Merge branch 'dev' into msg-delivery

2026-03-04 17:56:40 +00:00 · 2025-12-23 15:44:12 -05:00
parent 9f917d9103 31d52ad3ff
commit 65287b82e1
9 changed files with 61 additions and 50 deletions
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -587,28 +587,28 @@ jobs:
      #     sarif_file: trivy-ghcr.sarif
      #     category: Image Vulnerability Scan
-      # - name: Build binaries
+      - name: Build binaries
-      #   env:
+        env:
-      #     CGO_ENABLED: "0"
+          CGO_ENABLED: "0"
-      #     GOFLAGS: "-trimpath"
+          GOFLAGS: "-trimpath"
-      #   run: |
+        run: |
-      #     set -euo pipefail
+          set -euo pipefail
-      #     TAG_VAR="${TAG}"
+          TAG_VAR="${TAG}"
-      #     make go-build-release tag=$TAG_VAR
+          make -j 10 go-build-release tag=$TAG_VAR
-      #   shell: bash
+        shell: bash
-      # - name: Create GitHub Release
+      - name: Create GitHub Release
-      #   uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2.4.2
+        uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2.4.2
-      #   with:
+        with:
-      #     tag_name: ${{ env.TAG }}
+          tag_name: ${{ env.TAG }}
-      #     generate_release_notes: true
+          generate_release_notes: true
-      #     prerelease: ${{ env.IS_RC == 'true' }}
+          prerelease: ${{ env.IS_RC == 'true' }}
-      #     files: |
+          files: |
-      #       bin/*
+            bin/*
-      #     fail_on_unmatched_files: true
+          fail_on_unmatched_files: true
-      #     draft: true
+          draft: true
-      #     body: |
+          body: |
-      #       ## Container Images
+            ## Container Images
-      #       - GHCR: `${{ env.GHCR_REF }}`
+            - GHCR: `${{ env.GHCR_REF }}`
-      #       - Docker Hub: `${{ env.DH_REF || 'N/A' }}`
+            - Docker Hub: `${{ env.DH_REF || 'N/A' }}`
-      #       **Digest:** `${{ steps.build.outputs.digest }}`
+            **Digest:** `${{ steps.build.outputs.digest }}`
--- a/12
+++ b/12
@@ -27,6 +27,18 @@ docker-build-release:
        go-build-release-darwin-amd64 go-build-release-windows-amd64 \
        go-build-release-freebsd-amd64 go-build-release-freebsd-arm64
 go-build-release: \
    go-build-release-linux-arm64 \
    go-build-release-linux-arm32-v7 \
    go-build-release-linux-arm32-v6 \
    go-build-release-linux-amd64 \
    go-build-release-linux-riscv64 \
    go-build-release-darwin-arm64 \
    go-build-release-darwin-amd64 \
    go-build-release-windows-amd64 \
    go-build-release-freebsd-amd64 \
    go-build-release-freebsd-arm64
 go-build-release-linux-arm64:
 	CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o bin/newt_linux_arm64
--- a/clients.go
+++ b/clients.go
@@ -24,7 +24,7 @@ func setupClients(client *websocket.Client) {
 	host = strings.TrimSuffix(host, "/")
-	logger.Info("Setting up clients with netstack2...")
+	logger.Debug("Setting up clients with netstack2...")
 	// if useNativeInterface is true make sure we have permission to use native interface
 	if useNativeInterface {
--- a/clients/clients.go
+++ b/clients/clients.go
@@ -141,7 +141,7 @@ func NewWireGuardService(interfaceName string, port uint16, mtu int, host string
 	// Add a reference for the hole punch manager (creator already has one reference for WireGuard)
 	sharedBind.AddRef()
-	logger.Info("Created shared UDP socket on port %d (refcount: %d)", port, sharedBind.GetRefCount())
+	logger.Debug("Created shared UDP socket on port %d (refcount: %d)", port, sharedBind.GetRefCount())
 	// Parse DNS addresses
 	dnsAddrs := []netip.Addr{netip.MustParseAddr(dns)}
@@ -295,7 +295,7 @@ func (s *WireGuardService) StartHolepunch(publicKey string, endpoint string, rel
 		logger.Warn("Failed to start hole punch: %v", err)
 	}
-	logger.Info("Starting hole punch to %s with public key: %s", endpoint, publicKey)
+	logger.Debug("Starting hole punch to %s with public key: %s", endpoint, publicKey)
 }
 // StartDirectUDPRelay starts a direct UDP relay from the main tunnel netstack to the clients' WireGuard.
