refactor(firezone-tunnel): move routes and DNS control out of connlib and up to the Client

rust/connlib/shared/Cargo.toml

@@ -21,7 +21,6 @@ ip_network = { version = "0.4", default-features = false, features = ["serde"] }
 os_info = { version = "3", default-features = false }
 rand = { version = "0.8", default-features = false, features = ["std"] }
 rand_core = { version = "0.6.4", default-features = false, features = ["std"] }
-resolv-conf = "0.7.0"
 serde = { version = "1.0", default-features = false, features = ["derive", "std"] }
 serde_json = { version = "1.0", default-features = false, features = ["std"] }
 thiserror = { version = "1.0", default-features = false }
@@ -41,9 +40,7 @@ hickory-proto = { workspace = true, optional = true }
 log = "0.4"
 
 [dev-dependencies]
-tempfile = "3.10.1"
 itertools = "0.12"
-mutants = "0.0.3" # Needed to mark functions as exempt from `cargo-mutants` testing
 tokio = { version = "1.36", features = ["macros", "rt"] }
 
 [target.'cfg(any(target_os = "macos", target_os = "ios"))'.dependencies]
@@ -52,11 +49,9 @@ swift-bridge = { workspace = true }
 [target.'cfg(target_os = "android")'.dependencies]
 tracing-android = "0.2"
 
-[target.'cfg(any(target_os = "linux", target_os = "windows"))'.dependencies]
-# Needed to safely backup `/etc/resolv.conf` and write the device ID on behalf of `gui-client`
-atomicwrites = "0.4.3"
-
 [target.'cfg(target_os = "linux")'.dependencies]
+netlink-packet-route = { version = "0.19", default-features = false }
+netlink-packet-core = { version = "0.7", default-features = false }
 rtnetlink = { workspace = true }
 
 # Windows tunnel dependencies

rust/connlib/shared/src/callbacks.rs

@@ -42,6 +42,22 @@ impl From<Ipv6Network> for Cidrv6 {
     }
 }
 
+impl From<Cidrv4> for IpNetwork {
+    fn from(x: Cidrv4) -> Self {
+        Ipv4Network::new(x.address, x.prefix)
+            .expect("A Cidrv4 should always translate to a valid Ipv4Network")
+            .into()
+    }
+}
+
+impl From<Cidrv6> for IpNetwork {
+    fn from(x: Cidrv6) -> Self {
+        Ipv6Network::new(x.address, x.prefix)
+            .expect("A Cidrv6 should always translate to a valid Ipv6Network")
+            .into()
+    }
+}
+
 #[derive(Debug, Serialize, Deserialize, Clone, Copy, PartialEq, Eq, Hash, PartialOrd, Ord)]
 pub enum Status {
     Unknown,

rust/connlib/shared/src/lib.rs

@@ -6,15 +6,7 @@
 pub mod callbacks;
 pub mod error;
 pub mod messages;
-
-/// Module to generate and store a persistent device ID on disk
-///
-/// Only properly implemented on Linux and Windows (platforms with Tauri and headless client)
-#[cfg(any(target_os = "linux", target_os = "windows"))]
-pub mod device_id;
-
-#[cfg(target_os = "linux")]
-pub mod linux;
+pub mod tun_device_manager;
 
 #[cfg(target_os = "windows")]
 pub mod windows;
@@ -48,22 +40,11 @@ pub type DomainName = domain::base::Name<Vec<u8>>;
 /// <https://learn.microsoft.com/en-us/windows/configuration/find-the-application-user-model-id-of-an-installed-app>
 pub const BUNDLE_ID: &str = "dev.firezone.client";
 
+pub const DEFAULT_MTU: u32 = 1280;
+
 const VERSION: &str = env!("CARGO_PKG_VERSION");
 const LIB_NAME: &str = "connlib";
 
-/// Deactivates DNS control on Windows
-#[cfg(target_os = "windows")]
-pub fn deactivate_dns_control() -> anyhow::Result<()> {
-    windows::dns::deactivate()
-}
-
-/// Deactivates DNS control on other platforms (does nothing)
-#[cfg(not(target_os = "windows"))]
-#[allow(clippy::unnecessary_wraps)]
-pub fn deactivate_dns_control() -> anyhow::Result<()> {
-    Ok(())
-}
-
 pub fn keypair() -> (StaticSecret, PublicKey) {
     let private_key = StaticSecret::random_from_rng(OsRng);
     let public_key = PublicKey::from(&private_key);

rust/connlib/shared/src/tun_device_manager.rs

@@ -0,0 +1,14 @@
+//! DNS and route control  for the virtual network interface in `firezone-tunnel`
+
+#[cfg(target_os = "linux")]
+pub mod linux;
+#[cfg(target_os = "linux")]
+pub use linux as platform;
+
+#[cfg(target_os = "windows")]
+pub mod windows;
+#[cfg(target_os = "windows")]
+pub use windows as platform;
+
+#[cfg(any(target_os = "linux", target_os = "windows"))]
+pub use platform::TunDeviceManager;