1ffa519387
[client,relay] Add QUIC support ( #2962 )
2025-01-15 16:28:19 +01:00
e4a25b6a60
[client-android] add serial, product model, product manufacturer ( #2958 )
...
Signed-off-by: Edouard Vanbelle <edouard.vanbelle@shadow.tech >
2025-01-15 16:02:16 +01:00
6a6b527f24
[relay] Code cleaning ( #3074 )
...
- Keep message byte processing in message.go file
- Add new unit tests
2025-01-15 16:01:08 +01:00
b34887a920
[client] Fix a panic on shutdown if dns host manager failed to initialize ( #3182 )
2025-01-15 13:14:46 +01:00
b9efda3ce8
[client] Disable DNS host manager for netstack mode ( #3183 )
2025-01-15 13:14:13 +01:00
516de93627
[client] Fix gvisor.dev/gvisor commit ( #3179 )
...
Commit b8a429915ff1 was replaced with db3d49b921f9 in gvisor project.
2025-01-15 10:54:51 +01:00
15f0a665f8
[client] Allow ssh server on freebsd ( #3170 )
...
* Enable ssh server on freebsd
* Fix listening in netstack mode
* Fix panic if login cmd fails
* Tidy up go mod
2025-01-14 12:43:13 +01:00
9b5b632ff9
[client] Support non-openresolv for DNS on Linux ( #3176 )
2025-01-14 10:39:37 +01:00
0c28099712
[management] enable optional zitadel configuration of a PAT ( #3159 )
...
* [management] enable optional zitadel configuration of a PAT for service user via the ExtraConfig fields
* [management] validate both PAT and JWT configurations for zitadel
2025-01-14 12:38:08 +03:00
522dd44bfa
[client] make /var/lib/netbird paths configurable ( #3084 )
...
- NB_STATE_DIR
- NB_UNCLEAN_SHUTDOWN_RESOLV_FILE
- NB_DNS_STATE_FILE
2025-01-13 10:15:01 +01:00
8154069e77
[misc] Skip docker step when fork PR ( #3175 )
2025-01-13 10:11:54 +01:00
e161a92898
[client] Update fyne dependency ( #3155 )
2025-01-12 16:29:25 +01:00
3fce8485bb
Enabled new network resource and router by default ( #3174 )
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2025-01-11 20:09:29 +01:00
1cc88a2190
[management] adjust benchmark ( #3168 )
2025-01-11 14:08:13 +01:00
168ea9560e
[Management] Send peer network map when SSH status is toggled ( #3172 )
2025-01-11 13:19:30 +01:00
f48e33b395
[client] Don't fail on v6 ops when disabled via kernel params ( #3165 )
2025-01-10 18:16:21 +01:00
f1ed8599fc
[misc] add missing relay to docker-compose.yml.tmpl.traefik ( #3163 )
2025-01-10 18:16:11 +01:00
93f3e1b14b
[client] Prevent local routes in status from being overridden by updates ( #3166 )
2025-01-10 11:02:05 +01:00
649bfb236b
[management] Send relay credentials with turn updates ( #3164 )
...
send relay credentials when sending turn credentials update to avoid removing servers
from clients
2025-01-10 09:44:02 +01:00
409003b4f9
[management] Add support for disabling resources and routing peers in networks ( #3154 )
...
* sync openapi changes
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add option to disable network resource(s)
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add network resource enabled state from api
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* add option to disable network router(s)
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* fix tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Add tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* migrate old network resources and routers
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2025-01-08 19:35:57 +03:00
9e6e34b42d
[misc] Upgrade go to 1.23 inn devcontainer ( #3160 )
2025-01-08 11:48:10 +01:00
d9905d1a57
[client] Add disable system flags ( #3153 )
2025-01-07 20:38:18 +01:00
2bd68efc08
[relay] Handle IPv6 addresses in X-Real-IP header on relay service ( #3085 )
2025-01-06 17:31:35 +01:00
6848e1e128
[client] Add rootless container and fix client routes in netstack mode ( #3150 )
2025-01-06 14:16:31 +01:00
668aead4c8
[misc] remove outdated readme header ( #3151 )
2025-01-06 14:12:28 +01:00
f08605a7f1
[client] Enable network map persistence by default ( #3152 )
2025-01-06 14:11:43 +01:00
02a3feddb8
[management] Add MySQL Support ( #3108 )
...
