Releases: netbirdio/netbird
v0.28.7
What's Changed
- Fix error handling by @pappz in #2316
- add save peer status test for connected peers by @mlsmaycon in #2321
- Add SavePeer method to prevent a possible account inconsistency by @mlsmaycon in #2296
- Fix race in set listener by @pappz in #2332
- Save daemon address on service install by @mlsmaycon in #2328
- Remove redundant check for empty JWT groups by @bcmmbaga in #2323
- Refactor login with store.SavePeer by @mlsmaycon in #2334
- fix(tests): freebsd should be red on error by @skillcoder in #2346
- Add write lock for peer when saving its connection status by @mlsmaycon in #2359
- Save account on saving users and groups by @bcmmbaga in #2362
- Move write peer lock by @mlsmaycon in #2364
- Freebsd test all root component by @skillcoder in #2361
- Use accountID retrieved from the sync call to acquire read lock sooner by @mlsmaycon in #2369
- Handling invalid UTF-8 character in sys info by @pappz in #2360
- When creating new setup key, "revoked" field doesn't do anything by @pappz in #2357
- Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible by @dependabot in #2356
- fix(util): syslog output contains duplicated timestamp by @mrl5 in #2292
- Allow route updates even if some domains failed resolution by @lixmal in #2368
- Adding geolocation download log message. by @keac in #2085
- Add extra auth audience field on HttpConfig for automation user to authorize via zitadel by @dfry in #2350
- Extend client debug bundle by @lixmal in #2341
- Move Bundle to before netbird down by @mlsmaycon in #2377
- Fix Windows file version by @mlsmaycon in #2380
- Remove Codacy badge as it is broken by @braginini in #2379
- Fix DNS resolution for routes on iOS by @pascal-fischer in #2378
- Add sonar badge by @pascal-fischer in #2381
New Contributors
Full Changelog: v0.28.6...v0.28.7
Contributors
Assets 43
v0.28.6
What's Changed
- Minor fix local dns search domain by @hurricanehrndz in #2287
- Remove default allow for UDP on unmatched packet by @mlsmaycon in #2300
- Retry management connection only on context canceled by @mlsmaycon in #2301
- Ignore network monitor checks for software interfaces by @mlsmaycon in #2302
Full Changelog: v0.28.5...v0.28.6
Contributors
Assets 43
v0.28.5
What's Changed
- Sort routes by ID and remove DNS routes from overlapping list by @mlsmaycon in #2234
- Fix issue with canceled context before pushing metrics and decreasing pushing interval by @mlsmaycon in #2235
- Avoid empty domain overwrite by @pascal-fischer in #2252
- Add release version to windows binaries and update sign pipeline version by @mlsmaycon in #2256
- Get client ui locale on windows natively by @lixmal in #2251
- Bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #2248
- Fix parameter limit issue for Postgres store by @mlsmaycon in #2261
- Support DNS routes on iOS by @pascal-fischer in #2254
- fix 2260: fallback serial to Board by @EdouardVanbelle in #2263
- Add logging option for WG device by @pappz in #2271
- Limit GUI process execution to one per UID by @mlsmaycon in #2267
- Add batch save/update for groups and users by @bcmmbaga in #2245
- fix forwarded metrics by @mlsmaycon in #2273
- Ignore non unique route updates by @hurricanehrndz in #2266
- feat(client): send logs to syslog by @mrl5 in #2259
- refactor(util): fix sonarcube issues by @mrl5 in #2276
- Add get_registration_delay_milliseconds metric by @mlsmaycon in #2275
- Fix metric label typo by @mlsmaycon in #2278
- fix: save peer status correctly in sqlstore by @ctrl-zzz in #2262
- Support custom SSL certificates for the signal service by @benniekiss in #2257
- Wait on daemon down by @pascal-fischer in #2279
- Don't add exclusion routes for IPs that are part of connected networks by @lixmal in #2258
- Add faster availability DNS probe and update test domain to .com by @mlsmaycon in #2280
