index
:
mullvadvpn
Add-imperative-verb-tidy
IOS-750-separate-ICMP-logic-from-Pinger
IOS-882-shadowsocks-obfuscation-settings
IOS-995-show-exit-constraints-in-connect-view
add-OpenPortSelectorMenu-accessibility-id
add-create-custom-context-utility
add-curly-apostrophe-check-droid-1716
add-custom-vpn
add-domain-fronting
add-exclude-device-communication-to-vpn-ios-1047
add-focus-trap-in-modals-des-2410
add-in-app-log-view
add-linux-repo-version-script
add-lwo-obfuscator-to-mullvad-ios-ios-1451
add-lwo-to-automatic-obfuscation-rotation-ios-1458
add-lwo-to-the-relay-list-ios-1452
add-lwo-to-the-relay-selector-and-settings-ios-1453
add-mimalloc-alloc
add-new-cve-to-osv-scanner-ignore
add-optional-yubikey-pin-in-container-script
add-recent-connections-to-location-list-ios-1288
add-repo-issue-stat-scripts
add-startup-macrobenchmark-droid
also-build-fdroid-builds-when-building-production-builds-on-droid-2429
android-throughput-tests
automate-publishing-of-linux-repositories
automate-release-process
backport-version-check-update
boring-singletun
boring-udp-gro
boringfun-ios
boringfun-multihop
boringtun-tso
bug-bash-2025-11-20
bug-bash-2026-01-08
bug-bash-location-view
bugbash-18-12-24
build-pacman-releases
build-rust-with-locked-for-ios-releases
buildserver-check
call-post-quantum-key-negotiation-method-from-ios-553
change-default-rollout-for-new-releases-to-a-low-value-des-2603
change-settings-import-test-to-use-shorter-delay-for-import-status-text
check-always-save-etag-and-timestamp-2
ci-runner-does-not-clean-up-orchestratorapk-droid-2004
ci-test
ci-test-env-pass
clean-up-ios-rust-build-more
cleanup/DES-1044
closest-daita-relay
codify-swift-rust-interactions-in-a-markdown-file-ios-1140
confirm-ipv6-external-source-for-flakiness
connect-to-daemon-on-other-machine
connect-to-grpc-service-over-https
connection-loss-event-when-the-connection-takes-too-long-ios-1298
convert
copilot/upgrade-android-gradle-plugin
create-a-poc-for-trying-to-connect-to-the-same-relay-over-ios-1030
create-rustc-path-prefix-remap-crate
daemon-tour-2025
debug-e2e-tests
debug-view
decrease-leaks-during-reconnect
detect-grapheneos-in-problem-report-metadata-droid-718
dns-settings-swiftui-again
domain-fronting-server
domain-fronting-server-test-poll
double-check-wait
dynamic-include-all-networks
early-boot-fw-timeout
enable-all-buttons-and-use-error-messages-instead-droid-2559
enable-upload-of-f-droid-builds-to-fdroid-cdn-on-stable-droid-2431
ensure-that-types-that-are-being-sent-across-actor-ios-633
esm-migration-test
evaluate-hyper-legacy-client-des-1288
exclude-app-android-17-beta3
experiment-reducer-mobius
export-figma-variables-to-swift
extend-login-timeout-for-leaktests
fail-invalid-ss-cipher
fda-fixes-backport
filter-account-deletion-on-digits-only-droid-2546
fix-alpha-builds-are-crashing-droid-1693-linus
fix-android-workspace-lints
fix-compiler-concurrency-issues-for-level-targeted-ios-828
fix-flaky-test-due-to-bad-modal-implementation
fix-guid-conflicts-with-mozilla-vpn-des-2576
fix-invalid-shadowsocks-ciphers-crashing
fix-masque-base-bench
fix-mount-path-git-bash
fix-mullvad-daemon-segfault
fix-store-payments-on-prod-builds
fix-user-init-shutdown-propagation-linux-macos
fix-wayland-fractional-scaling-ui-bugs
flatpak-experiments
forbid-clippy-as_underscore-tmp