@@ -342,7 +342,7 @@ func (s *WireGuardService) StartDirectUDPRelay(tunnelIP string) error {
 	// Set the netstack connection on the SharedBind so responses go back through the tunnel
 	s.sharedBind.SetNetstackConn(listener)
-	logger.Info("Started direct UDP relay on %s:%d (bidirectional via SharedBind)", tunnelIP, s.Port)
+	logger.Debug("Started direct UDP relay on %s:%d (bidirectional via SharedBind)", tunnelIP, s.Port)
 	// Start the relay goroutine to read from netstack and inject into SharedBind
 	s.directRelayWg.Add(1)
@@ -360,7 +360,7 @@ func (s *WireGuardService) runDirectUDPRelay(listener net.PacketConn) {
 	// Note: Don't close listener here - it's also used by SharedBind for sending responses
 	// It will be closed when the relay is stopped
-	logger.Info("Direct UDP relay started (bidirectional through SharedBind)")
+	logger.Debug("Direct UDP relay started (bidirectional through SharedBind)")
 	buf := make([]byte, 65535) // Max UDP packet size
@@ -446,7 +446,7 @@ func (s *WireGuardService) LoadRemoteConfig() error {
 		"port":      s.Port,
 	}, 2*time.Second)
-	logger.Info("Requesting WireGuard configuration from remote server")
+	logger.Debug("Requesting WireGuard configuration from remote server")
 	go s.periodicBandwidthCheck()
 	return nil
@@ -456,7 +456,7 @@ func (s *WireGuardService) handleConfig(msg websocket.WSMessage) {
 	var config WgConfig
 	logger.Debug("Received message: %v", msg)
-	logger.Info("Received WireGuard clients configuration from remote server")
+	logger.Debug("Received WireGuard clients configuration from remote server")
 	jsonData, err := json.Marshal(msg.Data)
 	if err != nil {
@@ -489,6 +489,8 @@ func (s *WireGuardService) handleConfig(msg websocket.WSMessage) {
 	if err := s.ensureTargets(config.Targets); err != nil {
 		logger.Error("Failed to ensure WireGuard targets: %v", err)
 	}
 	logger.Info("Client connectivity setup. Ready to accept connections from clients!")
 }
 // SyncConfig represents the configuration sent from server for syncing
@@ -813,7 +815,7 @@ func (s *WireGuardService) ensureWireguardInterface(wgconfig WgConfig) error {
 		return fmt.Errorf("failed to bring up WireGuard device: %v", err)
 	}
-	logger.Info("WireGuard netstack device created and configured")
+	logger.Debug("WireGuard netstack device created and configured")
 	// Release the mutex before calling the callback
 	s.mu.Unlock()
--- a/holepunch/holepunch.go
+++ b/holepunch/holepunch.go
@@ -295,7 +295,7 @@ func (m *Manager) StartMultipleExitNodes(exitNodes []ExitNode) error {
 	m.updateChan = make(chan struct{}, 1)
 	m.mu.Unlock()
-	logger.Info("Starting UDP hole punch to %d exit nodes with shared bind", len(exitNodes))
+	logger.Debug("Starting UDP hole punch to %d exit nodes with shared bind", len(exitNodes))
 	go m.runMultipleExitNodes()
@@ -373,7 +373,7 @@ func (m *Manager) runMultipleExitNodes() {
 				publicKey:    exitNode.PublicKey,
 				endpointName: exitNode.Endpoint,
 			})
-			logger.Info("Resolved exit node: %s -> %s", exitNode.Endpoint, remoteAddr.String())
+			logger.Debug("Resolved exit node: %s -> %s", exitNode.Endpoint, remoteAddr.String())
 		}
 		return resolvedNodes
 	}
--- a/main.go
+++ b/main.go
@@ -420,7 +420,7 @@ func runNewtMain(ctx context.Context) {
 	}
 	if tel != nil {
 		// Admin HTTP server (exposes /metrics when Prometheus exporter is enabled)
-		logger.Info("Starting metrics server on %s", tcfg.AdminAddr)
+		logger.Debug("Starting metrics server on %s", tcfg.AdminAddr)
 		mux := http.NewServeMux()
 		mux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(200) })
 		if tel.PrometheusHandler != nil {
--- a/netstack2/handlers.go
+++ b/netstack2/handlers.go
@@ -372,7 +372,7 @@ func copyPacketData(dst, src net.PacketConn, to net.Addr, timeout time.Duration)
 // InstallICMPHandler installs the ICMP handler on the stack
 func (h *ICMPHandler) InstallICMPHandler() error {
