nebula

personal_interest_mirrors/nebula

Fork 0

mirror of https://github.com/slackhq/nebula.git synced 2025-12-30 02:28:27 +01:00

Commit Graph

Select branches

Hide Pull Requests

add-http-pprof

batched-path

botched-path

cert-v2-more-todo

cert-v2-reloads-with-relay-stuff

changelog-v1.9.7

channels

channels-batching

channels-sendmmsg-batching

channels-spicy

channels2

channels_and_minimal_gsogro

cross-stack-relay

cross-stack-relay-overlaps

dependabot/github_actions/actions/download-artifact-7

dependabot/github_actions/actions/upload-artifact-6

dependabot/go_modules/github.com/miekg/dns-1.1.69

dependabot/go_modules/golang-x-dependencies-9ef65289e0

dependabot/go_modules/protobuf-dependencies-00e33601bf

fips140

firewall-forward-table

interface-hooks

io-uring-gso-gro-offtherails

jay.wren-dns-ctx

jay.wren-lint

jay.wren-maybe-ipv4-6-fix

jay.wren-wireguard-tun

jay.wren-wireguard-tun-2

make-boringcrypto-checklinkname

master

master-1-9-tag

multiport

mutex-debug

no-exit

prometheus-static-labels

psk

psk-v2

release-1.9

release-1.9-hostmap-networks-fix

remove-olddead-tunnels

stinkier

stinky

synctrace

tun-name-template

update-lh-on-netlink-addr

vhost

windows_udp_buffer_setting

#1

#10

#100

#1002

#1003

#1004

#1006

#1010

#1012

#1013

#1017

#102

#1021

#1022

#1023

#1024

#1026

#1027

#1028

#103

#1030

#1032

#1034

#1035

#1036

#1037

#1038

#1039

#1043

#1044

#1045

#1046

#1047

#1048

#1049

#105

#1053

#1054

#1055

#1057

#1058

#1059

#106

#1063

#1065

#1067

#1069

#107

#1071

#1072

#1075

#1077

#1081

#1083

#1085

#1086

#1087

#1090

#1091

#1092

#1093

#1094

#1098

#1099

#1108

#1109

#1110

#1111

#1112

#1114

#1115

#1116

#1123

#1126

#1127

#1128

#1129

#113

#1132

#1133

#1134

#1135

#1137

#1138

#1139

#114

#1141

#1141

#1146

#1147

#1148

#1150

#1151

#1152

#1153

#1154

#1155

#1156

#1160

#1161

#1162

#1163

#1164

#1166

#1166

#1167

#1168

#117

#1171

#1173

#1174

#1176

#1177

#1178

#1179

#1179

#1181

#1184

#1185

#1186

#1188

#119

#1190

#1191

#1194

#1195

#1196

#1197

#1198

#1199

#120

#1200

#1201

#1202

#1203

#1204

#1206

#1208

#121

#1210

#1211

#1212

#1213

#1214

#1214

#1216

#1218

#1219

#122

#1223

#1224

#1226

#1228

#1231

#1233

#1237

#1239

#124

#1242

#1243

#1244

#1245

#1249

#125

#1250

#1251

#1252

#1253

#1256

#1257

#1258

#1259

#1260

#1261

#1262

#1264

#1265

#1266

#1267

#1268

#1270

#1271

#1272

#1273

#1274

#1275

#1275

#1276

#1277

#1278

#1279

#1280

#1281

#1282

#1285

#1289

#1291

#1293

#1294

#1295

#1297

#1298

#1299

#1302

#1303

#1308

#1309

#1310

#1311

#1316

#1318

#1319

#1320

#1321

#1323

#1324

#1324

#1326

#1329

#133

#1330

#1331

#1332

#1337

#1337

#1338

#1339

#1340

#1341

#1342

#1343

#1344

#1345

#1346

#1347

#1350

#1351

#1353

#1356

#1357

#1357

#1358

#1358

#1359

#1361

#1362

#1363

#1364

#1365

#1369

#1370

#1371

#1372

#1373

#1374

#1375

#1375

#1376

#1378

#138

#1381

#1382

#1383

#1384

#1386

#1389

#139

#1390

#1390

#1391

#1392

#1393

#1394

#1395

#1399

#1400

#1401

#1403

#1404

#1405

#1406

#1407

#1408

#1409

#141

#1410

#1412

#1413

#1414

#1415

#1416

#1416

#1417

#1417

#1419

#1421

#1422

#1423

#1426

#1427

#1428

#1431

#1432

#1433

#1434

#1435

#1437

#1438

#1441

#1442

#1443

#1444

#1448

#1449

