github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,575 Commits 1 Branch 0 Tags
97eb506bb3fd0d6b01967c8d1cd06c19a8de3968
Commit Graph

21 Commits

Author SHA1 Message Date
Thomas Eizinger
84b3ac50ca fix(relay): correctly separate channel state for different peers (#3472) 
Currently, there is a bug in the relay where the channel state of
different peers overlaps because the data isn't indexed correctly by
both peers and clients.

This PR fixes this, introduces more debug assertions (this bug was
caught by one) and also adds some new-type wrappers to avoid conflating
peers with clients.
 2024-02-01 01:53:54 +00:00
Thomas Eizinger
3f8c6cb6eb feat(relay): allow channel bindings to IPv6 addresses (#3434) 
Previously, we still had a hard-coded rule in the relay that would not
allow us to relay to an IPv6 peer. We can remove that and properly check
this based on the allocated addresses.

Resolves: #3405.
 2024-01-31 00:36:54 +00:00
Thomas Eizinger
8f2e9efb21 feat(relay): improve logging and error handling (#3399) 
By changing around how the fields are recorded in the tracing spans and
what the functions are called, the logs now align nicely:

Before:

```
[  relay] 2024-01-25T02:01:00.103279Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.103448Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.103627Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.103774Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.103955Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.104119Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.104303Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.104456Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.104650Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.104825Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.105015Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.105165Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.105332Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.105534Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.105739Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.105934Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.106155Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.106343Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.106534Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.106671Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.106838Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.106987Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.107148Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.107289Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.107496Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.107662Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.107846Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.108003Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.108189Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.108340Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.108529Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.108665Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.108835Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.109006Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.109193Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.109363Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.109563Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.109733Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.109919Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.110058Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.110228Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.110360Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.110510Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.110628Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.110773Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.110904Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.111049Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.111199Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.111359Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.111540Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.111735Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.111884Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.112064Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.112246Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.112422Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.112577Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.112754Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.112933Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.113109Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.113254Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.113421Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:55880}:handle_channel_data_message{sender=127.0.0.1:55880 channel=16384 recipient=127.0.0.1:37062}: relay: Relaying 32 bytes
[  relay] 2024-01-25T02:01:00.113658Z DEBUG Eventloop::poll:handle_relay_input{sender=127.0.0.1:37062 allocation_id=AID-1 recipient=127.0.0.1:55880 channel=16384}: relay: Relaying 32 bytes
```

Now:

```
[  relay] 2024-01-25T01:57:42.045265Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.045393Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.045543Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.045676Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.045792Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.045918Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.046060Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.046190Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.046302Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.046410Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.046547Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.046964Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.047100Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.047219Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.047365Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.047497Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.047613Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.047732Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.047863Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.048212Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.048342Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.048460Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.048601Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049029Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049167Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049292Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049434Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049549Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049660Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049787Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.049927Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.050095Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.050219Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.050688Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.050891Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.051046Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.051159Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.051300Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.051462Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.051618Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.051726Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.051884Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.052130Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.052344Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.052466Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.052631Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.052775Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.052941Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.053065Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.053224Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.053367Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.053527Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.053665Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.053826Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.053972Z DEBUG Eventloop::poll:handle_peer_traffic{sender=127.0.0.1:45679 allocation_id=AID-1 recipient=127.0.0.1:49137 channel=16384}: relay: Relaying 32 bytes
[  relay] 2024-01-25T01:57:42.054127Z DEBUG Eventloop::poll:handle_client_input{sender=127.0.0.1:49137 allocation_id=AID-1 recipient=127.0.0.1:45679 channel=16384}: relay: Relaying 32 bytes
```
 2024-01-26 00:12:47 +00:00
Jamil
573124bd2f Document relay gateway client CLIs (#2424) 
Fixes #2363 

* Rename `relay` package to `firezone-relay` so that binaries outputted
match the `firezone-*` cli naming scheme
* Rename `firezone-headless-client` package to `firezone-linux-client`
for consistency
* Add READMEs for user-facing CLI components (there will also be docs
later)
 2023-10-19 00:59:17 +00:00
Jamil
6ec10b2669 Revert "Fix/website mdx" (#2434) 
Reverts firezone/firezone#2433
 2023-10-18 11:42:54 -07:00
Jamil
caef531b17 Fix/website mdx (#2433) 2023-10-18 11:42:18 -07:00
Jamil
c4c6f3e4ca refactor(portal): Don't pin session token to user_agent or remote_ip (#2195) 
Removing the check to get Rust PRs to pass.

