mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00

Files

Thomas Eizinger 091d5b56e0 refactor(snownet): don't memmove every packet (#9907 )

When encrypting IP packets, `snownet` needs to prepare a buffer where
the encrypted packet is going to end up. Depending on whether we are
sending data via a relayed connection or direct, this buffer needs to be
offset by 4 bytes to allow for the 4-byte channel-data header of the
TURN protocol.

At present, we always first encrypt the packet and then on-demand move
the packet by 4-bytes to the left if we **don't** need to send it via a
relay. Internally, this translates to a `memmove` instruction which
actually turns out to be very cheap (I couldn't measure a speed
difference between this and `main`).

All of this code has grown historically though so I figured, it is
better to clean it up a bit to first evaluate, whether we have a direct
or relayed connection and based on that, write the encrypted packet
directly to the front of the buffer or offset it by 4 bytes.

2025-07-23 00:38:39 +00:00

.cargo

fix(rust): use rust-lld linker for MSVC (#9641 )

2025-06-24 01:55:36 +10:00

apple-client-ffi

feat(connlib): add reason argument to reset API (#9878 )

2025-07-15 13:48:33 +00:00

bin-shared

chore(linux): add more error context to TUN device (#9853 )

2025-07-13 05:51:02 +00:00

client-ffi

feat(connlib): add reason argument to reset API (#9878 )

2025-07-15 13:48:33 +00:00

client-shared

test(iperf): install iptables rule inside of container (#9880 )

2025-07-16 10:29:33 +00:00

connlib

refactor(snownet): don't memmove every packet (#9907 )

2025-07-23 00:38:39 +00:00

gateway

chore: publish gateway 1.4.13 (#9969 )

2025-07-22 18:56:40 +00:00

gui-client

build(deps): bump the sentry group in /rust/gui-client with 2 updates (#9929 )

2025-07-22 08:40:35 +00:00

headless-client

feat(connlib): add reason argument to reset API (#9878 )

2025-07-15 13:48:33 +00:00

logging

chore(rust): bump to Rust 1.88 (#9714 )

2025-07-12 06:42:50 +00:00

relay

chore(relay): remove spans (#9962 )

2025-07-22 13:24:58 +00:00

telemetry

chore(telemetry): don't start in local environment (#9905 )

2025-07-18 14:28:55 +00:00

tests

chore(gui-smoke-test): wait for tunnel service to boot (#9766 )

2025-07-02 05:16:15 +00:00

tools/uniffi-bindgen

refactor: use UniFFI for Android FFI (#9415 )

2025-06-17 21:48:34 +00:00

.dockerignore

refactor(portal): Don't pin session token to user_agent or remote_ip (#2195 )

2023-09-30 07:40:57 -07:00

.gitignore

Implement basic STUN server (#1603 )

2023-05-10 07:58:32 -07:00

Cargo.lock

chore: publish gateway 1.4.13 (#9969 )

2025-07-22 18:56:40 +00:00

Cargo.toml

build(deps): bump zbus from 5.8.0 to 5.9.0 in /rust (#9939 )

2025-07-21 10:12:55 +00:00

clippy.toml

chore(rust): bump to Rust 1.88 (#9714 )

2025-07-12 06:42:50 +00:00

deny.toml

build(deps): bump the tauri group in /rust with 6 updates (#9720 )

2025-06-30 13:25:20 +00:00

docker-init-gateway.sh

fix(gateway): Apply more specific firewall rules on start (#8483 )

2025-03-19 05:32:50 +00:00

docker-init-relay.sh

feat(relay): add ec2 metadata discovery (#6617 )

2024-09-12 12:28:55 -06:00

docker-init.sh

fix(gateway): always masquerade for docker-deployed gateways (#6169 )

2024-08-07 03:00:50 +00:00

Dockerfile

test(iperf): install iptables rule inside of container (#9880 )

2025-07-16 10:29:33 +00:00

Dockerfile.xdp-tools

chore(relay): Add xdp-tools debug Docker image build script (#8591 )

2025-04-03 18:17:23 +00:00

README.md

docs(rust): fix profiling command (#7547 )

2024-12-18 13:01:23 +00:00

rust-toolchain.toml

chore(rust): bump to Rust 1.88 (#9714 )

2025-07-12 06:42:50 +00:00

README.md

Rust development guide

Firezone uses Rust for all data plane components. This directory contains the Linux and Windows clients, and low-level networking implementations related to STUN/TURN.

We target the last stable release of Rust using rust-toolchain.toml. If you are using rustup, that is automatically handled for you. Otherwise, ensure you have the latest stable version of Rust installed.

Reading Client logs

The Client logs are written as JSONL for machine-readability.

To make them more human-friendly, pipe them through jq like this:

cd path/to/logs  # e.g. `$HOME/.cache/dev.firezone.client/data/logs` on Linux
cat *.log | jq -r '"\(.time) \(.severity) \(.message)"'

Resulting in, e.g.

2024-04-01T18:25:47.237661392Z INFO started log
2024-04-01T18:25:47.238193266Z INFO GIT_VERSION = 1.0.0-pre.11-35-gcc0d43531
2024-04-01T18:25:48.295243016Z INFO No token / actor_name on disk, starting in signed-out state
2024-04-01T18:25:48.295360641Z INFO null

Benchmarking on Linux

The recommended way for benchmarking any of the Rust components is Linux' perf utility. For example, to attach to a running application, do:

Ensure the binary you are profiling is compiled with the release profile.
sudo perf record -g --freq 10000 --pid $(pgrep <your-binary>).
Run the speed test or whatever load-inducing task you want to measure.
sudo perf script > profile.perf
Open profiler.firefox.com and load profile.perf

Instead of attaching to a process with --pid, you can also specify the path to executable directly. That is useful if you want to capture perf data for a test or a micro-benchmark.