#1450

#1451

#1453

#1457

#1457

#1459

#146

#1463

#1464

#1465

#1465

#1466

#1467

#1468

#1469

#1470

#1471

#1472

#1473

#1476

#1477

#1478

#1481

#1482

#1483

#1487

#1487

#1488

#149

#1491

#1492

#1493

#1494

#1495

#1496

#1496

#1497

#1498

#1498

#1499

#15

#150

#1501

#1502

#1503

#1503

#1505

#1506

#1507

#1507

#1508

#1509

#151

#1510

#1512

#1513

#1514

#1515

#1516

#1518

#1520

#1521

#1522

#1523

#1524

#1524

#1525

#1526

#1527

#1527

#153

#1530

#1531

#1532

#1533

#1534

#1535

#1536

#1537

#1538

#1539

#1541

#1544

#1547

#1549

#155

#1550

#1552

#1555

#1556

#1556

#1557

#1557

#1558

#1558

#1559

#1559

#1560

#1560

#1561

#1561

#16

#163

#165

#166

#167

#17

#170

#177

#179

#181

#183

#184

#186

#187

#188

#189

#191

#192

#195

#196

#197

#198

#2

#200

#202

#205

#209

#21

#210

#211

#213

#215

#216

#217

#219

#22

#220

#225

#23

#230

#231

#233

#234

#236

#239

#240

#244

#245

#246

#247

#248

#249

#252

#253

#255

#257

#257

#258

#260

#261

#262

#263

#264

#265

#266

#267

#268

#269

#270

#272

#275

#277

#279

#28

#284

#285

#287

#288

#289

#29

#292

#293

#296

#297

#299

#3

#30

#302

#303

#305

#31

#310

#312

#317

#320

#321

#323

#324

#325

#329

#330

#331

#339

#340

#342

#344

#345

#346

#35

#350

#350

#351

#355

#357

#367

#369

#37

#370

#373

#374

#374

#375

#378

#381

#382

#383

#385

#386

#387

#388

#39

#390

#391

#392

#394

#395

#396

#399

#400

#401

#402

#404

#405

#406

#408

#409

#41

#410

#411

#412

#413

#414

#415

#416

#417

#418

#419

#421

#423

#424

#425

#426

#427

#428

#429

#43

#430

#431

#433

#437

#438

#439

#44

#440

#441

#442

#443

#444

#445

#446

#447

#448

#449

#450

#451

#452

#453

#456

#457

#458

#459

#460

#461

#462

#463

#464

#465

#466

#47

#471

#472

#473

#474

#48

#481

#482

#483

#489

#49

#491

#494

#497

#501

#503

#505

#506

#507

#510

#511

#514

#522

#523

#530

#530

#531

#531

#532

#533

#535

#537

#540

#541

#542

#547

#548

#549

#550

#551

#552

#553

#56

#561

#563

#564

#566

#567

#571

#572

#574

#575

#576

#577

#578

#579

#58

#580

#581

#582

#583

#586

#587

#590

#592

#595

#596

#598

#599

#60

#602

#603

#604

#606

#607

#61

#610

#611

#612

#613

#614

#615

#615

#616

#617

#618

#626

#627

#630

#638

#641

#648

#649

#650

#653

#655

#656

#658

#659

#662

#662

#664

#67

#670

#673

#674

#675

#677

#678

#679

#679

#68

#684

#685

#687

#688

#691

#692

#693

#696

#700

#701

#702

#703

#711

#716

#719

#721

#722

#725

#726

#728

#729

#735

#736

#737

#738

#739

#74

#741

#742

#746

#747

#748

#750

#751

#752

#753

#757

#758

#759

#762

#763

#767

#768

#768

#769

#77

#771

#772

#775

#78

#780

#782

#783

#787

#788

#789

#79

#790

#791

#792

#793

#794

#796

#80

#802

#803

#804

#805

#807

#808

#81

#811

#812

#815

#82

#820

#821

#824

#825

#827

#828

#83

#830

#831

#833

#835

#837

#838

#839

#840

#842

#843

#844

#845

#849

#851

#854

#855

#856

#857

#858

#859

#860

#861

#863

#864

#865

#866

#866

#867

#868

#869

#87

#870

#871

#873

#877

#878

#879

#88

#881

#882

#886

#887

#89

#891

#900

#901

#903

#905

#91

#912

#913

#913

#916

#919

#922

#923

#924

#925

#926

#927

#928

#929

#930

#931

#932

#933

