mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
9b85034b0c
Bumps [etherparse](https://github.com/JulianSchmid/etherparse) from 0.17.0 to 0.19.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/JulianSchmid/etherparse/releases">etherparse's releases</a>.</em></p> <blockquote> <h2>v0.19.0 Add basic ICMPv6 Neighbor Discovery Support</h2> <h2>What's Changed</h2> <ul> <li>feat: add ICMPv6 neighbour solicitation by <a href="https://github.com/thomaseizinger"><code>@thomaseizinger</code></a> in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/129">JulianSchmid/etherparse#129</a></li> <li>Minor fixups for ICMPv6 NeighborSolicitation & NeighborAdvertisement & Add RouterSolicitation & RouterAdvertisement & Redirect by <a href="https://github.com/JulianSchmid"><code>@JulianSchmid</code></a> in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/130">JulianSchmid/etherparse#130</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/thomaseizinger"><code>@thomaseizinger</code></a> made their first contribution in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/129">JulianSchmid/etherparse#129</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/JulianSchmid/etherparse/compare/v0.18.2...v0.19.0">https://github.com/JulianSchmid/etherparse/compare/v0.18.2...v0.19.0</a></p> <h2>v0.18.2 Add core::error::Error implementation to non_std build</h2> <h2>What's Changed</h2> <ul> <li>Implement core::error::Error for the error types by <a href="https://github.com/xyzzyz"><code>@xyzzyz</code></a> in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/127">JulianSchmid/etherparse#127</a></li> <li>Increment version 0.18.2 by <a href="https://github.com/JulianSchmid"><code>@JulianSchmid</code></a> in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/128">JulianSchmid/etherparse#128</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xyzzyz"><code>@xyzzyz</code></a> made their first contribution in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/127">JulianSchmid/etherparse#127</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/JulianSchmid/etherparse/compare/v0.18.1...v0.18.2">https://github.com/JulianSchmid/etherparse/compare/v0.18.1...v0.18.2</a></p> <h2>v0.18.1 Add LaxPacketHeader:: from_linux_sll</h2> <h2>What's Changed</h2> <ul> <li>Add from_linux_sll for LaxPacketHeaders by <a href="https://github.com/shu-kitamura"><code>@shu-kitamura</code></a> in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/125">JulianSchmid/etherparse#125</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/shu-kitamura"><code>@shu-kitamura</code></a> made their first contribution in <a href="https://redirect.github.com/JulianSchmid/etherparse/pull/125">JulianSchmid/etherparse#125</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/JulianSchmid/etherparse/compare/v0.18.0...v0.18.1">https://github.com/JulianSchmid/etherparse/compare/v0.18.0...v0.18.1</a></p> <h2>v0.18.0 MACsec Support & ECN+DSCP Support for IPv6</h2> <h2>What are the major changes?</h2> <ul> <li>Support for MACsec (IEEE 802.1AE)</li> <li>The <code>vlan</code> field in <code>SlicedPacket</code>, <code>LaxSlicedPacket</code>, <code>PacketHeaders</code>, <code>LaxPacketHeaders</code> has been replaced with <code>link_exts</code>.</li> <li><code>Ipv4Ecn</code> & <code>Ipv4Dscp</code> have been replaced by <code>IpEcn</code> & <code>IpDscp</code>.</li> <li><code>Ipv6Header</code> & <code>Ipv6HeaderSlice</code> now supports the reading & setting of <code>IpEcn</code> & <code>IpDscp</code> (thanks to <a href="https://github.com/baxterjo"><code>@baxterjo</code></a>)</li> <li><code>LaxEtherPayloadSlice</code> has been introduced & <code>len_source</code> added to <code>EtherPayloadSlice</code>.</li> <li><code>source_addr()</code> & <code>destination_addr()</code> methods of <code>IpSlice</code>, <code>Ipv4HeaderSlice</code>, <code>Ipv6Header</code>, <code>Ipv6HeaderSlice</code>, <code>LaxIpSlice</code> are now available in non-std mode (thanks to <a href="https://github.com/Dominaezzz"><code>@Dominaezzz</code></a>)</li> <li>Minimum supported Rust version as been configured to 1.83.0 (thanks to <a href="https://github.com/baxterjo"><code>@baxterjo</code></a>)</li> </ul> <h3>What is MACsec (IEEE 802.1AE)?