* Add mysql store support
* Add support to disable activity events recording
2025-01-06 13:38:30 +01:00
d9487a5749
[misc] separate integration and benchmark test workflows ( #3147 )
2025-01-03 15:48:31 +01:00
cfa6d09c5e
[management] add peers benchmark ( #3143 )
2025-01-03 15:28:15 +01:00
a01253c3c8
[management] add users benchmark ( #3141 )
2025-01-03 15:24:30 +01:00
bc013e4888
[management] exclude self from network map if self is routing peer ( #3142 )
2025-01-02 18:46:28 +01:00
782e3f8853
[management] Add integration test for the setup-keys API endpoints ( #2936 )
2025-01-02 13:51:01 +01:00
03fd656344
[management] Fix policy tests ( #3135 )
...
- Add firewall rule isEqual method
- Fix tests
2024-12-31 18:45:40 +01:00
18b049cd24
[management] remove sorting from network map generation ( #3126 )
2024-12-31 18:10:40 +01:00
2bdb4cb44a
[management] Preserve jwt groups when accessing API with PAT ( #3128 )
...
* Skip JWT group sync for token-based authentication
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Add tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-12-31 18:59:37 +03:00
abbdf20f65
[client] Allow inbound rosenpass port ( #3109 )
2024-12-31 14:08:48 +01:00
43ef64cf67
[client] Ignore case when matching domains in handler chain ( #3133 )
2024-12-31 14:07:21 +01:00
18316be09a
[management] add selfhosted metrics for networks ( #3118 )
2024-12-30 12:53:51 +01:00
1a623943c8
[management] Fix networks net map generation with posture checks ( #3124 )
2024-12-30 12:40:24 +01:00
fbce8bb511
[management] remove ids from policy creation api ( #2997 )
2024-12-27 14:13:36 +01:00
445b626dc8
[management] Add missing group usage checks for network resources and routes access control ( #3117 )
...
* Prevent deletion of groups linked to routes access control groups
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Prevent deletion of groups linked to network resource
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-12-27 14:39:34 +03:00
b3c87cb5d1
[client] Fix inbound tracking in userspace firewall ( #3111 )
...
* Don't create state for inbound SYN
* Allow final ack in some cases
* Relax state machine test a little
2024-12-26 00:51:27 +01:00
0dbaddc7be
[client] Don't fail debug if log file is console ( #3103 )
2024-12-24 15:05:23 +01:00
ad9f044aad
[client] Add stateful userspace firewall and remove egress filters ( #3093 )
...
- Add stateful firewall functionality for UDP/TCP/ICMP in userspace firewalll
- Removes all egress drop rules/filters, still needs refactoring so we don't add output rules to any chains/filters.
- on Linux, if the OUTPUT policy is DROP then we don't do anything about it (no extra allow rules). This is up to the user, if they don't want anything leaving their machine they'll have to manage these rules explicitly.
2024-12-23 18:22:17 +01:00
05930ee6b1
[client] Add firewall rules to the debug bundle ( #3089 )
...
Adds the following to the debug bundle:
- iptables: `iptables-save`, `iptables -v -n -L`
- nftables: `nft list ruleset` or if not available formatted output from netlink (WIP)
2024-12-23 15:57:15 +01:00
e670068cab
[management] Run test sequential ( #3101 )
2024-12-23 14:37:09 +01:00
b48cf1bf65
[client] Reduce DNS handler chain lock contention ( #3099 )
2024-12-21 15:56:52 +01:00
7ee7ada273
[management] Fix duplicate resource routes when routing peer is part of the source group ( #3095 )
...
* Remove duplicate resource routes when routing peer is part of the source group
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
* Add tests
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
---------
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-12-20 21:10:53 +03:00
82b4e58ad0
Do not start DNS forwarder on client side ( #3094 )
2024-12-20 16:20:50 +01:00
ddc365f7a0
[client, management] Add new network concept ( #3047 )
...
---------
Co-authored-by: Pascal Fischer <32096965+pascal-fischer@users.noreply.github.com >
Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com >
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com >
Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com >
2024-12-20 11:30:28 +01:00