#934

#935

#938

#94

#940

#941

#943

#946

#947

#948

#949

#950

#952

#953

#954

#955

#957

#958

#961

#964

#965

#967

#968

#969

#97

#972

#976

#977

#979

#98

#981

#984

#985

#987

#988

#989

#99

#990

#996

#999

v1.0.0

v1.1.0

v1.10.0

v1.2.0

v1.3.0

v1.4.0

v1.5.0

v1.5.2

v1.6.0

v1.6.1

v1.7.0

v1.7.1

v1.7.2

v1.8.0

v1.8.1

v1.8.2

v1.9.0

v1.9.1

v1.9.2

v1.9.3

v1.9.4

v1.9.5

v1.9.6

v1.9.7

4603b5b2dd fix PromoteEvery check (#424) Wade Simmons 2021-03-26 15:01:05 -04:00
a71541fb0b export build version as a prometheus label (#405) Wade Simmons 2021-03-26 14:16:35 -04:00
3ea7e1b75f Don't use a global logger (#423) Nathan Brown 2021-03-26 09:46:30 -05:00
7a9f9dbded Don't craft buffers if we don't need them (#416) Nathan Brown 2021-03-22 18:25:06 -05:00
7073d204a8 IPv6 support for outside (udp) (#369) Nathan Brown 2021-03-18 20:37:24 -05:00
9e94442ce7 Add fedora dist files. (#413) Joe Doss 2021-03-18 14:33:43 -05:00
13471f5792 Remove obsolete systemd unit settings. (#412) Joe Doss 2021-03-18 14:29:36 -05:00
b6c6b96c79 also darwin windows_udp_buffer_setting Ryan Huber 2021-03-17 18:21:42 -05:00
6dea7760cb *WIP* this is just test code but works to increase throughput on windows significantly. the default windows buffers are 8192KB which is :( Ryan Huber 2021-03-17 17:57:05 -05:00
ea07a89cc8 Ensure mutex is unlocked when adding remote IP. (#406) Thomas Roten 2021-03-16 12:41:35 -04:00
3aaaea6309 don't allow a useless handshake with yourself (#402) Ryan Huber 2021-03-15 12:58:23 -07:00
5506da3de9 Fix selection of UDP remote to use during stage2 (#404) Wade Simmons 2021-03-12 21:43:24 -05:00
6c55d67f18 Refactor handshake_ix (#401) Wade Simmons 2021-03-12 14:16:25 -05:00
64d8035d09 fix race in getOrHandshake (#400) Wade Simmons 2021-03-09 09:27:02 -05:00
73a5ed90b2 Do not allow someone to run a nebula lighthouse with an ephemeral port (#399) Ryan Huber 2021-03-08 12:42:06 -08:00
d604270966 Fix most known data races (#396) Wade Simmons 2021-03-05 21:18:33 -05:00
29c5f31f90 Add a check in the makefile to ensure a minimum version of go is installed (#383) Nathan Brown 2021-03-02 13:29:05 -06:00
b6234abfb3 Add a way to trigger punch backs via lighthouse (#394) Nathan Brown 2021-03-01 19:06:01 -06:00
2a4beb41b9 Routine-local conntrack cache (#391) Wade Simmons 2021-03-01 19:52:17 -05:00
d232ccbfab add metrics for the udp sockets using SO_MEMINFO (#390) Wade Simmons 2021-03-01 19:51:33 -05:00
ecfb40f29c Fix osx for mq changes, this does not implement mq on osx (#395) Nathan Brown 2021-03-01 15:57:05 -06:00
1bae5b2550 more validation in pending hostmap deletes (#344) Wade Simmons 2021-03-01 12:40:46 -05:00
73081d99bc add make smoke-docker (#287) Wade Simmons 2021-03-01 11:15:15 -05:00
e7e6a23cde fix a few typos (#302) Tim Rots 2021-03-01 17:14:34 +01:00
a0583ebdca tun_disabled: reply to ICMP Echo Request (#342) Wade Simmons 2021-03-01 11:09:41 -05:00
27d9a67dda Proper multiqueue support for tun devices (#382) Wade Simmons 2021-02-25 15:01:14 -05:00
2bce222550 List possible cipher options in example config (#385) John Maguire 2021-02-19 22:46:42 -05:00
3dd1108099 Go 1.16 and darwin-arm64 (#381) Wade Simmons 2021-02-17 13:11:57 -05:00
d4b81f9b8d Add QR code support to nebula-cert (#297) Nathan Brown 2021-02-11 18:53:25 -06:00
454bc8a6bb Check certificate banner during nebula-cert print (#373) brad-defined 2021-02-05 15:52:32 -05:00
