diff --git a/rust/Cargo.lock b/rust/Cargo.lock index 6a2393582..27922b6bd 100644 --- a/rust/Cargo.lock +++ b/rust/Cargo.lock @@ -619,7 +619,7 @@ dependencies = [ "ip_network", "ip_network_table", "libc", - "nix", + "nix 0.29.0", "parking_lot", "rand 0.8.5", "ring", @@ -1941,7 +1941,7 @@ dependencies = [ "libc", "netlink-packet-core", "netlink-packet-route", - "nix", + "nix 0.29.0", "ring", "rtnetlink", "socket-factory", @@ -1982,7 +1982,7 @@ dependencies = [ "ip-packet", "ip_network", "libc", - "nix", + "nix 0.29.0", "phoenix-channel", "rustls", "secrecy", @@ -2017,7 +2017,7 @@ dependencies = [ "firezone-telemetry", "futures", "native-dialog", - "nix", + "nix 0.29.0", "rand 0.8.5", "rustls", "sadness-generator", @@ -2108,7 +2108,7 @@ dependencies = [ "known-folders", "libc", "mutants", - "nix", + "nix 0.29.0", "phoenix-channel", "resolv-conf", "rtnetlink", @@ -3818,12 +3818,11 @@ dependencies = [ [[package]] name = "netlink-packet-route" -version = "0.21.0" +version = "0.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "483325d4bfef65699214858f097d504eb812c38ce7077d165f301ec406c3066e" +checksum = "74c171cd77b4ee8c7708da746ce392440cb7bcf618d122ec9ecc607b12938bf4" dependencies = [ "anyhow", - "bitflags 2.6.0", "byteorder", "libc", "log", @@ -3877,6 +3876,17 @@ version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "650eef8c711430f1a879fdd01d4745a7deea475becfb90269c06775983bbf086" +[[package]] +name = "nix" +version = "0.27.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053" +dependencies = [ + "bitflags 2.6.0", + "cfg-if", + "libc", +] + [[package]] name = "nix" version = "0.29.0" @@ -5344,7 +5354,8 @@ checksum = "3df6368f71f205ff9c33c076d170dd56ebf68e8161c733c0caa07a7a5509ed53" [[package]] name = "rtnetlink" version = "0.14.1" -source = "git+https://github.com/rust-netlink/rtnetlink?branch=main#515471fa0d759316ab249b7c265f3073b3dc1ffb" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b684475344d8df1859ddb2d395dd3dac4f8f3422a1aa0725993cb375fc5caba5" dependencies = [ "futures", "log", @@ -5353,7 +5364,7 @@ dependencies = [ "netlink-packet-utils", "netlink-proto", "netlink-sys", - "nix", + "nix 0.27.1", "thiserror 1.0.69", "tokio", ] @@ -8551,7 +8562,7 @@ dependencies = [ "futures-sink", "futures-util", "hex", - "nix", + "nix 0.29.0", "ordered-stream", "rand 0.8.5", "serde", diff --git a/rust/Cargo.toml b/rust/Cargo.toml index 4f069b474..2623ed60e 100644 --- a/rust/Cargo.toml +++ b/rust/Cargo.toml @@ -184,7 +184,6 @@ str0m = { git = "https://github.com/algesten/str0m", branch = "main" } ip_network = { git = "https://github.com/JakubOnderka/ip_network", branch = "master" } # Waiting for release. ip_network_table = { git = "https://github.com/edmonds/ip_network_table", branch = "some-useful-traits" } # For `Debug` and `Clone` tracing-stackdriver = { git = "https://github.com/thomaseizinger/tracing-stackdriver", branch = "bump-otel-0.26" } # Waiting for release. -rtnetlink = { git = "https://github.com/rust-netlink/rtnetlink", branch = "main" } # Waiting for release. # Enforce `tracing-macros` to have released `tracing` version. [patch.'https://github.com/tokio-rs/tracing'] diff --git a/rust/bin-shared/Cargo.toml b/rust/bin-shared/Cargo.toml index 7e0ec903a..1adec09a4 100644 --- a/rust/bin-shared/Cargo.toml +++ b/rust/bin-shared/Cargo.toml @@ -28,7 +28,7 @@ tokio = { workspace = true, features = ["macros", "rt-multi-thread"] } flume = { workspace = true } libc = { workspace = true } netlink-packet-core = { version = "0.7" } -netlink-packet-route = { version = "0.21" } +netlink-packet-route = { version = "0.19" } nix = { workspace = true, features = ["socket"] } rtnetlink = { workspace = true } zbus = "4.4" # Can't use `zbus`'s `tokio` feature