8bb511
[management] remove ids from policy creation api (#2997) 2024-12-27 14:13:36 +01:00
Bethuel Mmbaga
445b626dc8
[management] Add missing group usage checks for network resources and routes access control (#3117) 
* Prevent deletion of groups linked to routes access control groups

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Prevent deletion of groups linked to network resource

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-12-27 14:39:34 +03:00
Viktor Liu
b3c87cb5d1
[client] Fix inbound tracking in userspace firewall (#3111) 
* Don't create state for inbound SYN

* Allow final ack in some cases

* Relax state machine test a little
v0.35.1 		2024-12-26 00:51:27 +01:00
Viktor Liu
0dbaddc7be
[client] Don't fail debug if log file is console (#3103) 2024-12-24 15:05:23 +01:00
Viktor Liu
ad9f044aad
[client] Add stateful userspace firewall and remove egress filters (#3093) 
- Add stateful firewall functionality for UDP/TCP/ICMP in userspace firewalll
- Removes all egress drop rules/filters, still needs refactoring so we don't add output rules to any chains/filters.
- on Linux, if the OUTPUT policy is DROP  then we don't do anything about it (no extra allow rules). This is up to the user, if they don't want anything leaving their machine they'll have to manage these rules explicitly.
v0.35.0 		2024-12-23 18:22:17 +01:00
Viktor Liu
05930ee6b1
[client] Add firewall rules to the debug bundle (#3089) 
Adds the following to the debug bundle:
- iptables: `iptables-save`, `iptables -v -n -L`
- nftables: `nft list ruleset` or if not available formatted output from netlink (WIP)
 2024-12-23 15:57:15 +01:00
Pascal Fischer
e670068cab
[management] Run test sequential (#3101) 2024-12-23 14:37:09 +01:00
Viktor Liu
b48cf1bf65
[client] Reduce DNS handler chain lock contention (#3099) 2024-12-21 15:56:52 +01:00
Bethuel Mmbaga
7ee7ada273
[management] Fix duplicate resource routes when routing peer is part of the source group (#3095) 
* Remove duplicate resource routes when routing peer is part of the source group

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* Add tests

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
 2024-12-20 21:10:53 +03:00
Zoltan Papp
82b4e58ad0
Do not start DNS forwarder on client side (#3094) 2024-12-20 16:20:50 +01:00
Viktor Liu
ddc365f7a0
[client, management] Add new network concept (#3047) 
---------

Co-authored-by: Pascal Fischer <32096965+pascal-fischer@users.noreply.github.com>
Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com>
 2024-12-20 11:30:28 +01:00