ce9ad37431 fix regression with LightHouseHandler and punchBack (#346) Wade Simmons 2020-11-25 17:49:26 -05:00
ee7c27093c add HostMap.RemoteIndexes (#329) Wade Simmons 2020-11-23 14:51:16 -05:00
2e7ca027a4 Lighthouse handler optimizations (#320) Wade Simmons 2020-11-23 14:50:01 -05:00
672ce1f0a8 Move slice allocations in connection manager monitor loop (#340) mhp 2020-11-19 15:44:05 -08:00
384b1166ea fix panic in UnmarshalNebulaCertificate (#339) Wade Simmons 2020-11-19 08:44:54 -05:00
0389596f66 don't mark handshake packets as "lost" (#331) Wade Simmons 2020-11-16 14:03:08 -05:00
43a3988afc i don't think this is used at all anymore (#323) Ryan Huber 2020-10-29 20:43:50 -05:00
5c23676a0f Added line to systemd config template to start Nebula before sshd (#317) Brian Kelly 2020-10-29 21:43:02 -04:00
f6d0b4b893 Update README for supported platforms (#312) Nathan Brown 2020-10-12 13:11:32 -05:00
db11e2f1af Revert "smoke test" interface-hooks Dave Russell 2020-10-03 00:09:18 +10:00
2ee428b067 Hook send should use a code path that actually firewalls Dave Russell 2020-10-02 23:42:20 +10:00
e9657d571e control->Send: Also set the src port Dave Russell 2020-10-02 22:25:31 +10:00
3cebf38504 The custom message packet sender needs a dest port Dave Russell 2020-10-02 20:46:08 +10:00
ae3ee42469 Provide hooks for custom message packet handlers Dave Russell 2020-09-28 22:31:16 +10:00
fa034a6d83 smoke test Dave Russell 2020-09-27 22:43:24 +10:00
55d72ac46f Tighten up the inside handlers with a bit of DRY Dave Russell 2020-09-27 22:37:20 +10:00
2c931d5691 Move inside packet handlers into map Dave Russell 2020-09-27 22:04:14 +10:00
0d6b55e495 Bring in the new version of kardianos/service and output logfiles on osx (#303) Ryan Huber 2020-09-24 15:34:08 -07:00
c71c84882e v1.3.0 (#268) v1.3.0 Wade Simmons 2020-09-22 12:21:12 -04:00
0010db46e4 Fix a data race on message counter (#284) Darren Hoo 2020-09-22 09:41:46 +08:00
68e3e84fdc More like a library (#279) Nathan Brown 2020-09-18 09:20:09 -05:00
6238f1550b Handle panic when invalid IP entered in sshd (#296) Brian Luong 2020-09-18 07:10:25 -07:00
50b04413c7 Block nebula ssh server from listening on port 22 (#266) forfuncsake 2020-09-15 23:57:32 +10:00
ef498a31da Add disable_timestamp option (#288) CzBiX 2020-09-09 19:42:11 +08:00
2e5a477a50 Align linux UDP performance optimizations with configuration (#275) forfuncsake 2020-08-13 08:24:05 +10:00
32fe9bfe75 Use Go 1.15 (#277) Wade Simmons 2020-08-12 16:16:21 -04:00
9b8b3c478b Support startup without a tun device (#269) forfuncsake 2020-08-10 23:15:55 +10:00
7b3f23d9a1 Start nebula after the network is up (#270) Michael Hardy 2020-08-07 09:33:48 -07:00
25964b54f6 Use inclusive terminology for cert blocking (#272) forfuncsake 2020-08-06 11:17:47 +10:00
ac557f381b drop unroutable packets (#267) Wade Simmons 2020-08-04 22:59:04 -04:00
a54f3fc681 fix fast handshake trigger for static hosts (#265) Wade Simmons 2020-08-02 20:59:50 -04:00
5545cff6ef log remote certificate fingerprint on handshakes (#262) Alan Lam 2020-07-31 15:54:51 -07:00
f3a6d8d990 Preserve conntrack table during firewall rules reload (SIGHUP) (#233) Wade Simmons 2020-07-31 18:53:36 -04:00
9b06748506 Make Interface.Inside an interface type (#252) forfuncsake 2020-07-28 22:53:16 +10:00
4756c9613d trigger handshakes when lighthouse reply arrives (#246) Wade Simmons 2020-07-22 10:35:10 -04:00
