Releases: netbirdio/netbird
v0.27.2
Changelog
- 3ed2f08 Add latency based routing (#1732)
- 4c83408 Add log-level to the management's docker service command (#1820)
- 90bd39c Log panics (#1818)
- dd0cf41 Auto restart Windows agent daemon service (#1819)
- 22b2caf Remove dns based cloud detection (#1812)
- c1f66d1 Retry macOS route command (#1817)
- ac0fe60 Fix routing issues with MacOS (#1815)
- c286577 Fix function names in comments (#1816)
- 1d1d057 Change the dashboard image pull from wiretrustee to netbirdio (#1804)
v0.27.1
v0.27.0
Changelog
- 3d2a237 Don't return errors on disallowed routes (#1792)
- 25f5f26 Timeout rule removing loop and catch IPv6 unsupported error in loop (#1791)
- bb0d5c5 Linux legacy routing (#1774)
- 7938295 Feature/exit nodes - Windows and macOS support (#1726)
- 9af532f Get scope from endpoint url instead of hardcoding (#1770)
- 23a1473 Fix grammar in readme (#1778)
v0.26.7
Contributors
Assets 43
v0.26.6
What's Changed
- Ignore "Address family not supported by protocol" errors by @lixmal in #1766
- Don't block on failed routing setup by @lixmal in #1768
- Update network security image by @braginini in #1765
Full Changelog: v0.26.5...v0.26.6
Contributors
Assets 43
v0.26.5
What's Changed
- Feature/peer validator by @pappz in #1553
- support to configure extra blacklist of iface in "up" command by @hoozecn in #1734
- Fix invalid token on peer login due to the cache race by @braginini in #1763
New Contributors
Full Changelog: v0.26.4...v0.26.5
Contributors
Assets 43
v0.26.4
What's Changed
- Update account attributes only when there is a domain by @mlsmaycon in #1701
- Remove deprecated Rules API endpoints by @surik in #1523
- Add support for inviting/deleting users via Zitadel by @synfinatic in #1572
- Disable force jsonfile variable by @mlsmaycon in #1611
- Unblock ACL apply filtering because of dns probes by @mlsmaycon in #1711
- Avoid creating duplicate groups with the same name by @braginini in #1579
- Validate authentik issuer url by @mlsmaycon in #1723
- Add missing dns domain to tests to avoid verbose test logs by @mlsmaycon in #1724
- Remove context niling by @lixmal in #1729
- Add latency checks to peer connection and status output by @pascal-fischer in #1725
- Feature/exit nodes - Linux support by @lixmal in #1667
- Change log level for JWT override message of single account mode by @pascal-fischer in #1747
- In meta info collect chassis serial by @pappz in #1748
- Add limited dashboard view by @pascal-fischer in #1738
New Contributors
- @synfinatic made their first contribution in #1572
Full Changelog: v0.26.3...v0.26.4
Contributors
Assets 43
v0.26.3
Release notes
New features
Peer session expiration notification
The NetBird client will notify users when they peer session expires.
For systems running the GUI client it will send a system notification similar to the example below:
And when there is no CLI running, the daemon service will notify all active terminal sessions as the example below:
Enhancements:
NetBird status command reports DNS server addresses and routes
The netbird status command now reports the DNS server addresses and routes for the peer. This information helps troubleshoot network connectivity issues and verify the network configuration. In the case of a routing client, it will link the active routes to the selected routing peers. See outputs below:
Daemon version: development
CLI version: development
Management: Connected
Signal: Connected
Relays: 2/2 Available
Nameservers: 2/3 Available
FQDN: vik-x1-7.netbird.stage
NetBird IP: 100.119.244.41/16
Interface type: Kernel
Quantum resistance: false
Routes: 20.0.0.0/8, 30.0.0.0/8
Peers count: 0/22 Connected
Peers detail:
ubuntu.netbird.stage:
NetBird IP: 100.119.181.187
Public key: +BRlYReQ5wtzZ/nFSwpc3/S+wyfonEtGo3Qr9KT4wTs=
Status: Connected
-- detail --
Connection type: P2P
Direct: true
ICE candidate (Local/Remote): host/srflx
ICE candidate endpoints (Local/Remote): 192.168.100.1:51820/1.2.3.4:51820
Last connection update: 2024-03-08 16:52:17
Last WireGuard handshake: 2024-03-08 16:52:17
Transfer status (received/sent) 316 B/292 B
Quantum resistance: false
Routes: 10.0.0.0/8
Daemon version: development
CLI version: development
Management: Connected to https://stageapi.wiretrustee.com:443
Signal: Connected to https://signal.stage.netbird.io:443
Relays:
[stun:api.netbird.io:3478] is Available
[turn:api.netbird.io:3478?transport=udp] is Available
Nameservers:
[8.8.8.8:53, 8.8.4.4:53] for [.] is Available
[10.72.0.10:53] for [svc.cluster.local] is Unavailable, reason: 1 error occurred:
* read udp 192.168.178.38:50445->10.72.0.10:53: i/o timeout
FQDN: vik-x1-7.netbird.stage
NetBird IP: 100.119.244.41/16
Interface type: Kernel
Quantum resistance: false
Routes: -
Peers count: 1/1 Connected
Custom service name in the NetBird service commands
In this version, we received a community contribution that allows custom service names to be configured when installing and managing daemon services. See examples below:
netbird service install --service netbird-custom
netbird service start --service netbird-custom
netbird service stop --service netbird-customBig thanks to @nazarewk for this contribution and all the work he is doing in maintaining the NetBird Nix packages up to date.