frequent-disconnected-notifications-from-mullvad-android-app-droid-2210
gather-multihop-selection-behaviour-data-ios-1505
generate-grpc-js-bindings-from-arm-host
hackday-202504-andrew-filter-longpress
hackday-expressive
hackday-glance-widget
hackday-log-me-in
hackday-log-me-in-android-ui
hackday-material-3
hackday-metro-android
hackday-packettunnelactor-reducerise
hackday-remote-compose
hackday-wire
hacky-listitem-fix-linux-wayland-fractional-scaling
hotfix-2025.5-build2-release
hotfix-nwpath-monitor
hwasan-android
ignore-empty-dir
implement-carousel-slides-in-multihop-settings-view-ios-1565
implement-design-for-dns-settings-subview-droid-2581
implement-different-filters-for-the-entry-and-exit-list-droid-2325
implement-floating-search-field-ios-1353
implement-frontend-remove-port-from-constraint
implement-migration-wizard-ui-ios-1547
implement-support-for-separate-entryexit-filters-droid-2199-ui
implement-user-space-obfuscation-in-boringtun-des-2424
implement-verify-relay-list-droid-2436
improve-dnsdialogviewmodel-arguments-droid-579
improve-resign-script
improve-search
improve-select-location-lazy-expansion-ios
improve-tv-experience-module
in-app-banner-animation-overshoots-resulting-in-a-visual-ios-929
integrate-osv-scanner-into-ci-des-706-split
interactive-maps
investigate-tests
ios-662-update-ui-to-indicate-pq-connection-status
ios-add-gotatun-feature-indicator
ios-allow-multiple-fulfillments
ios-boring-tun-friday-hack
ios-bug-bash-01-22
ios-bug-bash-02-05
ios-bug-bash-02-11
ios-bug-bash-2025-02-11
ios-enable-rust-logging
ios-fix-custom-dns-test
ios-fix-offline-state-rebase
ios-gotatun
ios-gotatun-switching-improvement
ios-ipv6-rebase
ios-release-2024.11
ios-release-2024.3
ios-release-2024.6
ios-release-2024.9
ios-release-2025.10
ios-release-2025.11
ios-release-2025.2
ios-release-2025.3
ios-release-2025.4
ios-release-2025.5
ios-release-2025.6
ios-release-2025.6-2
ios-release-2025.7
ios-release-2025.8
ios-release-2025.9
ios-release-2026.1
ios-release-2026.2
ios-seperate-build-sign
lce-dns-temp-branch-android
leak-checker-kameo
linux-netns
linux-netns-old
log-failure-reason-in-test-detect-app-removal
macos-add-ipv6-local-resolver
macos-restart-upgrade
main
make-ios-build-fast-again
masque-backpressure
masque-bench
masque-connect-socket
masque-perf
masque-proxy-reduce-lock-contention
migrate-android-device-runners-to-bender-droid-2534
migrate-build-script-logic-to-gradle-config-droid-2631
migrate-to-aws-lc-rs
move-supported-platforms
mtu-detection-android
mullvad-api-storekit2
multihop-everywhere
new-gotatun-api
nftables-json
non-lazy-location-list
npm-ignore-scripts-experiment
nushell_completions
offline-mode-old
open-gfw-nix
openwrt
openwrt-and-remote-control
openwrt-x-android
pack-downloader-in-zip
package-mullvad-cli-for-openwrt-des-1255
poc-switch-component-form-label-integration-switches-not-focusable-des-1637
power-assert
pre-fix-standalone-build
pre-investigate-migration-from-cjs-to-esm-tb-4h-des-1739
prepare-2026.2
prepare-android/2025.10
prepare-android/2025.11
prepare-android/2026.1
prepare-android/2026.2
prepare-android/2026.3
prepare-android/2026.4
prepare-tunnel-settings-for-unique-entry-and-exit-filters-ios-1350
proptest-some-more
proptest-update-logic
push-pztsupwvprxv
qr-codes
relay-selector-refactor
remove-daita-cfgs
remove-delayed-reset-of-import-status-text
