e71e94a2ad
Fix iOS
2024-12-12 11:44:44 +01:00
0e761b1c5e
Revert domain regex
2024-12-12 11:36:35 +01:00
cb44454288
Create thread safe peer store ( #3028 )
...
Create thread safe peer store
2024-12-11 18:37:10 +01:00
da0a54c6d6
Implement upstream DNS for intercepted domains ( #3027 )
2024-12-11 17:57:30 +01:00
619d899047
DNS forwarder ( #3024 )
...
* Add dns forwarder service
- do not serve unmanaged domains
- response the dns server with proper codes
- add update operation
2024-12-11 14:47:55 +01:00
d020755dd5
Add dns forwarder service
2024-12-10 19:20:12 +01:00
d802b7b9ba
ffffffff
2024-12-10 19:14:42 +01:00
9d820f1eae
f
2024-12-10 18:08:09 +01:00
16a2867d69
f
2024-12-10 17:56:24 +01:00
d77ac20760
Add DNS interceptor
2024-12-10 11:03:40 +01:00
97bb74f824
Remove peer login log ( #3005 )
...
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com >
2024-12-09 18:40:06 +01:00
2147bf75eb
[client] Add peer conn init limit ( #3001 )
...
Limit the peer connection initialization to 200 peers at the same time
2024-12-09 17:10:31 +01:00
e40a29ba17
[client] Add support for state manager on iOS ( #2996 )
2024-12-06 16:51:42 +01:00
ff330e644e
upgrade zcalusic/sysinfo@v1.1.3 (add serial for ARM arch) ( #2954 )
...
Signed-off-by: Edouard Vanbelle <edouard.vanbelle@shadow.tech >
2024-12-05 15:38:00 +01:00
713e320c4c
Update account peers on login on meta change ( #2991 )
...
* Update account peers on login on meta change
* Factor out LoginPeer peer not found handling
2024-12-05 14:15:23 +01:00
e67fe89adb
Reduce max wait time to initialize peer connections ( #2984 )
...
* Reduce max wait time to initialize peer connections
setting rand time range to 100-300ms instead of 100-800ms
* remove min wait time
2024-12-05 13:03:11 +01:00
6cfbb1f320
[client] Init route selector early ( #2989 )
2024-12-05 12:41:12 +01:00
c853011a32
[client] Don't return error in rule removal if protocol is not supported ( #2990 )
2024-12-05 12:28:35 +01:00
b50b89ba14
[client] Cleanup status resources on engine stop ( #2981 )
...
cleanup leftovers from status recorder when stopping the engine
2024-12-04 14:09:04 +01:00
d063fbb8b9
[management] merge update account peers in sync call ( #2978 )
2024-12-03 16:41:19 +01:00
e5d42bc963
[client] Add state handling cmdline options ( #2821 )
2024-12-03 16:07:18 +01:00
8866394eb6
[client] Don't choke on non-existent interface in route updates ( #2922 )
2024-12-03 15:33:41 +01:00
17c20b45ce
[client] Add network map to debug bundle ( #2966 )
2024-12-03 14:50:12 +01:00
7dacd9cb23
[management] Add missing parentheses on iphone hostname generation condition ( #2977 )
2024-12-03 13:49:02 +01:00
6285e0d23e
[client] Add netbird.err and netbird.out to debug bundle ( #2971 )
2024-12-03 12:43:17 +01:00
a4826cfb5f
[client] Get static system info once ( #2965 )
...
Get static system info once for Windows, Darwin, and Linux nodes
This should improve startup and peer authentication times
2024-12-03 10:22:04 +01:00
a0bf0bdcc0
Pass IP instead of net to Rosenpass ( #2975 )
2024-12-03 10:13:27 +01:00
dffce78a8c
[client] Fix debug bundle state anonymization test ( #2976 )
2024-12-02 20:19:34 +01:00
c7e7ad5030
[client] Add state file to debug bundle ( #2969 )
2024-12-02 18:04:02 +01:00
5142dc52c1
[client] Persist route selection ( #2810 )
2024-12-02 17:55:02 +01:00
ecb44ff306
[client] Add pprof build tag ( #2964 )
...
