github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-28 02:18:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ab8d6dca1e72c8110f25f190342fd5b90abbbbcd
firezone/rust/connlib
History
Thomas Eizinger ab8d6dca1e fix(connlib): only send DNS through tunnel if upstream DNS is configured (#5819) 
Extracted out of #5797.

This is a problem that becomes evident as
https://github.com/firezone/firezone/issues/2667 is implemented:

Whenever connlib sees a DNS packet where the sentinel DNS is a resource,
it's forwarded to the resource instead of requests being resolved
locally. This doesn't work well with system's DNS servers since many
times those are provided by the DHCP to be a local resolver which can't
be reached from a gateway. Meaning that with full route this request
will be just dropped. Preventing all internet connections outside of
Firezone.

Most of the times when an administrator actually wants to forward all
DNS request they will add explicitly an upstream DNS server which makes
sense since depending on what the local DHCP configures isn't a good
idea if you want to tunnel DNS requests.

This makes this behavior explicit and docs and UI should be updated
accordingly.

Co-authored-by: Gabi <gabrielalejandro7@gmail.com>

---------

Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
2024-07-20 17:14:18 +00:00
..
clients
refactor(connlib): deal with resources one at a time (#5886)
2024-07-18 04:59:12 +00:00
shared
feat(connlib): add placeholder for Internet Resource (#5900)
2024-07-18 04:28:02 +00:00
snownet
test(connlib): generate all resources ahead of time (#5916)
2024-07-19 23:38:54 +00:00
tunnel
fix(connlib): only send DNS through tunnel if upstream DNS is configured (#5819)
2024-07-20 17:14:18 +00:00
.gitignore
android: update connlib dependency and integration (#1752)
2023-07-17 18:50:39 +00:00
README.md
chore(docs): Remove outdated rust/connlib/README.md info (#3099)
2024-01-03 18:10:52 +00:00

README.md

Connlib

Firezone's connectivity library shared by all clients.

Building Connlib

You shouldn't need to build connlib directly; it's typically built as a dependency of one of the other Firezone components. See READMEs in those directories for relevant instructions.

Reference in New Issue View Git Blame Copy Permalink