remove-dyn-error-view
remove-synthesized-offline-state
remove-unnecessary-tint-for-images-ios
remove-wireguard-go
replace-gprc-tools-npm-package-with-a-linux-container-des-2826
repro-tcp-connection-not-working
router-mode
run-ios-unit-tests-in-ci-on-rust-upgrade
screenshot-testing
screenshots-fixes
search-anything
sendable-tutorial
set-includeallnetworks-to-true-in-starttunneloperation-and-ios-945
settings-swift-ui
show-the-entry-field-when-its-being-used-in-when-needed-mode-ios-1511
sign-with-hardware-key-container
snapshot-settings-migrations
spam-dns-lookups
speed-connetcion-hackday
std-process
steal-desktop-improvements-for-generating-pq-keys-ahead-of-ios-1005
switch-to-zbus
systemd-cgroup-v2
systemd-cgroup-v2-seccomp
talpid-channels
talpid-firewall
talpid-winfw
temp-fix-xcode-26
test-branch
test-broken-ci
test-dns-stuff
test-eslint-plugin-import
test-macos
test-macos-stuff
test-main
test-manager-gotatun
test-masque-ech
test-new-js-and-css-apis
test-runner-on-build-server-android
test-test
test-userspace-obfs
test-win-gotatun
testNoAnimations
testfetchcurrentlocationidentifier-is-failing-ios-1456
tobias-edit-location-search-box-stops-being-selected-when-animation-des-1724
tracing-instrument
tracing-serde
try-fix-ios-release-2025.4
try-out-pnpm
tui-app
tunnel-args-remove-resource-dir
unit-tests-remove-mullvadvpntests-target-from-app-code-ios-539
untangle-talpid-wireguard
update-deps
update-formatting
update-ios-build-vm
update-login-view-to-new-design-droid-2560
update-protocol-usage-to-include-any-keyword-ios-616
update-screenshots-to-use-pq-tunnels-ios-684
update-sdk-target-to-37
update-the-ui-to-indicate-that-the-tunnel-is-post-quantum-ios-662
update-translate-workflow
update-tun
upgrade-build-server-to-mac-os-sequoia-and-xcode-164-ios-1265
upgrade-container-mold
upgrade-rand-talpid-wireguard
upgrade-rust-1.93
upload-xcode-exporetd-strings-to-crowdin-1241
use-gitoxide
v11-settings-migration-snapshot-settings-migrations
when-toggling-multihop-on-we-should-warn-users-if-they-will-ios-1521
win-configurable-guids
win-enable-gotatun
win-recreate-driver-service
win-st-bsod-workaround-backport
win-st-simplify-ip-reg
win-st-unblock-ip-update
win11-test
wip-replace-grpc-tools-npm-package-with-a-linux-container-des-2826
zbus
The Mullvad VPN client app for desktop and mobile
summary
refs
log
tree
commit
diff
homepage
log msg
author
committer
range
path:
root
/
talpid-core
/
src
/
firewall
/
linux.rs
Age
Commit message (
Expand
)
Author
Files
Lines
2025-10-07
Define networks as const values
Markus Pettersson
1
-22
/
+18
2025-09-18
Add multiplexer POC to daemon, TSM, and relay selector
David Lönnhager
1
-4
/
+8
2025-07-15
Fix `collapsible_if` clippy lint
Markus Pettersson
1
-7
/
+6
2025-07-10
Run `cargo fmt`
Sebastian Holmin
1
-3
/
+4
2025-06-19
Do not add split-tunneling fw rules if no net_cls
Joakim Hulthe
1
-4
/
+27
2024-11-08
Set net.ipv4.conf.all.arp_ignore=2 when bringing up tunnels on Linux
Linus Färnstrand
1
-4
/
+40
2024-09-18
Keep separate tunnel state machine configs for tunnel and non-tunnel DNS
David Lönnhager
1
-37
/
+28
2024-08-27
Use CStr literals instead of LazyLock
David Lönnhager
1
-24
/
+22
2024-08-27
Use std LazyLock instead of once_cell Lazy
David Lönnhager
1
-14
/
+15
2024-08-13
Refactor tunnel provider and TalpidVpnService
David Lönnhager
1
-4
/
