mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00

Files

Thomas Eizinger ab8d6dca1e fix(connlib): only send DNS through tunnel if upstream DNS is configured (#5819 )

Extracted out of #5797.

This is a problem that becomes evident as
https://github.com/firezone/firezone/issues/2667 is implemented:

Whenever connlib sees a DNS packet where the sentinel DNS is a resource,
it's forwarded to the resource instead of requests being resolved
locally. This doesn't work well with system's DNS servers since many
times those are provided by the DHCP to be a local resolver which can't
be reached from a gateway. Meaning that with full route this request
will be just dropped. Preventing all internet connections outside of
Firezone.

Most of the times when an administrator actually wants to forward all
DNS request they will add explicitly an upstream DNS server which makes
sense since depending on what the local DHCP configures isn't a good
idea if you want to tunnel DNS requests.

This makes this behavior explicit and docs and UI should be updated
accordingly.

Co-authored-by: Gabi <gabrielalejandro7@gmail.com>

---------

Co-authored-by: Gabi <gabrielalejandro7@gmail.com>

2024-07-20 17:14:18 +00:00

bin-shared

fix(connlib): protect all sockets from routing loops (#5797 )

2024-07-16 00:40:05 +00:00

connlib

fix(connlib): only send DNS through tunnel if upstream DNS is configured (#5819 )

2024-07-20 17:14:18 +00:00

gateway

refactor(clients): init PhoenixChannel in upper layers (#5884 )

2024-07-18 02:08:38 +00:00

gui-client

chore(gui-client): release GUI Client 1.1.7 (#5897 )

2024-07-17 22:23:43 +00:00

gui-smoke-test

chore(rust): bump nightly version used for checking unused deps (#5918 )

2024-07-19 22:32:51 +00:00

headless-client

refactor(clients): init PhoenixChannel in upper layers (#5884 )

2024-07-18 02:08:38 +00:00

http-health-check

chore(rust): format Cargo.toml using cargo-sort (#5851 )

2024-07-12 04:57:22 +00:00

http-test-server

chore(rust): format Cargo.toml using cargo-sort (#5851 )

2024-07-12 04:57:22 +00:00

ip-packet

build(deps): Bump pnet_packet from 0.34.0 to 0.35.0 in /rust (#5396 )

2024-07-20 04:38:45 +00:00

phoenix-channel

refactor(clients): init PhoenixChannel in upper layers (#5884 )

2024-07-18 02:08:38 +00:00

relay

refactor(clients): init PhoenixChannel in upper layers (#5884 )

2024-07-18 02:08:38 +00:00

snownet-tests

build(deps): Bump pnet_packet from 0.34.0 to 0.35.0 in /rust (#5396 )

2024-07-20 04:38:45 +00:00

socket-factory

fix(connlib): protect all sockets from routing loops (#5797 )

2024-07-16 00:40:05 +00:00

.dockerignore

refactor(portal): Don't pin session token to user_agent or remote_ip (#2195 )

2023-09-30 07:40:57 -07:00

.gitignore

Implement basic STUN server (#1603 )

2023-05-10 07:58:32 -07:00

Cargo.lock

build(deps): Bump pnet_packet from 0.34.0 to 0.35.0 in /rust (#5396 )

2024-07-20 04:38:45 +00:00

Cargo.toml

fix(connlib): protect all sockets from routing loops (#5797 )

2024-07-16 00:40:05 +00:00

clippy.toml

chore: apply lints consistently across workspace (#4357 )

2024-03-28 06:09:22 +00:00

docker-compose-dev.yml

chore(docker): local dev docker-compose (#4748 )

2024-05-06 23:43:00 +00:00

docker-init.sh

feat(gateway): added support for docker secrets (#5031 ) (#5043 )

2024-05-21 20:48:10 -07:00

Dockerfile

Bump Alpine version for Rust dockerfiles

2024-06-24 14:18:57 -06:00

README.md

docs(client): how to read logs with jq (#4599 )

2024-04-12 16:34:53 +00:00

rust-toolchain.toml

chore(rust): bump to Rust 1.79 (#5356 )

2024-06-16 22:06:18 +00:00

README.md

Rust development guide

Firezone uses Rust for all data plane components. This directory contains the Linux and Windows clients, and low-level networking implementations related to STUN/TURN.

We target the last stable release of Rust using rust-toolchain.toml. If you are using rustup, that is automatically handled for you. Otherwise, ensure you have the latest stable version of Rust installed.

Reading Client logs

The Client logs are written as JSONL for machine-readability.

To make them more human-friendly, pipe them through jq like this:

cd path/to/logs  # e.g. `$HOME/.cache/dev.firezone.client/data/logs` on Linux
cat *.log | jq -r '"\(.time) \(.severity) \(.message)"'

Resulting in, e.g.

2024-04-01T18:25:47.237661392Z INFO started log
2024-04-01T18:25:47.238193266Z INFO GIT_VERSION = 1.0.0-pre.11-35-gcc0d43531
2024-04-01T18:25:48.295243016Z INFO No token / actor_name on disk, starting in signed-out state
2024-04-01T18:25:48.295360641Z INFO null