Release notes
This release brings support to persistent network route selection across client restarts and fixes network access control policy rules to account for peers in source groups.
Enhancements:
Persistent network route selection
This feature is handy for users who want to maintain a specific network route selection across client restarts. The client will now remember the network routes selected before the restart and apply them after the restart.
Bug fixes:
Account different policy rules for route firewall rules
The network access control policy rules now account for peers in source groups. This fix ensures that the rules are correctly applied to the network routes.
What's Changed
- [misc] Update Caddyfile and Docker Compose to support HTTP3 #2822
- [client] Refactor initial Relay connection #2800
- [client] Don't return error in userspace mode without firewall when setting legacy #2924
- [client] Test nftables for incompatible iptables rules #2948
- [client] Set up sysctl and routing table name only if routing rules are available #2933
- [client] Allow routing to fallback to exclusion routes if rules are not supported #2909
- [client] Code cleaning in net pkg #2932
- [client] Unspecified address: default NetworkTypeUDP4+NetworkTypeUDP6 #2804
- [client] Add pprof build tag #2964
- [client] Persist route selection #2810
- [client] Add state file to debug bundle #2969
- [client] Fix debug bundle state anonymization test #2976
- [client] Pass IP instead of net to Rosenpass #2975
- [client] Get static system info once #2965
- [client] Add netbird.err and netbird.out to debug bundle #2971
- [client] Add network map to debug bundle #2966
- [client] Don't choke on non-existent interface in route updates #2922
- [client] Add state handling cmdline options #2821
- [management] Refactor posture check to use store methods #2874
- [management] Refactor policy to use store methods #2878
- [management] Refactor DNS settings to use store methods #2883
- [management] Refactor nameserver groups to use store methods #2888
- [management] refactor to use account object instead of separate db calls for peer update #2957
- [management] Add performance test for login and sync calls #2960
- [management] Add guide when signing key is not found #2942
- [management] Account different policy rules for route firewall rules #2939
- [management] Add missing parentheses on iphone hostname generation condition #2977
- [management] merge update account peers in sync call #2978
Big thanks to our new Contributors
- @v1rusnl made their first contribution in #2822
- @victorserbu2709 made their first contribution in #2804
- @jnohlgard made their first contribution in #2977