</h3> <p>MACsec is a protocol that allows the signing and/or encryption of packet contents from the link layer downwards. The main difference between MACsec and IPSec is that IPSec is located after the IP header while MACsec is located above the IP header and can also encrypt the contents of the IP header itself while IPSSec does not encrypt the IP header. As such MACsec is usually used to secure local networks, while IPSec is more commonly used for VPNs and alike that leave the local network.</p> <h3>Changes needed for MACsec Support</h3> <p>Adding MACsec support required some breaking changes, specifically on how VLAN headers are handled. The MACsec SECTAG is a header that can be present in the same locations as "VLAN" headers. It has no fixed position and can be located before or after VLAN headers or after the Ethernet 2 header without a VLAN header being present at all. This invalidates the assumption <code>etherparse</code> had in previous versions that VLAN headers are always directly located after the Ethernet2 header and that if there are multiple VLAN headers that they are directly located after each other. Now there could be a MACsec header present in between VLAN headers.</p> <p>To support the different combinations of MACSec & VLAN headers the <code>vlan</code> field in <code>SlicedPacket</code>, <code>PacketHeaders</code>, <code>LaxSlicedPacket</code> & <code>LaxPacketHeaders</code> has been replaced with a <code>link_exts</code> field that can contain up to three "link extensions":</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="b76f71ac3e"><code>b76f71a</code></a> Update version to 0.19.0 for etherparse</li> <li><a href="9fd5758f78"><code>9fd5758</code></a> Merge pull request <a href="https://redirect.github.com/JulianSchmid/etherparse/issues/130">#130</a> from JulianSchmid/coverage-fixups</li> <li><a href="cd9266d03f"><code>cd9266d</code></a> Add Router & Redirect ICMPv6 messages</li> <li><a href="e50e502898"><code>e50e502</code></a> Renamed neighbour_discovery.rs to neighbor_advertisement_header.rs</li> <li><a href="46b4dfbfcf"><code>46b4dfb</code></a> Further tests for coverage</li> <li><a href="d821f04435"><code>d821f04</code></a> Further tests for coverage</li> <li><a href="454c35c271"><code>454c35c</code></a> Increment version to 0.19.0</li> <li><a href="79b915aa2d"><code>79b915a</code></a> Minor fixups for ICMPv6</li> <li><a href="9e967ba879"><code>9e967ba</code></a> Merge pull request <a href="https://redirect.github.com/JulianSchmid/etherparse/issues/129">#129</a> from thomaseizinger/feat/icmpv6-neighbour-soliciation</li> <li><a href="e59fc8498b"><code>e59fc84</code></a> Add ICMPv6 neighbour solicitation</li> <li>Additional commits viewable in <a href="https://github.com/JulianSchmid/etherparse/compare/v0.17.0...v0.19.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Rust development guide
Firezone uses Rust for all data plane components. This directory contains the Linux and Windows clients, and low-level networking implementations related to STUN/TURN.
We target the last stable release of Rust using rust-toolchain.toml.
If you are using rustup, that is automatically handled for you.
Otherwise, ensure you have the latest stable version of Rust installed.
Reading Client logs
The Client logs are written as JSONL for machine-readability.
To make them more human-friendly, pipe them through jq like this:
cd path/to/logs # e.g. `$HOME/.cache/dev.firezone.client/data/logs` on Linux
cat *.log | jq -r '"\(.time) \(.severity) \(.message)"'
Resulting in, e.g.
2024-04-01T18:25:47.237661392Z INFO started log
2024-04-01T18:25:47.238193266Z INFO GIT_VERSION = 1.0.0-pre.11-35-gcc0d43531
2024-04-01T18:25:48.295243016Z INFO No token / actor_name on disk, starting in signed-out state
2024-04-01T18:25:48.295360641Z INFO null
Benchmarking on Linux
The recommended way for benchmarking any of the Rust components is Linux' perf utility.
For example, to attach to a running application, do:
- Ensure the binary you are profiling is compiled with the
releaseprofile. sudo perf record -g --freq 10000 --pid $(pgrep <your-binary>).- Run the speed test or whatever load-inducing task you want to measure.
sudo perf script > profile.perf- Open profiler.firefox.com and load
profile.perf
Instead of attaching to a process with --pid, you can also specify the path to executable directly.
That is useful if you want to capture perf data for a test or a micro-benchmark.