github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9cce4fd63788498e5cf48e6ad8f2add488e930b3
firezone/website
History
Thomas Eizinger 9cce4fd637 fix(gateway): don't route packets from expired NAT sessions (#8124) 
When we receive an inbound packet from the TUN device on the Gateway, we
make a lookup in the NAT table to see if it needs to be translated back
to a DNS proxy IP.

At present, non-existence of such a NAT entry results in the packet
being sent entirely unmodified because that is what needs to happen for
CIDR resources. Whilst that is important, the same code path is
currently being executed for DNS resources whose NAT session expired!
Those packets should be dropped instead which is what we do with this
PR.

To differentiate between not having a NAT session at all or whether a
previous one existed but is expired now, we keep around all previous
"outside" tuples of NAT sessions around. Those are only very small in
their memory-footprint. The entire NAT table is scoped to a connection
to the given peer and will thus eventually freed once the peer
disconnects. This allows us to reliably and cheaply detect, whether a
packet is using an expired NAT session. This check must be cheap because
all traffic of CIDR resources and the Internet resource needs to perform
this check such that we know that they don't have to be translated.

This might be the source of some of the "Source not allowed" errors we
have been seeing in client logs.
2025-02-14 08:21:23 +00:00
..
public
docs: Remove me-central2 from availability (#7732)
2025-01-13 19:30:43 +00:00
src
fix(gateway): don't route packets from expired NAT sessions (#8124)
2025-02-14 08:21:23 +00:00
.gitignore
feat(docs): Show page last updated at for each doc page (#4587)
2024-04-11 14:59:02 +00:00
.gitkeep
jamilbk%feat/stub website in cloud (#1675)
2023-06-22 11:08:28 -06:00
.npmrc
Add updates from master that we want in cloud (#1774)
2023-07-13 02:54:44 +00:00
mdx-components.tsx
feat(website): Add Clipboard component and inject into <code> blocks (#5904)
2024-07-18 15:14:26 +00:00
next-sitemap.config.js
fix(docs): Fix Docsearch recordExtractors, sitemap, and cookie banner script load (#3512)
2024-02-01 17:01:26 +00:00
next.config.mjs
fix(website): Fix script load errors and warnings (#5133)
2024-05-26 22:31:56 +00:00
package.json
build(deps): bump @types/node from 22.12.0 to 22.13.0 in /website (#7990)
2025-02-01 16:42:46 +00:00
pnpm-lock.yaml
build(deps): bump @types/node from 22.12.0 to 22.13.0 in /website (#7990)
2025-02-01 16:42:46 +00:00
postcss.config.js
Add updates from master that we want in cloud (#1774)
2023-07-13 02:54:44 +00:00
README.md
docs: Update website README.md with .env instructions (#6501)
2024-09-05 16:05:21 +00:00
redirects.js
ci: Bump Apple clients to 1.4.2 (#8109)
2025-02-13 22:08:45 +00:00
tailwind.config.js
chore(website): Cache API responses; cleanup font-manrope redundancy (#7136)
2024-10-23 06:28:20 +00:00
timestamps.sh
docs: DRY up docs footer timestamp; add link to open issue (#5928)
2024-07-21 07:20:00 -07:00
tsconfig.json
Add updates from master that we want in cloud (#1774)
2023-07-13 02:54:44 +00:00

README.md

This is a Next.js project bootstrapped with create-next-app.

Getting Started

First, install dependencies and populate the timestamps.json file:

pnpm setup

Next, create files .env.local and .env.development.local in this directory.

Put this in .env.local:

NEXT_PUBLIC_MIXPANEL_TOKEN=""
NEXT_PUBLIC_GOOGLE_ANALYTICS_ID=""
NEXT_PUBLIC_LINKEDIN_PARTNER_ID=""
FIREZONE_DEPLOYED_SHA=""

And this in .env.development.local:

# Created by Vercel CLI
EDGE_CONFIG=""
FIREZONE_DEPLOYED_SHA=""
SITE_URL=""
VERCEL_DEEP_CLONE=""

After that, make sure to contact the team for their values.

Then, run the development server:

npm run dev
# or
yarn dev
# or
pnpm dev

Open http://localhost:3000 with your browser to see the result.

You can start editing the page by modifying app/page.tsx. The page auto-updates as you edit the file.

Linting

This project uses Prettier to format code and ensure a consistent style. Use the .prettierrc.json in the root of this repo to configure your editor.

Learn More

To learn more about Next.js, take a look at the following resources:

You can check out the Next.js GitHub repository - your feedback and contributions are welcome!

Deploy on Vercel

The easiest way to deploy your Next.js app is to use the Vercel Platform from the creators of Next.js.

Check out our Next.js deployment documentation for more details.

Reference in New Issue View Git Blame Copy Permalink