Thomas Eizinger
Thomas Eizinger
This pulls in the `windows` crate which takes notoriously long to compile. We already depend on it in 4 different versions. Whilst this particular change does not remove one of...
Currently, the NAT table in the gateway can only route ICMP requests and replies but not ICMP error messages. The error messages don't contain an identifier and can thus not...
For the actual `wireguard` logic, we depend on https://github.com/cloudflare/boringtun. Unfortunately, the repository isn't very well maintained. PRs and issues opened long ago don't receive any attention, see https://github.com/cloudflare/boringtun/issues/391 for example....
With #5049, we are more explicitly modelling connlib's DNS handling using a `StubResolver`. The `StubResolver` looks at every incoming packet and, in case it is a DNS query for one...
Once https://github.com/firezone/firezone/pull/3682 is merged, the events emitted by `firezone_tunnel` are consumed within an eventloop for both client and gateway. We can massively simplify this by moving this eventloop into the...
The goal is to reduce the number of libraries we depend on and avoid conversions between different types. `hickory-proto` does **not** have an API that parses a DNS message without...
Connlib utilises ICE, STUN & TURN to reliably establish a connection between client and gateway. This is achieved by creating candidates from local socket addresses and remote-allocated relay addresses and...
Currently, `phoenix-channel` will reconnect in the background if the portal connection fails and there is no way for the client application to known that we aren't connected to the portal....
When receiving a connection request for a DNS resource, the gateway will first resolve the domain name and only then respond with the ICE credentials needed by the client to...