here, or it will break toast popups all the way over in `gui-client`. diff --git a/rust/bin-shared/src/tun_device_manager/linux.rs b/rust/bin-shared/src/tun_device_manager/linux.rs index bfb61b415..4e3ae9c34 100644 --- a/rust/bin-shared/src/tun_device_manager/linux.rs +++ b/rust/bin-shared/src/tun_device_manager/linux.rs @@ -11,10 +11,9 @@ use libc::{ fcntl, makedev, mknod, open, EEXIST, ENOENT, ESRCH, F_GETFL, F_SETFL, O_NONBLOCK, O_RDWR, S_IFCHR, }; -use netlink_packet_route::route::{RouteMessage, RouteProtocol, RouteScope}; +use netlink_packet_route::route::{RouteProtocol, RouteScope}; use netlink_packet_route::rule::RuleAction; -use rtnetlink::{new_connection, Error::NetlinkError, Handle, RuleAddRequest}; -use rtnetlink::{LinkUnspec, RouteMessageBuilder}; +use rtnetlink::{new_connection, Error::NetlinkError, Handle, RouteAddRequest, RuleAddRequest}; use std::path::Path; use std::sync::Arc; use std::task::{Context, Poll}; @@ -109,7 +108,8 @@ impl TunDeviceManager { handle .link() - .set(LinkUnspec::new_with_index(index).mtu(self.mtu).build()) + .set(index) + .mtu(self.mtu) .execute() .await .context("Failed to set default MTU")?; @@ -123,7 +123,8 @@ impl TunDeviceManager { handle .link() - .set(LinkUnspec::new_with_index(index).up().build()) + .set(index) + .up() .execute() .await .context("Failed to bring up interface")?; @@ -209,7 +210,7 @@ fn make_rule(handle: &Handle) -> RuleAddRequest { rule.message_mut() .header .flags - .insert(netlink_packet_route::rule::RuleFlags::Invert); + .push(netlink_packet_route::rule::RuleFlag::Invert); rule.message_mut() .attributes @@ -220,33 +221,35 @@ fn make_rule(handle: &Handle) -> RuleAddRequest { rule } -fn make_route_v4(idx: u32, route: Ipv4Network) -> RouteMessage { - RouteMessageBuilder::::new() +fn make_route(idx: u32, handle: &Handle) -> RouteAddRequest { + handle + .route() + .add() .output_interface(idx) .protocol(RouteProtocol::Static) .scope(RouteScope::Universe) .table_id(FIREZONE_TABLE) - .destination_prefix(route.network_address(), route.netmask()) - .build() } -fn make_route_v6(idx: u32, route: Ipv6Network) -> RouteMessage { - RouteMessageBuilder::::new() - .output_interface(idx) - .protocol(RouteProtocol::Static) - .scope(RouteScope::Universe) - .table_id(FIREZONE_TABLE) +fn make_route_v4(idx: u32, handle: &Handle, route: Ipv4Network) -> RouteAddRequest { + make_route(idx, handle) + .v4() + .destination_prefix(route.network_address(), route.netmask()) +} + +fn make_route_v6(idx: u32, handle: &Handle, route: Ipv6Network) -> RouteAddRequest { + make_route(idx, handle) + .v6() .destination_prefix(route.network_address(), route.netmask()) - .build() } async fn add_route(route: &IpNetwork, idx: u32, handle: &Handle) { - let message = match route { - IpNetwork::V4(ipnet) => make_route_v4(idx, *ipnet), - IpNetwork::V6(ipnet) => make_route_v6(idx, *ipnet), + let res = match route { + IpNetwork::V4(ipnet) => make_route_v4(idx, handle, *ipnet).execute().await, + IpNetwork::V6(ipnet) => make_route_v6(idx, handle, *ipnet).execute().await, }; - let Err(err) = handle.route().add(message).execute().await else { + let Err(err) = res else { tracing::debug!(%route, iface_idx = %idx, "Created new route"); return; @@ -267,8 +270,8 @@ async fn add_route(route: &IpNetwork, idx: u32, handle: &Handle) { async fn remove_route(route: &IpNetwork, idx: u32, handle: &Handle) { let message = match route { - IpNetwork::V4(ipnet) => make_route_v4(idx, *ipnet), - IpNetwork::V6(ipnet) => make_route_v6(idx, *ipnet), + IpNetwork::V4(ipnet) => make_route_v4(idx, handle, *ipnet).message_mut().clone(), + IpNetwork::V6(ipnet) => make_route_v6(idx, handle, *ipnet).message_mut().clone(), }; let res = handle.route().del(message).execute().await;