- Check if route interface is a Microsoft ISATAP device by @mlsmaycon in #2282
- Remove copy functions from signal by @mlsmaycon in #2285
- Refactor macOS system DNS configuration by @hurricanehrndz in #2284
- Fix macOS DNS unclean shutdown restore call on startup by @mlsmaycon in #2286
New Contributors
- @EdouardVanbelle made their first contribution in #2263
- @mrl5 made their first contribution in #2259
- @ctrl-zzz made their first contribution in #2262
- @benniekiss made their first contribution in #2257
Full Changelog: v0.28.4...v0.28.5
Contributors
Assets 43
v0.28.4
What's Changed
- Add multiple tabs for route selection by @mlsmaycon in #2198
- Remove DNSSEC parameters and configure AuthenticatedData by @mlsmaycon in #2208
- add MACOSX_DEPLOYMENT_TARGET environment to control GUI build target by @mlsmaycon in #2221
- [Snyk] Security upgrade alpine from 3.18.5 to 3.19 by @mlsmaycon in #2220
- Client UI Multiple language support by @Yxnt in #2192
- Add stack trace when saving empty domains by @mlsmaycon in #2228
- Remove interface network monitor checks by @lixmal in #2223
- Bump golang.org/x/image from 0.10.0 to 0.18.0 by @dependabot in #2205
- Fix linux serial number retrieval by @bcmmbaga in #2206
- Debounce network monitor restarts by @lixmal in #2225
- Fix nil pointer exception in case of error by @pappz in #2230
- Add context to throughout the project and update logging by @pascal-fischer in #2209
Full Changelog: v0.28.3...v0.28.4
Contributors
Assets 43
v0.28.3
What's Changed
- Update Zitadel and CockroachDB Container Image Version by @r0b2g1t in #2169
- Do not use eBPF proxy in case of USP mode by @pappz in #2180
- Optimize process checks database read by @bcmmbaga in #2182
- Lower retry interval on dns resolve failure by @lixmal in #2176
- Use selector to display dns routes in GUI by @mlsmaycon in #2185
- Using macOS-latest to build GUI by @mlsmaycon in #2189
- Add loopback ignore rule to nat chains by @lixmal in #2190
- Improve windows network monitor by @lixmal in #2184
- Feature/Use Zitadel Postgres Integration by default by @r0b2g1t in #2181
- Add log config and removed domain by @mlsmaycon in #2194
- Set EDNS0 when no extra options are set by the dns client by @mlsmaycon in #2195
New Contributors
Full Changelog: v0.28.2...v0.28.3
Contributors
Assets 43
v0.28.2
v0.28.1
v0.28.0
Release notes
This release brings support to new and exiting features like DNS routes, enhancements that simplify site-2-site configurations, bug fixes and a deprecation notice.
We are deprecating FileStore engine support and users should update their backup scripts as this new version will automatically migrate the data to the new SQLite engine.
New features
DNS routes
This new functionality enables NetBird users to configure routes using domain names instead of IP ranges. This enhancement is particularly beneficial for routing traffic to load balancers, managed databases, and maintaining security for restricted sites behind CDNs with ease and precision.
Learn more at DNS routes
Process posture check
Process posture check is a new feature that allows users to define a set of processes that must be running on a device before connecting to the network. This feature is useful when you want to control access based on the processes running on a device. For example, you can disable a connection to a routing peer when a specific process is not running.
Learn more at Process check
Initial support of FreeBSD
We are happy to present an experimental support release for the FreeBSD operating system. This feature, made possible by a valuable community contribution from member @skillcoder, aims to introduce early functionality for FreeBSD. Please note that this version is still in its initial stages and may contain bugs or incomplete elements.
Official builded binaries are coming in the next releases.
