50926bdbb4
[client] [ui] issue when changing setting in GUI while peer session is expired ( #3334 )
...
* [client] [ui] fix issue when changing settings in GUI while peer session is expired
2025-02-18 13:17:34 +03:00
f67e56d3b9
[client][ui] added accessible tray icons ( #3335 )
...
Added accessible tray icons with:
- dark mode support on Windows and Linux, kudos to @burgosz for the PoC
- template icon support on MacOS
Also added appropriate connecting status icons
2025-02-18 02:21:44 +01:00
039a985f41
[client] Normalize DNS record names to lowercase in local handler update ( #3323 )
...
* [client] Normalize DNS record names to lowercase in lookup
2025-02-14 13:13:40 +03:00
c4a6dafd27
[client] Use GPO DNS Policy Config to configure DNS if present ( #3319 )
2025-02-13 18:17:18 +01:00
a930c2aecf
Fix priority handling ( #3313 )
2025-02-13 15:48:10 +01:00
b41de7fcd1
[client] Enable userspace forwarder conditionally ( #3309 )
...
* Enable userspace forwarder conditionally
* Move disable/enable logic
2025-02-12 11:10:49 +01:00
18f84f0df5
[client] Check for fwmark support and use fallback routing if not supported ( #3220 )
2025-02-11 13:09:17 +01:00
44407a158a
[client] Fix dns handler chain test ( #3307 )
2025-02-11 12:42:04 +01:00
488b697479
[client] Support dns upstream failover for nameserver groups with same match domain ( #3178 )
2025-02-10 18:13:34 +01:00
5953b43ead
[client, relay] Fix/wg watch ( #3261 )
...
Fix WireGuard watcher related issues
- Fix race handling between TURN and Relayed reconnection
- Move the WgWatcher logic to separate struct
- Handle timeouts in a more defensive way
- Fix initial Relay client reconnection to the home server
2025-02-10 10:32:50 +01:00
05415f72ec
[client] Add experimental support for userspace routing ( #3134 )
2025-02-07 14:11:53 +01:00
ca9aca9b19
Fix nil pointer exception when load empty list and try to cast it ( #3282 )
2025-02-06 10:20:31 +01:00
e00a280329
[client] Fix grouping of peer ACLs with different port ranges ( #3289 )
2025-02-05 23:04:52 +01:00
125b5e2b16
[client] Fix acl empty port range detection ( #3285 )
2025-02-05 18:55:42 +01:00
97d498c59c
[misc, client, management] Replace Wiretrustee with Netbird ( #3267 )
2025-02-05 16:49:41 +01:00
0125cd97d8
[client] use embedded root CA if system certpool is empty ( #3272 )
...
* Implement custom TLS certificate handling with fallback to embedded roots
2025-02-04 18:17:59 +03:00
f930ef2ee6
Cleanup magiconair usage from repo ( #3276 )
2025-02-03 17:54:35 +01:00
e20be2397c
[client] Add missing peer ACL flush ( #3247 )
2025-01-28 23:25:22 +01:00
a7ddb8f1f8
[client] Replace engine probes with direct calls ( #3195 )
2025-01-28 12:25:45 +01:00
a32ec97911
[client] Use dynamic dns route resolution on iOS ( #3243 )
2025-01-27 18:13:10 +01:00
5c05131a94
[client] Support port ranges in peer ACLs ( #3232 )
2025-01-27 13:51:57 +01:00
eb2ac039c7
[client] Mark redirected traffic early to match input filters on pre-DNAT ports ( #3205 )
2025-01-23 18:00:51 +01:00
790a9ed7df
[client] Match more specific dns handler first ( #3226 )
2025-01-23 18:00:05 +01:00
2e61ce006d
[client] Back up corrupted state files and present them in the debug bundle ( #3227 )
2025-01-23 17:59:44 +01:00
3cc485759e
[client] Use correct stdout/stderr log paths for debug bundle on macOS ( #3231 )
2025-01-23 17:59:22 +01:00
aafa9c67fc
[client] Fix freebsd default routes ( #3230 )
2025-01-23 16:57:11 +01:00
c619bf5b0c
[client] Allow freebsd to build netbird-ui ( #3212 )
2025-01-20 11:02:09 +01:00
9f4db0a953
[client] Close ice agent only if not nil ( #3210 )
2025-01-18 00:18:59 +01:00
3e9f0d57ac
[client] Fix windows info out of bounds panic ( #3196 )
2025-01-16 22:19:32 +01:00
bc7b2c6ba3
[client] Report client system flags to management server on login ( #3187 )
2025-01-16 13:58:00 +01:00
992a6c79b4
[client] Flush macOS DNS cache after changes ( #3185 )
2025-01-15 23:26:31 +01:00
78795a4a73
[client] Add block lan access flag for routers ( #3171 )
2025-01-15 17:39:47 +01:00
5a82477d48
[client] Remove outbound chains ( #3157 )
2025-01-15 16:57:41 +01:00
e4a25b6a60
[client-android] add serial, product model, product manufacturer ( #2958 )
...