 	h.stack.SetTransportProtocolHandler(header.ICMPv4ProtocolNumber, h.handleICMPPacket)
-	logger.Info("ICMP Handler: Installed ICMP protocol handler")
+	logger.Debug("ICMP Handler: Installed ICMP protocol handler")
 	return nil
 }
--- a/netstack2/proxy.go
+++ b/netstack2/proxy.go
@@ -266,7 +266,7 @@ func NewProxyHandler(options ProxyHandlerOptions) (*ProxyHandler, error) {
 		if err := handler.icmpHandler.InstallICMPHandler(); err != nil {
 			return nil, fmt.Errorf("failed to install ICMP handler: %v", err)
 		}
-		logger.Info("ProxyHandler: ICMP handler enabled")
+		logger.Debug("ProxyHandler: ICMP handler enabled")
 	}
 	// // Example 1: Add a rule with no port restrictions (all ports allowed)
@@ -570,8 +570,8 @@ func (p *ProxyHandler) HandleIncomingPacket(packet []byte) bool {
 		return true
 	}
-	logger.Debug("HandleIncomingPacket: No matching rule for %s -> %s (proto=%d, port=%d)",
+	// logger.Debug("HandleIncomingPacket: No matching rule for %s -> %s (proto=%d, port=%d)",
-		srcAddr, dstAddr, protocol, dstPort)
+		// srcAddr, dstAddr, protocol, dstPort)
 	return false
 }
--- a/wgtester/wgtester.go
+++ b/wgtester/wgtester.go
@@ -38,7 +38,6 @@ type Server struct {
 	isRunning    bool
 	runningLock  sync.Mutex
 	newtID       string
 	outputPrefix string
 	useNetstack  bool
 	tnet         interface{} // Will be *netstack2.Net when using netstack
 }
@@ -50,7 +49,6 @@ func NewServer(serverAddr string, serverPort uint16, newtID string) *Server {
 		serverPort:   serverPort + 1, // use the next port for the server
 		shutdownCh:   make(chan struct{}),
 		newtID:       newtID,
 		outputPrefix: "[WGTester] ",
 		useNetstack:  false,
 		tnet:         nil,
 	}
@@ -63,7 +61,6 @@ func NewServerWithNetstack(serverAddr string, serverPort uint16, newtID string,
 		serverPort:   serverPort + 1, // use the next port for the server
 		shutdownCh:   make(chan struct{}),
 		newtID:       newtID,
 		outputPrefix: "[WGTester] ",
 		useNetstack:  true,
 		tnet:         tnet,
 	}
@@ -109,7 +106,7 @@ func (s *Server) Start() error {
 	s.isRunning = true
 	go s.handleConnections()
-	logger.Info("%sServer started on %s:%d", s.outputPrefix, s.serverAddr, s.serverPort)
+	logger.Debug("WGTester Server started on %s:%d", s.serverAddr, s.serverPort)
 	return nil
 }
@@ -127,7 +124,7 @@ func (s *Server) Stop() {
 		s.conn.Close()
 	}
 	s.isRunning = false
-	logger.Info("%sServer stopped", s.outputPrefix)
+	logger.Info("WGTester Server stopped")
 }
 // RestartWithNetstack stops the current server and restarts it with netstack
@@ -162,7 +159,7 @@ func (s *Server) handleConnections() {
 			// Set read deadline to avoid blocking forever
 			err := s.conn.SetReadDeadline(time.Now().Add(1 * time.Second))
 			if err != nil {
-				logger.Error("%sError setting read deadline: %v", s.outputPrefix, err)
+				logger.Error("Error setting read deadline: %v", err)
 				continue
 			}
@@ -192,7 +189,7 @@ func (s *Server) handleConnections() {
 					if err == io.EOF {
 						return
 					}
-					logger.Error("%sError reading from UDP: %v", s.outputPrefix, err)
+					logger.Error("Error reading from UDP: %v", err)
 				}
 				continue
 			}
@@ -224,7 +221,7 @@ func (s *Server) handleConnections() {
 			copy(responsePacket[5:13], buffer[5:13])
 			// Log response being sent for debugging
-			// logger.Debug("%sSending response to %s", s.outputPrefix, addr.String())
+			// logger.Debug("Sending response to %s", addr.String())
 			// Send the response packet - handle both regular UDP and netstack UDP
 			if s.useNetstack {
@@ -238,9 +235,9 @@ func (s *Server) handleConnections() {
 			}
 			if err != nil {
-				logger.Error("%sError sending response: %v", s.outputPrefix, err)
+				logger.Error("Error sending response: %v", err)
 			} else {
-				// logger.Debug("%sResponse sent successfully", s.outputPrefix)
+				// logger.Debug("Response sent successfully")
 			}
 		}
 	}