An additional connection retry mechanism
We have added an additional connection retry mechanism to the client, where even after the client exits its normal connectivity flow, it will try a new connection attempt every hour for 14 days. This is useful for clients that restart right at the moment of a Management service outage and for incorrect management responses that cause the client to exit its other layers of connectivity retries.
What's Changed
- Add reverse proxy settings to management.json template (#1639)
- Update bug-issue-report.md label (#1640)
- Add quotes to timestamp examples in openapi spec (#1642)
- Add open-source network security image (#1643)
- Enable review linter with exported docs check (#1647)
- Log version when starting management and signal (#1649)
- Fix cloud information not stored (#1651)
- Enhance DNS failover reliability (#1637)
- Send UI notification on peer session expiry (#1646)
- Register creation time for peer, user and account (#1654)
- Handle canceling schedule and avoid recursive call (#1636)
- Do not fail on virtualized windows systems (#1669)
- Return 1s when next expiration is too low (#1672)
- add ansible collections contributions (#1675)
- Send terminal notification on peer session expiry (#1660)
- Check for record not found when searching the store (#1686)
- Add fallback retry to daemon (#1690)
- add --service/-s flag for specifying system service name (#1691)
- Add routes and dns servers to status command (#1680)
Big thanks to our community contributors
Full Changelog: v0.26.2...v0.26.3
Contributors
Assets 43
v0.26.2
Release notes
Enhancements:
New posture check: Peer network ranges
We have added a new posture check that allows you to define a set of IP ranges a device must be in before connecting to the network. This check is useful when you want to control access based on a network a peer is located. e.g., you can disable a connection to a routing peer when the peer is connecting from your office network range:
https://docs.netbird.io/how-to/manage-posture-checks#peer-network-range-check
See example below:
Add support for downloading geolocation databases to the management service
Now, the management service will download the geolocation databases automatically. This feature is useful for self-hosted users using the geolocation posture check. Learn more at https://docs.netbird.io/selfhosted/geo-support
Updated GUI icons to reflect the connection status
We have updated the tray icon to reflect the connection status and update availability. Now you can see if the client is connected or disconnected you will see the NetBird icon alternating colors, proving a more clear view of the connection status.
Connected:
Disconnected:
What's Changed
- Add account usage logic (#1567)
- Use SQLite store as default when running tests when env is not set (#1612)
- Add private network posture check (#1606)
- Make SQLite default in configuration generation script (#1610)
- Check git status after go mod tidy on CI (#1614)
- Add quantum resistance status output (#1608)
- Update download-geolite2.sh to use packages URLs (#1624)
- Add support for device flow on getting started with zitadel (#1616)
- Extend bypass middleware with support of wildcard paths (#1628)
- Add support for downloading Geo databases to the management service (#1626)
- Combine update-available and connected/disconnected tray icon states (#1615)
- Rename PrivateNetworkCheck to PeerNetworkRangeCheck (#1629)
- FIx order when validating account settings (#1632)
- Fix invalid cross-device link when moving geolocation databases (#1638)
Big thanks to our community contributors
Full Changelog: v0.26.0...v0.26.1
Contributors
Assets 43
v0.26.1
What's Changed
- Add account usage logic by @lixmal in #1567
- Use SQLite store as default when running tests when env is not set by @surik in #1612
- Add peer network posture check by @bcmmbaga in #1606
- Make SQLite default in configuration generation script by @ph1ll in #1610
- Check git status after go mod tidy on CI by @surik in #1614
- Add quantum resistance status output by @braginini in #1608
- Update download-geolite2.sh to use packages URLs by @mlsmaycon in #1624
- Add support for device flow on getting started with zitadel by @mlsmaycon in #1616
- Extend bypass middleware with support of wildcard paths by @surik in #1628
- Add support for downloading Geo databases to the management service by @bcmmbaga in #1626
- Combine update-available and connected/disconnected tray icon states by @lixmal in #1615
- Rename PrivateNetworkCheck to PeerNetworkRangeCheck by @bcmmbaga in #1629
- FIx order when validating account settings by @pascal-fischer in #1632
New Contributors
Full Changelog: v0.26.0...v0.26.1