4c83408f27
Add log-level to the management's docker service command ( #1820 )
2024-04-09 21:00:43 +02:00
90bd39c740
Log panics ( #1818 )
2024-04-09 20:27:27 +02:00
dd0cf41147
Auto restart Windows agent daemon service ( #1819 )
...
This enables auto restart of the windows agent daemon service on event of failure
2024-04-09 20:10:59 +02:00
22b2caffc6
Remove dns based cloud detection ( #1812 )
...
* remove dns based cloud checks
* remove dns based cloud checks
2024-04-09 19:01:31 +02:00
c1f66d1354
Retry macOS route command ( #1817 )
2024-04-09 15:27:19 +02:00
ac0fe6025b
Fix routing issues with MacOS ( #1815 )
...
* Handle zones properly
* Use host routes for single IPs
* Add GOOS and GOARCH to startup log
* Log powershell command
2024-04-09 13:25:14 +02:00
c28657710a
Fix function names in comments ( #1816 )
...
Signed-off-by: verytrap <wangqiuyue@outlook.com >
2024-04-09 13:18:38 +02:00
3875c29f6b
Revert "Rollback new routing functionality ( #1805 )" ( #1813 )
...
This reverts commit 9f32ccd453
2024-04-08 18:56:52 +02:00
9f32ccd453
Rollback new routing functionality ( #1805 )
2024-04-05 20:38:49 +02:00
1d1d057e7d
Change the dashboard image pull from wiretrustee to netbirdio ( #1804 )
2024-04-05 13:51:28 +02:00
3461b1bb90
Expect correct conn type ( #1801 )
2024-04-05 00:10:32 +02:00
3d2a2377c6
Don't return errors on disallowed routes ( #1792 )
2024-04-03 19:06:04 +02:00
25f5f26527
Timeout rule removing loop and catch IPv6 unsupported error in loop ( #1791 )
2024-04-03 18:57:50 +02:00
bb0d5c5baf
Linux legacy routing ( #1774 )
...
* Add Linux legacy routing if ip rule functionality is not available
* Ignore exclusion route errors if host has no route
* Exclude iOS from route manager
* Also retrieve IPv6 routes
* Ignore loopback addresses not being in the main table
* Ignore "not supported" errors on cleanup
* Fix regression in ListenUDP not using fwmarks
2024-04-03 18:04:22 +02:00
7938295190
Feature/exit nodes - Windows and macOS support ( #1726 )
2024-04-03 11:11:46 +02:00
9af532fe71
Get scope from endpoint url instead of hardcoding ( #1770 )
2024-04-02 13:43:57 +02:00
23a1473797
Fix grammar in readme ( #1778 )
2024-04-02 10:08:58 +02:00
9c2dc05df1
Eval/higher timeouts ( #1776 )
2024-03-31 19:39:52 +02:00
40d56e5d29
Update network security image ( #1765 )
2024-03-28 18:43:32 +01:00
fd23d0c28f
Don't block on failed routing setup ( #1768 )
2024-03-28 18:12:25 +01:00
4fff93a1f2
Ignore unsupported address families ( #1766 )
2024-03-28 13:06:54 +01:00
22beac1b1b
Fix invalid token due to the cache race ( #1763 )
2024-03-28 12:33:56 +01:00
bd7a65d798
support to configure extra blacklist of iface in "up" command ( #1734 )
...
Support to configure extra blacklist of iface in "up" command
2024-03-28 09:56:41 +01:00
2d76b058fc
Feature/peer validator ( #1553 )
...
Follow up management-integrations changes
move groups to separated packages to avoid circle dependencies
save location information in Login action
2024-03-27 18:48:48 +01:00
ea2d060f93
Add limited dashboard view ( #1738 )
2024-03-27 16:11:45 +01:00
68b377a28c
Collect chassis.serial ( #1748 )
2024-03-26 15:33:01 +01:00
af50eb350f
Change log level for JWT override message of single account mode ( #1747 )
2024-03-25 14:25:26 +01:00
2475473227
Support client default routes for Linux ( #1667 )
...
All routes are now installed in a custom netbird routing table.
Management and wireguard traffic is now marked with a custom fwmark.
When the mark is present the traffic is routed via the main routing table, bypassing the VPN.
When the mark is absent the traffic is routed via the netbird routing table, if:
- there's no match in the main routing table
- it would match the default route in the routing table
IPv6 traffic is blocked when a default route IPv4 route is configured to avoid leakage.