**Note**: #2182 was dependent on this one, and has since merged into
this one.
 2023-09-30 07:40:57 -07:00
Jamil
3baf2ee1bb feat(connlib): Wrap secrets in Secret to minimize chance of leakage (#2159) 
Fixes #2085

---------

Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
 2023-09-28 18:35:16 +00:00
Thomas Eizinger
9d93d02b48 deps(relay): bump to stun-codec 0.3.3 (#2088) 
I've opened several PRs upstream for code that was missing in
`stun-codec` for our purposes. Those have been accepted and released, so
we can bump to that version now and remove that code.

Related: https://github.com/sile/stun_codec/pull/14.
Related: https://github.com/sile/stun_codec/pull/15.
Related: https://github.com/sile/stun_codec/pull/16.
Related: https://github.com/sile/stun_codec/pull/17.

A big thanks to @sile for the crate and being responsive maintainer
🥳
 2023-09-21 06:31:11 +00:00
Thomas Eizinger
89d7b0f5f4 feat(relay): replace prometheus with OTEL metrics (#1996) 
To better take advantage of the OTEL ecosystem, we change our prometheus
metrics to OTEL metrics. OTEL metrics are pushed to the agent via the
OTEL pipeline set up in https://github.com/firezone/firezone/pull/1995
rather than pulled like prometheus.

This means our `/metrics` endpoint is now gone which we previously
(ab)used as a health-check. I've added a dedicated `/healthz` endpoint.
 2023-09-13 10:16:07 -06:00
Jamil
bf2d794064 feat(relay): allow configuration for lowest and highest allocation port (#1921) 
This PR allows the TURN allocation binding to be optionally configured
by `TURN_LOWEST_PORT` and `TURN_HIGHEST_PORT` environment variables.

This will allow client app developers to test their apps against a
fully-working local development cluster in Docker Desktop for
Linux/macOS/Windows, allowing us to remove the PortalMock, Connlib Mock,
and SwiftMock codepaths entirely.

cc @roop @pratikvelani
 2023-08-18 13:04:26 -07:00
Thomas Eizinger
632dfdd888 feat(relay): support IPv6 allocations (#1814) 
This patch series adds support for IPv6 allocations. If not specified
otherwise in the ALLOCATE request, clients will get an IP4 allocation.
They can also request an IPv6 address or an additional IPv6 address in
addition to their IPv4 address.

Either of those is only possible if the relay actually has a listening
socket for the requested address family. The CLI is designed such that
the user can either specify IP4, IP6 or both of them.

The `Server` component handles all of this logic and responds with
either a successful allocation response or an Address Family Not
Supported error (see
https://www.rfc-editor.org/rfc/rfc8656#name-stun-error-response-codes).

Multiple refactorings were necessary to achieve this design, they are
all extracted into separate PRs:

Depends-On: #1831.
Depends-On: #1832.
Depends-On: #1833.

---------

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2023-08-02 01:50:43 +00:00
Thomas Eizinger
686ccf3107 feat(relay): add some basic prometheus metrics (#1742) 
The metrics are available at `http://{listen_addr}:8080/metrics`.
Currently, we collect the following:

- Number of active allocations: We can have an alert once the number of
allocations passes through a certain threshold.
- Outcome (success / error) and message kind (allocation / channel_bind
/ ...) of all responses: Summing all of these up would give you the
total number of requests handled. We might want to have a grafana alert
for an increased number of error responses.
- Total number of bytes relayed: Dividing this by time gives us an
average "internal" bandwidth.