4645e6034b Fix up the tun for android (#249) Nathan Brown 2020-07-01 10:20:52 -05:00
aba42f9fa6 enforce the use of goimports (#248) Wade Simmons 2020-06-30 18:53:30 -04:00
41578ca971 Be more like a library to support mobile (#247) Nathan Brown 2020-06-30 13:48:58 -05:00
1ea8847085 linux: set advmss correctly when route MTU is used (#245) Wade Simmons 2020-06-26 13:47:21 -04:00
55858c64cc smoke test: test firewall inbound / outbound (#240) Wade Simmons 2020-06-26 13:46:51 -04:00
e94c6b0125 mips-softfloat (#231) Wade Simmons 2020-06-26 13:46:23 -04:00
b37a91cfbc add meta packet statistics (#230) Wade Simmons 2020-06-26 13:45:48 -04:00
3212b769d4 fix typo in conntrack section in examples/config.yml (#236) David Sonder 2020-06-26 18:08:22 +02:00
ecf0e5a9f6 drop packets even if we aren't going to emit Debug logs about it (#239) Patrick Bogen 2020-06-10 14:55:49 -07:00
ff13aba8fc allow go test -bench=. to run (#234) Wade Simmons 2020-05-27 16:52:34 -04:00
cc03ff9e9a Unbreak building for FreeBSD (#103) Mateusz Kwiatkowski 2020-05-27 04:23:23 +02:00
363c836422 log the reason for fw drops (#220) Patrick Bogen 2020-04-10 10:57:21 -07:00
fb252db4a1 v1.2.0 (#215) v1.2.0 Wade Simmons 2020-04-08 19:52:24 -04:00
4f6313ebd3 fix config name for {remote,local}_allow_list (#219) Wade Simmons 2020-04-08 16:20:12 -04:00
0a474e757b Add lighthouse.{remoteAllowList,localAllowList} (#217) Wade Simmons 2020-04-08 15:36:43 -04:00
7cd342c7ab Add a systemd unit for arch and a wireshark dissector (#216) Nathan Brown 2020-04-06 18:47:32 -07:00
7cdbb14a18 Better config test (#177) Wade Simmons 2020-04-06 14:35:32 -04:00
b4f2f7ce4e log certName alongside vpnIp (#200) Wade Simmons 2020-04-06 14:34:00 -04:00
ff64d1f952 unsafe_routes mtu (#209) Alex 2020-04-06 11:33:30 -07:00
9e2ff7df57 Correct typos in noise.go (#205) Felix Yan 2020-03-30 13:23:55 -05:00
1297090af3 add configurable punching delay because of race-condition-y conntracks (#210) Ryan Huber 2020-03-27 11:26:39 -07:00
add1b21777 only create a CIDRTree for each host if necessary (#198) Wade Simmons 2020-03-02 16:21:33 -05:00
1cb3201b5e Github Actions: cache modules and only run when necessary (#197) Wade Simmons 2020-03-02 16:21:19 -05:00
41968551f9 clarify that lighthouse IP should be nebula range (#196) Ryan Huber 2020-02-28 11:35:55 -08:00
8548ac3c31 build and test with go1.14 (#195) Wade Simmons 2020-02-27 15:48:39 -05:00
fb9b36f677 allow any config file name if specified directly (#189) Wade Simmons 2020-02-26 15:38:56 -05:00
4d1928f1e3 Support unsafe_routes on Windows (#184) Sebastien Bariteau 2020-02-26 15:23:16 -05:00
a91a40212d check that packet isn't bound for my vpn ip (#192) Ryan Huber 2020-02-21 16:49:54 -08:00
179a369130 add configuration options for HandshakeManager (#179) Wade Simmons 2020-02-21 16:25:11 -05:00
df69371620 use absolute paths on darwin and windows (#191) Wade Simmons 2020-02-21 15:25:33 -05:00
eda344d88f add logging.timestamp_format config option (#187) Wade Simmons 2020-02-21 15:25:00 -05:00
065e2ff88a update golang.org/x/crypto (#188) Wade Simmons 2020-02-20 14:49:55 -05:00
45a5de2719 Print the udp listen address on startup (#181) Nathan Brown 2020-02-06 21:17:43 -08:00
2d24ef7166 validate lighthouses and static hosts are in our subnet (#170) Wade Simmons 2020-01-20 15:52:55 -05:00
13941aa723 Prepare for 1.1.0 release. (#167) v1.1.0 Wade Simmons 2020-01-17 12:29:42 -05:00

... 6 7 8 9 10 ...