netbird

mirror of https://github.com/netbirdio/netbird.git synced 2025-08-04 13:22:03 +02:00

Author	SHA1	Message	Date
bcmmbaga	d1e5d584f7	Fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2025-01-13 16:12:34 +03:00
bcmmbaga	b1325267d8	Merge branch 'main' into peers-get-account-refactoring # Conflicts: # management/server/peer.go	2025-01-13 15:54:37 +03:00
Krzysztof Nazarewski (kdn)	522dd44bfa	[client] make /var/lib/netbird paths configurable (#3084 ) - NB_STATE_DIR - NB_UNCLEAN_SHUTDOWN_RESOLV_FILE - NB_DNS_STATE_FILE	2025-01-13 10:15:01 +01:00
Maycon Santos	8154069e77	[misc] Skip docker step when fork PR (#3175 )	2025-01-13 10:11:54 +01:00
Viktor Liu	e161a92898	[client] Update fyne dependency (#3155 )	2025-01-12 16:29:25 +01:00
Bethuel Mmbaga	3fce8485bb	Enabled new network resource and router by default (#3174 ) Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2025-01-11 20:09:29 +01:00
Maycon Santos	1cc88a2190	[management] adjust benchmark (#3168 )	2025-01-11 14:08:13 +01:00
Bethuel Mmbaga	168ea9560e	[Management] Send peer network map when SSH status is toggled (#3172 )	2025-01-11 13:19:30 +01:00
Viktor Liu	f48e33b395	[client] Don't fail on v6 ops when disabled via kernel params (#3165 )	2025-01-10 18:16:21 +01:00
Simon Smith	f1ed8599fc	[misc] add missing relay to docker-compose.yml.tmpl.traefik (#3163 )	2025-01-10 18:16:11 +01:00
bcmmbaga	2e596fbf1a	use account object to get validated peers Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2025-01-10 13:37:38 +03:00
Viktor Liu	93f3e1b14b	[client] Prevent local routes in status from being overridden by updates (#3166 )	2025-01-10 11:02:05 +01:00
Maycon Santos	649bfb236b	[management] Send relay credentials with turn updates (#3164 ) send relay credentials when sending turn credentials update to avoid removing servers from clients	2025-01-10 09:44:02 +01:00
bcmmbaga	fa1eaa0aec	fix store tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2025-01-09 13:38:09 +03:00
bcmmbaga	baf211203a	fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2025-01-08 23:17:54 +03:00
bcmmbaga	9d86f76a24	Merge branch 'main' into peers-get-account-refactoring # Conflicts: # management/server/account.go # management/server/account_test.go # management/server/ephemeral.go # management/server/ephemeral_test.go # management/server/http/handlers/peers/peers_handler.go # management/server/http/handlers/peers/peers_handler_test.go # management/server/integrated_validator.go # management/server/mock_server/account_mock.go # management/server/peer.go # management/server/store/sql_store.go # management/server/store/sql_store_test.go # management/server/store/store.go # management/server/testdata/store_with_expired_peers.sql # management/server/user.go	2025-01-08 22:31:10 +03:00
Bethuel Mmbaga	409003b4f9	[management] Add support for disabling resources and routing peers in networks (#3154 ) * sync openapi changes Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add option to disable network resource(s) Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add network resource enabled state from api Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add option to disable network router(s) Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Add tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * migrate old network resources and routers Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2025-01-08 19:35:57 +03:00
Simon Smith	9e6e34b42d	[misc] Upgrade go to 1.23 inn devcontainer (#3160 )	2025-01-08 11:48:10 +01:00
Viktor Liu	d9905d1a57	[client] Add disable system flags (#3153 )	2025-01-07 20:38:18 +01:00
Joakim Nohlgård	2bd68efc08	[relay] Handle IPv6 addresses in X-Real-IP header on relay service (#3085 )	2025-01-06 17:31:35 +01:00
Viktor Liu	6848e1e128	[client] Add rootless container and fix client routes in netstack mode (#3150 )	2025-01-06 14:16:31 +01:00
Viktor Liu	668aead4c8	[misc] remove outdated readme header (#3151 )	2025-01-06 14:12:28 +01:00
Viktor Liu	f08605a7f1	[client] Enable network map persistence by default (#3152 )	2025-01-06 14:11:43 +01:00
Bethuel Mmbaga	02a3feddb8	[management] Add MySQL Support (#3108 ) * Add mysql store support * Add support to disable activity events recording	2025-01-06 13:38:30 +01:00
Pascal Fischer	d9487a5749	[misc] separate integration and benchmark test workflows (#3147 )	2025-01-03 15:48:31 +01:00
Pascal Fischer	cfa6d09c5e	[management] add peers benchmark (#3143 )	2025-01-03 15:28:15 +01:00
Pascal Fischer	a01253c3c8	[management] add users benchmark (#3141 )	2025-01-03 15:24:30 +01:00
Pascal Fischer	bc013e4888	[management] exclude self from network map if self is routing peer (#3142 )	2025-01-02 18:46:28 +01:00
