extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-03-13 06:08:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,876 Commits 161 Branches 213 Tags 207 MiB
a789e9e6d8
Commit Graph

689 Commits

Author SHA1 Message Date
Viktor Liu
9930913e4e Merge branch 'main' into feature/port-forwarding 2025-02-05 18:55:59 +01:00
Viktor Liu
125b5e2b16
[client] Fix acl empty port range detection (#3285) 2025-02-05 18:55:42 +01:00
Viktor Liu
48675f579f Merge branch 'main' into feature/port-forwarding 2025-02-05 17:44:01 +01:00
Pascal Fischer
035c5d9f23
[management merge only unique entries on network map merge (#3277) 2025-02-05 16:50:45 +01:00
Viktor Liu
97d498c59c
[misc, client, management] Replace Wiretrustee with Netbird (#3267) 2025-02-05 16:49:41 +01:00
Viktor Liu
b2a5b29fb2 Merge branch 'main' into feature/port-forwarding 2025-02-05 10:15:37 +01:00
hakansa
0125cd97d8
[client] use embedded root CA if system certpool is empty (#3272) 
* Implement custom TLS certificate handling with fallback to embedded roots
 2025-02-04 18:17:59 +03:00
Zoltan Papp
f930ef2ee6
Cleanup magiconair usage from repo (#3276) 2025-02-03 17:54:35 +01:00
Zoltan Papp
1b011a2d85
[client] Manage the IP forwarding sysctl setting in global way (#3270) 
Add new package ipfwdstate that implements reference counting for IP forwarding
state management. This allows multiple usage to safely request IP forwarding
without interfering with each other.
 2025-02-03 12:27:18 +01:00
Pascal Fischer
a85ea1ddb0
[manager] ingress ports manager support (#3268) 
* add peers manager

* Extend peers manager to support retrieving all peers

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>

* add network map calc

* move integrations interface

* update management-integrations

* merge main and fix

* go mod tidy

* [management] port forwarding add peer manager fix network map (#3264)

* [management] fix testing tools (#3265)

* Fix net.IPv4 conversion to []byte

* update test to check ipv4

---------

Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Zoltán Papp <zoltan.pmail@gmail.com>
 2025-02-03 09:37:37 +01:00
Zoltán Papp
829e40d2aa Fix ingress manager unnecessary creation 2025-02-01 10:58:47 +01:00
Pascal Fischer
a76ca8c565 Merge branch 'main' into feature/port-forwarding 2025-01-29 22:28:10 +01:00
Zoltan Papp
26693e4ea8
Feature/port forwarding client ingress (#3242) 
Client-side forward handling

Co-authored-by: Viktor Liu <17948409+lixmal@users.noreply.github.com>

---------

Co-authored-by: Viktor Liu <17948409+lixmal@users.noreply.github.com>
 2025-01-29 16:04:33 +01:00
Viktor Liu
e20be2397c
[client] Add missing peer ACL flush (#3247) 2025-01-28 23:25:22 +01:00
Viktor Liu
a7ddb8f1f8
[client] Replace engine probes with direct calls (#3195) 2025-01-28 12:25:45 +01:00
Viktor Liu
a32ec97911
[client] Use dynamic dns route resolution on iOS (#3243) 2025-01-27 18:13:10 +01:00
Viktor Liu
5c05131a94
[client] Support port ranges in peer ACLs (#3232) 2025-01-27 13:51:57 +01:00
Viktor Liu
eb2ac039c7
[client] Mark redirected traffic early to match input filters on pre-DNAT ports (#3205) 2025-01-23 18:00:51 +01:00
Viktor Liu
790a9ed7df
[client] Match more specific dns handler first (#3226) 2025-01-23 18:00:05 +01:00
Viktor Liu
2e61ce006d
[client] Back up corrupted state files and present them in the debug bundle (#3227) 2025-01-23 17:59:44 +01:00
Viktor Liu
3cc485759e
[client] Use correct stdout/stderr log paths for debug bundle on macOS (#3231) 2025-01-23 17:59:22 +01:00
Viktor Liu
aafa9c67fc
[client] Fix freebsd default routes (#3230) 2025-01-23 16:57:11 +01:00
Viktor Liu
c619bf5b0c
[client] Allow freebsd to build netbird-ui (#3212) 2025-01-20 11:02:09 +01:00
Maycon Santos
9f4db0a953
[client] Close ice agent only if not nil (#3210) 2025-01-18 00:18:59 +01:00
Viktor Liu
3e9f0d57ac
[client] Fix windows info out of bounds panic (#3196) 2025-01-16 22:19:32 +01:00
Viktor Liu
bc7b2c6ba3
[client] Report client system flags to management server on login (#3187) 2025-01-16 13:58:00 +01:00
Viktor Liu
992a6c79b4
[client] Flush macOS DNS cache after changes (#3185) 2025-01-15 23:26:31 +01:00
Viktor Liu
78795a4a73
[client] Add block lan access flag for routers (#3171) 2025-01-15 17:39:47 +01:00
Viktor Liu
5a82477d48
[client] Remove outbound chains (#3157) 2025-01-15 16:57:41 +01:00
Edouard Vanbelle
e4a25b6a60
[client-android] add serial, product model, product manufacturer (#2958) 
Signed-off-by: Edouard Vanbelle <edouard.vanbelle@shadow.tech>
 2025-01-15 16:02:16 +01:00
Viktor Liu
b34887a920
[client] Fix a panic on shutdown if dns host manager failed to initialize (#3182) 2025-01-15 13:14:46 +01:00
Viktor Liu
b9efda3ce8
[client] Disable DNS host manager for netstack mode (#3183) 2025-01-15 13:14:13 +01:00
Viktor Liu
15f0a665f8
[client] Allow ssh server on freebsd (#3170) 
* Enable ssh server on freebsd