Enhancements:
Network monitor is enable by default for new Windows and macOS clients
The network monitor watches for changes on the peers' network interfaces and restarts the connection when necessary. This is useful when roaming between networks where your default gateway changes frequently. Existing Windows, macOS and Linux users can enable this feature by adding the -N flag to the netbird up command:
netbird down
netbird up -NUse 0.0.0.0/0 as source for network routes firewall rules
Previously routing peers would add the NetBird address as source in the network routes firewall rules, making site-2-site configurations more complex since administrators would need to add new firewall rules to connect their internal networks via a pair of routing peers. With this enhancement, the routing peers will use 0.0.0.0/0 as source in the network routes firewall rules, simplifying the configuration process by leaving only internal routers to be configured.
Add GUI client configuration options
We have added new configuration options to the client UI to allow users to configure the client without the need to edit the configuration file or CLI commands. This enhancement is particularly useful for users who prefer to use the client UI to configure the client.
Systray:
Advanced settings window:
Deprecations:
FileStore engine support removed
The FileStore engine support has been deprecated in this release. When upgrading to 0.28.0, the service will automatically migrate the data to the new SQLite engine.
Users that backup the store.json file directly should update their scripts to use the new SQLite store file store.db.
If you prefer to evaluate performance prior upgrading to 0.28.0, please review the manual migrations steps from the Management SQLite store page.
What's Changed
- Add FindExistingPostureCheck (#2075)
- Fix PKCE auth html (#2079)
- Improve login performance (#2061)
- Fill the UI version info in system meta on Android (#2077)
- Prevent using expired ctx when sending metrics (#2088)
- Ignore candidates whose IP falls into a routed network (#2084)
- Add missing
openidscope when requesting JWT token in Zitadel (#2089) - Remove unused variables from peer conn (#2074)
- Respect env for debug and routes sub commands (#2026)
- Do not use SO_MARK in case of netstack mode. (#2104)
- Use forked go-netroute (#2115)
- Add basic signal metrics (#2107)
- Optimize JWT Group Sync (#2108)
- Prevent building test code for client (#2125)
- Deprecate FileStore engine support (#2119)
- compile client under freebsd (#1620)
- Add DNS routes (#1943)
- Add process posture check (#1693)
- Fix checkFileAndProcess function on FreeBSD (#2128)
- Enable network monitoring for Windows and macOS clients (#2126)
- Add freebsd test workflow (#2127)
- fix network monitor ref check (#2133)
- Allow candidates on local routes if more specific than vpn routes (#2097)
- Trim new line char from Android version (#2147)
- Fix capacity of slice (#2148)
- Fix store migration on empty string (#2149)
- Use any as source for the firewall for routed networks (#2134)
- Update configuration options for client UI (#2139)
- Process routes before peers (#2105)
- Remove whitespace at the end of a line (#2152)
Big thanks to our community contributors
- @glaeqen made their first contribution in (#2089)
- @Yxnt made their first contribution in (#2152)
- @evgenii made their first contribution in (#1620)
- @juliaroesschen made their first contribution in netbirdio/docs#198
- @scudelletti made their first contribution in netbirdio/docs#194
- @vladislav-kuznetsov-newhomesmate made their first contribution in netbirdio/docs#189
Full Changelog: v0.27.10...v0.28.0
Contributors
Assets 44
v0.27.10
What's Changed
- Use info log-level for firewall manager discover by @mlsmaycon in #2045
- Restore netbird state and log level after debug by @lixmal in #2047
- Extend integrated validator with error handling by @pappz in #2044
- Remove extra error mapping by @mlsmaycon in #2050
- fix a typo in CODE_OF_CONDUCT.md by @mlsmaycon in #2048
- Refactor firewall manager check by @mlsmaycon in #2054
- Upgrade gRPC and OpenTelemetry packages for compatibility by @bcmmbaga in #2003
- Don't allow delete group from peer groups by @mlsmaycon in #2055
- Add extra logs for account not found, peer login and getAccount by @mlsmaycon in #2053
Full Changelog: v0.27.9...v0.27.10
Contributors
Assets 43
v0.27.9
What's Changed
- Revert "Accept any XDG_ environment variable to determine desktop" by @mlsmaycon in #2042
Full Changelog: v0.27.8...v0.27.9