mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
53968063a5
Fixes #4488 ```[tasklist] # Before merging - [x] There's one call site that won't compile on Linux. Make this cross-platform. - [x] Does the rule get removed every time when you quit gracefully? - [x] Will this NRPT rule prevent connlib from re-resolving the portal IP if it needs to? - [x] Test network switching. Does this work worse, better, or the same? - [ ] Is the Windows DNS cache flushed exactly when it needs to be? ``` - After connlib connects to the portal, we add an NRPT rule asking Windows to send **all** DNS queries to our sentinels. This should also be called whenever the interface is re-configured, which might change the sentinel IPs - When exiting gracefully, we delete the rule to restore normal DNS behavior without having to back up and restore the other IPs - We also delete the rule at startup so that if Firezone crashes or misbehaves, restarting it should restore normal DNS - We also flush the system-wide DNS cache whenever we claim different routes. This may flush too often, and it may also miss some flushes that we should do. It needs double-checking. - There is still a gap when changing networks, DNS can leak there, but I don't think it's worse than before.
gui-client
This crate houses a GUI client for Linux and Windows.
Setup (Ubuntu)
To compile natively for x86_64 Linux:
- Install rustup
- Install pnpm
sudo apt-get install at-spi2-core gcc libwebkit2gtk-4.0-dev libssl-dev libgtk-3-dev libayatana-appindicator3-dev librsvg2-dev pkg-config xvfb
Setup (Windows)
To compile natively for x86_64 Windows:
- Install rustup
- Install pnpm
Recommended IDE Setup
(From Tauri's default README)
Building
Builds are best started from the frontend tool pnpm. This ensures typescript
and css is compiled properly before bundling the application.
See the package.json script for more details as to what's
going on under the hood.
# Builds a release exe
pnpm build
# Linux:
# The release exe and deb package are up in the workspace.
stat ../target/release/firezone
stat ../target/release/bundle/deb/*.deb
# Windows:
# The release exe and MSI installer should be up in the workspace.
# The exe can run without being installed
stat ../target/release/Firezone.exe
stat ../target/release/bundle/msi/Firezone_0.0.0_x64_en-US.msi
Running
From this dir:
# This will start the frontend tools in watch mode and then run `tauri dev`
pnpm dev
# You can call debug subcommands on the exe from this directory too
# e.g. this is equivalent to `cargo run -- debug hostname`
cargo tauri dev -- -- debug hostname
# The exe is up in the workspace
stat ../target/debug/Firezone.exe
The app's config and logs will be stored at
C:\Users\$USER\AppData\Local\dev.firezone.client.
Platform support
Ubuntu 20.04 and newer is supported.
Tauri says it should work on Windows 10, Version 1803 and up. Older versions may work if you manually install WebView2
x86_64 architecture is supported at this time. See
this issue for aarch64
support.
Threat model
See Security