* Fix listening in netstack mode

* Fix panic if login cmd fails

* Tidy up go mod
 2025-01-14 12:43:13 +01:00
Viktor Liu
9b5b632ff9
[client] Support non-openresolv for DNS on Linux (#3176) 2025-01-14 10:39:37 +01:00
Krzysztof Nazarewski (kdn)
522dd44bfa
[client] make /var/lib/netbird paths configurable (#3084) 
- NB_STATE_DIR
- NB_UNCLEAN_SHUTDOWN_RESOLV_FILE
- NB_DNS_STATE_FILE
 2025-01-13 10:15:01 +01:00
Viktor Liu
f48e33b395
[client] Don't fail on v6 ops when disabled via kernel params (#3165) 2025-01-10 18:16:21 +01:00
Viktor Liu
93f3e1b14b
[client] Prevent local routes in status from being overridden by updates (#3166) 2025-01-10 11:02:05 +01:00
Viktor Liu
d9905d1a57
[client] Add disable system flags (#3153) 2025-01-07 20:38:18 +01:00
Viktor Liu
6848e1e128
[client] Add rootless container and fix client routes in netstack mode (#3150) 2025-01-06 14:16:31 +01:00
Viktor Liu
f08605a7f1
[client] Enable network map persistence by default (#3152) 2025-01-06 14:11:43 +01:00
Viktor Liu
abbdf20f65
[client] Allow inbound rosenpass port (#3109) 2024-12-31 14:08:48 +01:00
Viktor Liu
43ef64cf67
[client] Ignore case when matching domains in handler chain (#3133) 2024-12-31 14:07:21 +01:00
Viktor Liu
b3c87cb5d1
[client] Fix inbound tracking in userspace firewall (#3111) 
* Don't create state for inbound SYN

* Allow final ack in some cases

* Relax state machine test a little
 2024-12-26 00:51:27 +01:00
Viktor Liu
0dbaddc7be
[client] Don't fail debug if log file is console (#3103) 2024-12-24 15:05:23 +01:00
Viktor Liu
ad9f044aad
[client] Add stateful userspace firewall and remove egress filters (#3093) 
- Add stateful firewall functionality for UDP/TCP/ICMP in userspace firewalll
- Removes all egress drop rules/filters, still needs refactoring so we don't add output rules to any chains/filters.
- on Linux, if the OUTPUT policy is DROP  then we don't do anything about it (no extra allow rules). This is up to the user, if they don't want anything leaving their machine they'll have to manage these rules explicitly.
 2024-12-23 18:22:17 +01:00
Viktor Liu
05930ee6b1
[client] Add firewall rules to the debug bundle (#3089) 
Adds the following to the debug bundle:
- iptables: `iptables-save`, `iptables -v -n -L`
- nftables: `nft list ruleset` or if not available formatted output from netlink (WIP)
 2024-12-23 15:57:15 +01:00
Viktor Liu
b48cf1bf65
[client] Reduce DNS handler chain lock contention (#3099) 2024-12-21 15:56:52 +01:00
Zoltan Papp
82b4e58ad0
Do not start DNS forwarder on client side (#3094) 2024-12-20 16:20:50 +01:00
Viktor Liu
ddc365f7a0
[client, management] Add new network concept (#3047) 
---------

Co-authored-by: Pascal Fischer <32096965+pascal-fischer@users.noreply.github.com>
Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com>
 2024-12-20 11:30:28 +01:00
Maycon Santos
37ad370344
[client] Avoid using iota on mixed const block (#3057) 
Used the values as resolved when the first iota value was the second const in the block.
 2024-12-16 18:09:31 +01:00