mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
e490de7729
ICMP errors like "Destination unreachable" can be sent by both ends of a network connection. For DNS resources, handling these packets requires special care as we also need to translate the failed packet embedded within these ICMP messages such that the recipient can correctly relate them to the network socket that has sent the original packet. We do this for inbound ICMP errors already to alert the Client of e.g. unreachable paths such as unreachable IPv6 networks. Outbound ICMP errors, that is, ICMP errors generated by the Client for a packet sent by a resource are currently not handled and result in warnings such as: > Failed to translate outbound packet: Unsupported ICMPv4 type: DestinationUnreachable(Port) Whilst it is possible to correctly handle and translate these packets, doing so requires a fair amount of work and changes to a very critical part of the Gateway. As such, we simply drop these packets for now as "unroutable packets" which downgrades their log level to DEBUG. Resolves: #10983