+7
2024-02-27
Replace err_derive with thiserror
Joakim Hulthe
1
-16
/
+12
2024-02-19
Fix redundant imports
David Lönnhager
1
-2
/
+0
2024-01-03
Allow app to use custom socks5 and shadwosocks proxies
Jonathan
1
-4
/
+17
2023-11-16
Document more things in linux firewall code
Jonathan
1
-1
/
+24
2023-11-07
Configure firewall rules to allow proxy clients
Markus Pettersson
1
-10
/
+14
2023-08-30
Add mark based accept rule for forward chain as well
Siddhartha Sahu
1
-1
/
+1
2023-08-04
Replace all use of `lazy_static` with `once_cell`
Markus Pettersson
1
-22
/
+24
2023-03-15
Remove non-inet tables. This deprecates support for older Linux kernels
David Lönnhager
1
-124
/
+94
2023-02-28
Add PQ support for multihop, and allow listing two endpoints in the
Jonathan
1
-1
/
+5
2022-11-07
Split up talpid-core
Emīls Piņķis
1
-20
/
+27
2022-09-13
Make AllowedEndpoint optional
Emīls Piņķis
1
-1
/
+3
2022-06-15
Remove ICMP variants for allowed tunnel traffic
David Lönnhager
1
-28
/
+12
2022-06-14
Manually fix the simpler non-semantic clippy warns
Jonathan
1
-4
/
+4
2022-06-14
Only allow traffic to flow between the client and relay config service during...
David Lönnhager
1
-8
/
+52
2022-02-17
Move exclusion_gid to SharedTunnelStateValues
Emīls
1
-4
/
+0
2022-02-17
Allow initializing firewall without args
Emīls
1
-11
/
+15
2021-12-13
Allow only root to reach the API in blocked state
Emīls
1
-0
/
+11
2021-12-08
Add path restrictions for allowed endpoints in the daemon
David Lönnhager
1
-2
/
+2
2021-11-29
Reformat code without blank_lines_upper_bound = 2
Linus Färnstrand
1
-1
/
+0
2021-10-11
Update NDP rules on Linux
David Lönnhager
1
-39
/
+59
2021-09-08
Drop suspicious packets to tunnel IP in connecting state
David Lönnhager
1
-0
/
+3
2021-09-08
Don't set fwmark on packets destined for public DNS for excluded processes
David Lönnhager
1
-84
/
+68
2021-06-07
Replace 'tunnel_interface' field with tunnel metadata in connecting firewall ...
David Lönnhager
1
-3
/
+3
2021-06-07
Remove pingable hosts
David Lönnhager
1
-25
/
+0
2021-05-17
Switch from exit_location to entry_location WG constraint
David Lönnhager
1
-7
/
+11
2021-05-11
Reapply connecting firewall policy when the tunnel interface has been
David Lönnhager
1
-0
/
+1
2021-04-16
Fix "inbound" forwarding
David Lönnhager
1
-27
/
+23
2021-04-16
Forward DHCP traffic
David Lönnhager
1
-14
/
+16
2021-04-16
Add reject rule to forward chain
David Lönnhager
1
-6
/
+8
2021-04-16
Forward packets from the tunnel interface
David Lönnhager
1
-0
/
+9
2021-04-16
Permit remaining packets to be forwarded via the tunnel interface only
David Lönnhager
1
-0
/
+4
2021-04-16
Permit forwarding of LAN traffic
David Lönnhager
1
-12
/
+20
2021-04-16
Permit forwarding of select DNS packets
David Lönnhager
1
-23
/
+29
2021-04-16
Add nftables forward chain
David Lönnhager
1
-2
/
+11
2021-03-31
Remove use_fwmark option
David Lönnhager
1
-12
/
+5
2021-03-16
Add counters to prerouting rules
David Lönnhager
1
-0
/
+7
2021-03-16
Allow incoming traffic for exluded processes to pass through strict rpf
David Lönnhager
1
-9
/
+21
2021-03-08
Always set src_valid_mark when connecting
Emīls
1
-0
/
+18
2021-03-05
Add rules to allow relay traffic through rpf
Emīls
1
-0
/
+17
2021-01-04
Unblock API endpoint while connecting or blocked
David Lönnhager
1
-4
/
+25
[next]
