Gabi
> 👍 for removing the compatibility layer in the rust too. And acceptance tests fail for some reason.. we need to update the field naming in rust too, will push...
We will need to consider issues related to tunnel-over-tunnel. Ref: #3150
## Current approach to DNS resources 1. Client makes DNS query for a resource. 1. DNS resolution is requested to the gateway along with access 1. Assuming that the portal...
> Would this solution work for two DNs resources with the same port filters for both of them? And what if port filter rule for those is more than half...
> But how do you distinguish when two port ranges overlap for the same IP but different resources? If they are different resources the daddr would be different, so we...
> But how do you distinguish when two port ranges overlap for the same IP but different resources? Also, I think we're not going to go with this approach for...
Seems like the portal is currently not sending ICMP filtering rules cc @AndrewDryga
Same for "Permit All" the `filter` field seems to come empty. We could assume that an empty filter means "allow all" but doesn't seem like the best way to go.
> > Or you mean for incoming traffic? I think we do only egress filtering > > I was thinking that if you will use `(dport, daddr, saddr)` for routing...
Continuing the discussion here https://github.com/firezone/firezone/pull/4779#discussion_r1578917575 Let's say there are 2 overlapping CIDR resources on the client with different port filter rules `10.0.0.0/24` -> `TCP/80` `10.0.0.0/16` -> `TCP/443` Right now the...