Pascal Fischer	782e3f8853	[management] Add integration test for the setup-keys API endpoints (#2936 )	2025-01-02 13:51:01 +01:00
Maycon Santos	03fd656344	[management] Fix policy tests (#3135 ) - Add firewall rule isEqual method - Fix tests v0.35.2	2024-12-31 18:45:40 +01:00
Pascal Fischer	18b049cd24	[management] remove sorting from network map generation (#3126 )	2024-12-31 18:10:40 +01:00
Bethuel Mmbaga	2bdb4cb44a	[management] Preserve jwt groups when accessing API with PAT (#3128 ) * Skip JWT group sync for token-based authentication Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Add tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-12-31 18:59:37 +03:00
Viktor Liu	abbdf20f65	[client] Allow inbound rosenpass port (#3109 )	2024-12-31 14:08:48 +01:00
Viktor Liu	43ef64cf67	[client] Ignore case when matching domains in handler chain (#3133 )	2024-12-31 14:07:21 +01:00
Pascal Fischer	18316be09a	[management] add selfhosted metrics for networks (#3118 )	2024-12-30 12:53:51 +01:00
Maycon Santos	1a623943c8	[management] Fix networks net map generation with posture checks (#3124 )	2024-12-30 12:40:24 +01:00
Pascal Fischer	fbce8bb511	[management] remove ids from policy creation api (#2997 )	2024-12-27 14:13:36 +01:00
Bethuel Mmbaga	445b626dc8	[management] Add missing group usage checks for network resources and routes access control (#3117 ) * Prevent deletion of groups linked to routes access control groups Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Prevent deletion of groups linked to network resource Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-12-27 14:39:34 +03:00
Viktor Liu	b3c87cb5d1	[client] Fix inbound tracking in userspace firewall (#3111 ) * Don't create state for inbound SYN * Allow final ack in some cases * Relax state machine test a little v0.35.1	2024-12-26 00:51:27 +01:00
Viktor Liu	0dbaddc7be	[client] Don't fail debug if log file is console (#3103 )	2024-12-24 15:05:23 +01:00
Viktor Liu	ad9f044aad	[client] Add stateful userspace firewall and remove egress filters (#3093 ) - Add stateful firewall functionality for UDP/TCP/ICMP in userspace firewalll - Removes all egress drop rules/filters, still needs refactoring so we don't add output rules to any chains/filters. - on Linux, if the OUTPUT policy is DROP then we don't do anything about it (no extra allow rules). This is up to the user, if they don't want anything leaving their machine they'll have to manage these rules explicitly. v0.35.0	2024-12-23 18:22:17 +01:00
Viktor Liu	05930ee6b1	[client] Add firewall rules to the debug bundle (#3089 ) Adds the following to the debug bundle: - iptables: `iptables-save`, `iptables -v -n -L` - nftables: `nft list ruleset` or if not available formatted output from netlink (WIP)	2024-12-23 15:57:15 +01:00
Pascal Fischer	e670068cab	[management] Run test sequential (#3101 )	2024-12-23 14:37:09 +01:00
Viktor Liu	b48cf1bf65	[client] Reduce DNS handler chain lock contention (#3099 )	2024-12-21 15:56:52 +01:00
Bethuel Mmbaga	7ee7ada273	[management] Fix duplicate resource routes when routing peer is part of the source group (#3095 ) * Remove duplicate resource routes when routing peer is part of the source group Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Add tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-12-20 21:10:53 +03:00
Zoltan Papp	82b4e58ad0	Do not start DNS forwarder on client side (#3094 )	2024-12-20 16:20:50 +01:00
Viktor Liu	ddc365f7a0	[client, management] Add new network concept (#3047 ) --------- Co-authored-by: Pascal Fischer <32096965+pascal-fischer@users.noreply.github.com> Co-authored-by: bcmmbaga <bethuelmbaga12@gmail.com> Co-authored-by: Maycon Santos <mlsmaycon@gmail.com> Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com>	2024-12-20 11:30:28 +01:00
Maycon Santos	37ad370344	[client] Avoid using iota on mixed const block (#3057 ) Used the values as resolved when the first iota value was the second const in the block.	2024-12-16 18:09:31 +01:00
VYSE V.E.O	703647da1e	fix client unsupported h2 protocol when only 443 activated (#3009 ) When I remove 80 http port in Caddyfile, netbird client cannot connect server:443. Logs show error below: {"level":"debug","ts":1733809631.4012625,"logger":"http.stdlib","msg":"http: TLS handshake error from redacted:41580: tls: client requested unsupported application protocols ([h2])"} I wonder here h2 protocol is absent.	2024-12-16 14:17:46 +01:00
Maycon Santos	9eff58ae62	Upgrade x/crypto package (#3055 ) Mitigates the CVE-2024-45337	2024-12-16 10:30:41 +01:00

1 2 3 4 5 ...

1910 Commits