* Add pprof build tag
* Change env handling
2024-12-01 19:22:52 +01:00
e4a5fb3e91
Unspecified address: default NetworkTypeUDP4+NetworkTypeUDP6 ( #2804 )
2024-11-30 10:34:52 +01:00
e52d352a48
Update Caddyfile and Docker Compose to support HTTP3 ( #2822 )
2024-11-30 10:26:31 +01:00
f9723c9266
[client] Account different policiy rules for routes firewall rules ( #2939 )
...
* Account different policies rules for routes firewall rules
This change ensures that route firewall rules will consider source group peers in the rules generation for access control policies.
This fixes the behavior where multiple policies with different levels of access was being applied to all peers in a distribution group
* split function
* avoid unnecessary allocation
Co-authored-by: Viktor Liu <17948409+lixmal@users.noreply.github.com >
---------
Co-authored-by: Viktor Liu <17948409+lixmal@users.noreply.github.com >
2024-11-29 17:50:35 +01:00
8efad1d170
Add guide when signing key is not found ( #2942 )
...
Some users face issues with their IdP due to signing key not being refreshed
With this change we advise users to configure key refresh
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
* removing leftover
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2024-11-29 10:06:40 +01:00
c6641be94b
[tests] Enable benchmark tests on github actions ( #2961 )
2024-11-28 19:22:01 +01:00
89cf8a55e2
[management] Add performance test for login and sync calls ( #2960 )
2024-11-28 14:59:53 +01:00
00c3b67182
[management] refactor to use account object instead of separate db calls for peer update ( #2957 )
2024-11-28 11:13:01 +01:00
9203690033
[client] Code cleaning in net pkg and fix exit node feature on Android( #2932 )
...
Code cleaning around the util/net package. The goal was to write a more understandable source code but modify nothing on the logic.
Protect the WireGuard UDP listeners with marks.
The implementation can support the VPN permission revocation events in thread safe way. It will be important if we start to support the running time route and DNS update features.
- uniformize the file name convention: [struct_name] _ [functions] _ [os].go
- code cleaning in net_linux.go
- move env variables to env.go file
2024-11-26 23:34:27 +01:00
9683da54b0
[management] Refactor nameserver groups to use store methods ( #2888 )
2024-11-26 17:39:04 +01:00
0e48a772ff
[management] Refactor DNS settings to use store methods ( #2883 )
2024-11-26 13:43:05 +01:00
f118d81d32
[management] Refactor policy to use store methods ( #2878 )
2024-11-26 10:46:05 +01:00
ca12bc6953
[management] Refactor posture check to use store methods ( #2874 )
2024-11-25 16:26:24 +01:00
9810386937
[client] Allow routing to fallback to exclusion routes if rules are not supported ( #2909 )
2024-11-25 15:19:56 +01:00
f1625b32bd
[client] Set up sysctl and routing table name only if routing rules are available ( #2933 )
2024-11-25 15:12:16 +01:00
0ecd5f2118
[client] Test nftables for incompatible iptables rules ( #2948 )
2024-11-25 15:11:56 +01:00
940d0c48c6
[client] Don't return error in userspace mode without firewall ( #2924 )
2024-11-25 15:11:31 +01:00
56cecf849e
Import time package ( #2940 )
2024-11-22 20:40:30 +01:00
05c4aa7c2c
[misc] Renew slack link ( #2938 )
2024-11-22 18:50:47 +01:00
2a5cb16494
[relay] Refactor initial Relay connection ( #2800 )
...
Can support firewalls with restricted WS rules
allow to run engine without Relay servers
keep up to date Relay address changes
2024-11-22 18:12:34 +01:00