This is just a start, we can explore what else is useful as we have it
operate.

Depends-On: https://github.com/firezone/firezone/pull/1743
 2023-07-30 12:04:10 +00:00
Thomas Eizinger
b2fe02c2d5 fix(relay): treat stamp_secret as string (#1660) 
Previously, the relay would treat the `stamp_secret` internally as bytes and share it with the outside world as hex-string. The portal however treats it as an opaque string and uses the UTF-8 bytes to create username and password.

This patch aligns the relay's functionality with the portal and stores the `stamp_secret` internally as a string.
 2023-06-16 09:25:15 +02:00
Thomas Eizinger
5090d207c2 feat(relay): implement nonces for authentication (#1654) 
To complete the authentication scheme for the relay, we need to prompt
the client with a nonce when they send an unauthenticated request. The
semantic meaning of a nonce is opaque to the client. As a starting
point, we implement a count-based scheme. Each nonce is valid for 10
requests. After that, a request will be rejected with a 401 and the
client has to authenticate with a new nonce.

This scheme provides a basic form of replay-protection.
 2023-06-15 09:11:08 -07:00
Thomas Eizinger
16156a6448 relay: implement authentication (#1641) 2023-06-07 06:17:20 -07:00
Thomas Eizinger
d27856a8f1 refactor(relay): introduce type-safe Server APIs (#1630) 
We introduce dedicated types for each message that the `Server` can
handle. This allows us to make the functions public because the
type-system now guarantees that those are either parsed from bytes or
constructed with the correct data.

The latter will be useful to write tests against a richer API.
 2023-05-31 15:18:20 +01:00
Thomas Eizinger
f5fdd56812 relay: create channel bindings and relay data (#1618) 
Here is a short demo:


[Relay](https://github.com/firezone/firezone/assets/5486389/c0199294-70ca-47b4-90ae-2c96428bdb56)

You can run this locally using the `./run_smoke_test.sh` shell-script.
It is not reliable enough yet to be used in CI but I used one if its
outputs to make a regression test.

---------

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2023-05-22 17:25:16 -07:00
Thomas Eizinger
675cb2dd54 relay: refresh allocations (#1610) 2023-05-16 07:21:02 +10:00
Thomas Eizinger
c0774523a8 relay: Parse and respond to allocation requests (#1604) 
With this patch, the relay can parse and respond to allocation requests. I
ran some basics tests against https://icetest.info/ and implemented a
regression test as a result of the logged data.

In writing this, I also had to slightly change the design of `Server`
(as expected). Event handlers for incoming data now do not return a
message directly. Instead, the caller is responsible to drain `Command`s
from it.

When creating an allocation, we need to start listening on a new port.
This needs to happen outside the `Server` as I am going for a sans-IO
style. We emit a `Command` that instructs the main event loop to listen
on a new port. Any incoming data on that port will be forwarded to the
`Server`.

At the moment, this incoming data is just dropped. This is actually
standards-compliant because we cannot handle binding requests yet which
would allow this data to be forwarded to the client.

In some areas, the code is still a bit rough but I expect to iron those
things out as we go along.
 2023-05-16 04:58:33 +10:00
Thomas Eizinger
70e6982e45 Implement basic STUN server (#1603) 
This is an alternative to https://github.com/firezone/firezone/pull/1602
that implements the server using a library I've found called
`stun_codec`.

It already has support for parsing a variety of attributes.

The following is a nice website to test some of the functionality:
https://icetest.info/

The server is still listening on:
`ec2-3-89-112-240.compute-1.amazonaws.com:3478`.
 2023-05-10 07:58:32 -07:00