From dadaeb072a73bc26a62b0c0628c763e435f47202 Mon Sep 17 00:00:00 2001 From: Reactor Scram Date: Mon, 13 May 2024 09:51:14 -0500 Subject: [PATCH] fix(windows-client): clear Firezone-specific DNS rules at startup (#4918) Closes #4899 This has a known gap where theoretically the GUI could sign in while the service is hung in startup, and then the service would wipe out the GUI's DNS rules. The workaround for that would be to restart the GUI, but in practice I think the gap will not be hit, and it will go away once #3712 is done anyway. I tested it manually once using the reproduction steps from #4899 and it worked. --- rust/headless-client/src/imp_windows.rs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/rust/headless-client/src/imp_windows.rs b/rust/headless-client/src/imp_windows.rs index 55fdc78e3..0f0bf391c 100644 --- a/rust/headless-client/src/imp_windows.rs +++ b/rust/headless-client/src/imp_windows.rs @@ -122,6 +122,10 @@ fn fallible_windows_service_run() -> Result<()> { } }; + // Fixes , + // DNS rules persisting after reboot + connlib_shared::deactivate_dns_control().ok(); + // Tell Windows that we're running (equivalent to sd_notify in systemd) let status_handle = service_control_handler::register(SERVICE_NAME, event_handler)?; status_handle.set_service_status(ServiceStatus { @@ -134,7 +138,9 @@ fn fallible_windows_service_run() -> Result<()> { process_id: None, })?; - run_ipc_service(cli, rt, shutdown_rx)?; + if let Err(error) = run_ipc_service(cli, rt, shutdown_rx) { + tracing::error!(?error, "error from run_ipc_service"); + } // Tell Windows that we're stopping status_handle.set_service_status(ServiceStatus {