2024-03-21 16:49:28 +01:00
846871913d
Add latency checks to peer connection and status output ( #1725 )
...
* adding peer healthcheck
* generate proto file
* fix return in udp mux and replace with continue
* use ice agent for latency checks
* fix status output
* remove some logs
* fix status test
* revert bind and ebpf code
* fix error handling on binding response callback
* extend error handling on binding response callback
---------
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com >
2024-03-20 11:18:34 +01:00
6cba9c0818
Remove context niling ( #1729 )
2024-03-19 12:32:07 +01:00
f0672b87bc
Add missing dns domain to tests to avoid verbose test logs ( #1724 )
2024-03-18 12:25:01 +01:00
9b0fe2c8e5
Validate authentik issuer url ( #1723 )
...
* Validate authentik issuer url
* test issuer
* adjust test times on windows
2024-03-18 10:12:46 +01:00
abd57d1191
Avoid creating duplicate groups with the same name ( #1579 )
...
Avoid creating groups with the same name via API calls.
JWT and integrations still allowed to register groups with duplicated names
2024-03-17 11:13:39 +01:00
416f04c27a
Unblock ACL apply filtering because of dns probes ( #1711 )
...
moved the e.dnsServer.ProbeAvailability() to run after ACL apply filtering
run the probes in parallel
2024-03-15 18:57:18 +01:00
fc7c1e397f
Disable force jsonfile variable ( #1611 )
...
This enables windows management tests
Added another DNS server to the dns server tests
2024-03-15 10:50:02 +01:00
52a3ac6b06
Add support for inviting/deleting users via Zitadel ( #1572 )
...
This fixes the "Invite User" button in Dashboard v2.0.0
and enables the usage of the --user-delete-from-idp flag for Zitadel.
Unlike the NetBird SaaS solution, we rely on Zitadel to send
the emails on our behalf.
2024-03-15 10:32:51 +01:00
0b3b50c705
Remove deprecated Rules API endpoints ( #1523 )
2024-03-14 21:31:21 +01:00
042141db06
Update account attributes only when there is a domain ( #1701 )
...
add log for when a domain is not present
2024-03-14 14:17:22 +01:00
4a1aee1ae0
Add routes and dns servers to status command ( #1680 )
...
* Add routes (client and server) to status command
* Add DNS servers to status output
2024-03-12 19:06:16 +01:00
ba33572ec9
add --service/-s flag for specifying system service name ( #1691 )
2024-03-12 18:29:19 +01:00
9d213e0b54
Add fallback retry to daemon ( #1690 )
...
This change adds a fallback retry to the daemon service.
this retry has a larger interval with a shorter max retry run time
then others retries
2024-03-12 18:05:41 +01:00
5dde044fa5
Check for record not found when searching the store ( #1686 )
...
This change returns status.NotFound only on gorm.ErrRecordNotFound and status.Internal on every other DB error
2024-03-10 19:09:45 +01:00
5a3d9e401f
Send terminal notification on peer session expiry ( #1660 )
...
Send notification through terminal on user session expiration in Linux and macOS,
unless UI application is installed to handle it instead.
2024-03-08 18:28:13 +01:00
fde1a2196c
add ansible collections contributions ( #1675 )
2024-03-06 23:30:16 +01:00
0aeb87742a
Return 1s when next expiration is too low ( #1672 )
...
using the login expired issue could cause problems with ticker used in the scheduler
This change makes 1s the minimum number returned when rescheduling the peer expiration task
2024-03-06 15:18:53 +01:00
6d747b2f83
Do not fail on virtualized windows systems ( #1669 )
...
this handles virtualized systems without Win32_ComputerSystemProduct entries by returning 'unknown' for system product name
Co-authored-by: Bjoern Brauer <zaubernerd@zaubernerd.de >
2024-03-06 14:32:34 +01:00
199bf73103
Remove usage stats ( #1665 )
2024-03-05 09:45:32 +01:00
17f5abc653
Handle canceling schedule and avoid recursive call ( #1636 )
...
Using time.Ticker allows us to avoid recursive calls that may end up in schedule running and possible deadlock if no routine is listening for cancel calls
2024-03-03 10:35:01 +01:00
aa935bdae3
Register creation time for peer, user and account ( #1654 )
...
This change register creation time for new peers, users and accounts
2024-03-02 13:49:40 +01:00
452419c4c3
Send UI notification on peer connection session expiry ( #1646 )
...
notify the user when the peer connection session expires after it switches from connected
to disconnected and the status is login required
2024-03-01 17:57:17 +01:00
