Firezone logo light

Changelog

A list of the most recent updates to Firezone, organized by component.

Latest Gateway version

Version: 1.4.2

Released:

Download:x86_64aarch64armv7

  • #7210 Adds support for GSO (Generic Segmentation Offload), delivering throughput improvements of up to 60%.
  • #7398 Fixes cases where client applications such as ssh would fail to automatically determine the correct IP protocol version to use (4/6).
  • #7449 Uses multiple threads to read & write to the TUN device, greatly improving performance. The number of threads can be controlled with `FIREZONE_NUM_TUN_THREADS` and defaults to 2.
  • #7479 Fixes an issue where SSH connections involving NAT64 failed to establish.
  • Previous Gateway versions

    VersionDateDescription
    1.4.1
    • #7263 Mitigates a crash in case the maximum packet size is not respected.
    • #7334 Fixes an issue where symmetric NATs would generate unnecessary candidate for hole-punching.
    • #7120 Silences several unnecessary warnings from the WireGuard library.
    • #7341 Disconnects from non-compliant TURN servers.
    • #7342 Fixes a packet drop issue under high-load.
    1.4.0
    • #6960 Separates traffic restrictions between DNS Resources CIDR Resources, preventing them from interfering with each other.
    • #6941 Implements support for the new control protocol, delivering faster and more robust connection establishment.
    • #7103 Adds on-by-default error reporting using sentry.io. Disable by setting `FIREZONE_NO_TELEMETRY=true`.
    • #7164 Fixes an issue where the Gateway would fail to accept connections and had to be restarted.
    1.3.2
    • #6733 Reduces log level of the "Couldn't find connection by IP" message so that it doesn't log each time a client disconnects.
    • #6845 Fixes connectivity issues on idle connections by entering an always-on, low-power mode instead of closing them.
    1.3.1
    • #6563 Removes unnecessary packet buffers for a minor performance increase.
    1.3.0
    • #6434 Adds support for routing the Internet Resource for Clients.
    1.2.0
    • #5901 Implements glob-like matching of domains for DNS resources.
    1.1.5
    • #6276 Fixes a bug where relayed connections failed to establish after an idle period.
    • #6277 Fixes a bug where restrictive NATs caused connectivity problems.
    1.1.4
    • Removes `FIREZONE_ENABLE_MASQUERADE` env variable. Masquerading is now always enabled unconditionally.
    1.1.3
    • Fixes an issue where Gateways could become unresponsive after new versions of the Firezone infrastructure was deployed.
    1.1.2
    • Reduces log noise for the default log level.
    1.1.1
    • Fixes a minor connectivity issue that could occur for some DNS Resources.
    1.1.0

      This release introduces a new method of resolving and routing DNS Resources that is more reliable on some poorly-behaved networks. To use this new method, Client versions 1.1.0 or later are required. Client versions 1.0.x will continue to work with Gateway 1.1.x, but will not benefit from the new DNS resolution method.

      Read more about this change in the announcement post here.

    1.0.8
      This is a maintenance release with no major user-facing changes.
    1.0.7
      This release fixes a bug where the incorrect Gateway version could be reported to the admin portal.
    1.0.6
      This release contains connectivity fixes and performance improvements and is recommended for all users.
    1.0.5
      Minor maintenance fixes.
    1.0.4
      Fixes an issue detecting the correct architecture during installation and upgrades.
    1.0.3
    1.0.2
      Fixes a big that caused invalid connections from being cleaned up properly.
    1.0.1
      Fixes a bug that could prevent the auto-upgrade script from working properly.
    1.0.0
      Initial release.