Signed-off-by: Edouard Vanbelle <edouard.vanbelle@shadow.tech >
2025-01-15 16:02:16 +01:00
b34887a920
[client] Fix a panic on shutdown if dns host manager failed to initialize ( #3182 )
2025-01-15 13:14:46 +01:00
b9efda3ce8
[client] Disable DNS host manager for netstack mode ( #3183 )
2025-01-15 13:14:13 +01:00
15f0a665f8
[client] Allow ssh server on freebsd ( #3170 )
...
* Enable ssh server on freebsd
* Fix listening in netstack mode
* Fix panic if login cmd fails
* Tidy up go mod
2025-01-14 12:43:13 +01:00
9b5b632ff9
[client] Support non-openresolv for DNS on Linux ( #3176 )
2025-01-14 10:39:37 +01:00
522dd44bfa
[client] make /var/lib/netbird paths configurable ( #3084 )
...
- NB_STATE_DIR
- NB_UNCLEAN_SHUTDOWN_RESOLV_FILE
- NB_DNS_STATE_FILE
2025-01-13 10:15:01 +01:00
f48e33b395
[client] Don't fail on v6 ops when disabled via kernel params ( #3165 )
2025-01-10 18:16:21 +01:00
93f3e1b14b
[client] Prevent local routes in status from being overridden by updates ( #3166 )
2025-01-10 11:02:05 +01:00
d9905d1a57
[client] Add disable system flags ( #3153 )
2025-01-07 20:38:18 +01:00
6848e1e128
[client] Add rootless container and fix client routes in netstack mode ( #3150 )
2025-01-06 14:16:31 +01:00
f08605a7f1
[client] Enable network map persistence by default ( #3152 )
2025-01-06 14:11:43 +01:00
abbdf20f65
[client] Allow inbound rosenpass port ( #3109 )
2024-12-31 14:08:48 +01:00
43ef64cf67
[client] Ignore case when matching domains in handler chain ( #3133 )
2024-12-31 14:07:21 +01:00
b3c87cb5d1
[client] Fix inbound tracking in userspace firewall ( #3111 )
...
* Don't create state for inbound SYN
* Allow final ack in some cases
* Relax state machine test a little
2024-12-26 00:51:27 +01:00
0dbaddc7be
[client] Don't fail debug if log file is console ( #3103 )
2024-12-24 15:05:23 +01:00
ad9f044aad
[client] Add stateful userspace firewall and remove egress filters ( #3093 )
...
- Add stateful firewall functionality for UDP/TCP/ICMP in userspace firewalll
- Removes all egress drop rules/filters, still needs refactoring so we don't add output rules to any chains/filters.
- on Linux, if the OUTPUT policy is DROP then we don't do anything about it (no extra allow rules). This is up to the user, if they don't want anything leaving their machine they'll have to manage these rules explicitly.
2024-12-23 18:22:17 +01:00
05930ee6b1
[client] Add firewall rules to the debug bundle ( #3089 )
...
Adds the following to the debug bundle:
- iptables: `iptables-save`, `iptables -v -n -L`
- nftables: `nft list ruleset` or if not available formatted output from netlink (WIP)
2024-12-23 15:57:15 +01:00
