github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bf95dc45a307bb85329328e4382f49626335bfce
firezone/rust/connlib
History
Thomas Eizinger bae38ec345 feat(connlib): add HTTP2 client with pluggable sockets (#10788) 
Firezone's ability to tunnel all traffic on a particular Client (i.e.
the Internet Resource) means we have to ensure that traffic originating
from within the Firezone process does not get routed back into the
tunnel. On MacOS and iOS, this is automatically taken care of for us. On
all other platforms, we need to take steps to prevent these routing
loops.

This functionality is abstracted away using our `SocketFactory`. A
socket created with such a factory is guaranteed to route its traffic
outside of the tunnel. These sockets are used for the WebSocket
connection to the portal, as well as for recursive UDP and TCP DNS
queries.

In order to support DoH, we need to also be able to send HTTPS requests
without causing packet loops.

This PR adds a new crate `http-client` that does exactly that. It
composes together `hyper` and `rustls` such that the configured
`SocketFactory` is used to create the TCP socket for the underlying
HTTP2 connection. Consequently, HTTPS requests made with this library
will automatically be routed outside of the tunnel, assuming the
`SocketFactory` is adequately configured.

Right now, this crate just stands by itself. It will be integrated into
connlib at a later point.

Resolves: #10774
Related: #4668 
Related: #10272
2025-11-04 08:17:59 +00:00
..
bufferpool
build(deps): upgrade to opentelemetry 0.30 (#10239)
2025-08-21 22:47:39 +00:00
dns-over-tcp
chore: enable lints in dns-over-tcp (#10762)
2025-10-30 06:39:51 +00:00
dns-types
feat(clients): cache DNS responses (#10533)
2025-10-08 03:26:27 +00:00
etherparse-ext
refactor(rust): move crates into a more sensical hierarchy (#9066)
2025-05-12 01:04:17 +00:00
http-client
feat(connlib): add HTTP2 client with pluggable sockets (#10788)
2025-11-04 08:17:59 +00:00
ip-packet
feat(gateway): add flow-logs MVP (#10576)
2025-10-22 03:10:21 +00:00
l3-tcp
test(connlib): establish real TCP connections in proptests (#9814)
2025-07-11 15:10:22 +00:00
l3-udp-dns-client
feat(connlib): introduce l3-udp-dns-client (#10764)
2025-11-03 17:04:19 +00:00
l4-tcp-dns-server
refactor(connlib): allow creating multiple layer 4 DNS servers (#10763)
2025-11-04 03:45:49 +00:00
l4-udp-dns-server
refactor(connlib): allow creating multiple layer 4 DNS servers (#10763)
2025-11-04 03:45:49 +00:00
model
feat(connlib): always use candidates in order of priority (#10063)
2025-08-01 01:57:29 +00:00
phoenix-channel
build(rust): bump to Rust 1.91.0 (#10767)
2025-11-03 01:56:12 +00:00
snownet
build(rust): bump to Rust 1.91.0 (#10767)
2025-11-03 01:56:12 +00:00
socket-factory
chore(connlib): tune INFO logs (#10677)
2025-10-22 23:47:55 +00:00
tun
fix(connlib): log fragmented IP packets on debug (#10488)
2025-10-02 05:03:12 +00:00
tunnel
refactor(connlib): allow creating multiple layer 4 DNS servers (#10763)
2025-11-04 03:45:49 +00:00
.gitignore
android: update connlib dependency and integration (#1752)
2023-07-17 18:50:39 +00:00
README.md
chore(docs): Remove outdated rust/connlib/README.md info (#3099)
2024-01-03 18:10:52 +00:00

README.md

Connlib

Firezone's connectivity library shared by all clients.

Building Connlib

You shouldn't need to build connlib directly; it's typically built as a dependency of one of the other Firezone components. See READMEs in those directories for relevant instructions.

Reference in New Issue View Git Blame Copy Permalink