diff --git a/rust/connlib/tunnel/src/client.rs b/rust/connlib/tunnel/src/client.rs index d6e11b367..ddbee2794 100644 --- a/rust/connlib/tunnel/src/client.rs +++ b/rust/connlib/tunnel/src/client.rs @@ -393,6 +393,10 @@ impl ClientState { packet: IpPacket, now: Instant, ) -> Option { + if packet.is_fz_p2p_control() { + tracing::warn!("Packet matches heuristics of FZ p2p control protocol"); + } + let non_dns_packet = match self.try_handle_dns(packet, now) { ControlFlow::Break(()) => return None, ControlFlow::Continue(non_dns_packet) => non_dns_packet, diff --git a/rust/connlib/tunnel/src/gateway.rs b/rust/connlib/tunnel/src/gateway.rs index 6e693b9bd..ddf9b0e91 100644 --- a/rust/connlib/tunnel/src/gateway.rs +++ b/rust/connlib/tunnel/src/gateway.rs @@ -92,6 +92,10 @@ impl GatewayState { packet: IpPacket, now: Instant, ) -> Result> { + if packet.is_fz_p2p_control() { + tracing::warn!("Packet matches heuristics of FZ p2p control protocol"); + } + let dst = packet.destination(); if !crate::is_peer(dst) { diff --git a/rust/connlib/tunnel/src/lib.rs b/rust/connlib/tunnel/src/lib.rs index 1678e5020..d2eba066b 100644 --- a/rust/connlib/tunnel/src/lib.rs +++ b/rust/connlib/tunnel/src/lib.rs @@ -222,10 +222,6 @@ impl ClientTunnel { if let Some(packets) = device { for packet in packets { - if packet.is_fz_p2p_control() { - tracing::warn!("Packet matches heuristics of FZ p2p control protocol"); - } - let ecn = packet.ecn(); match self.role_state.handle_tun_input(packet, now) { @@ -404,10 +400,6 @@ impl GatewayTunnel { if let Some(packets) = device { for packet in packets { - if packet.is_fz_p2p_control() { - tracing::warn!("Packet matches heuristics of FZ p2p control protocol"); - } - let ecn = packet.ecn(); match self.role_state.handle_tun_input(packet, now) {