DefGuard · t-aleksander · Mar 27, 2025 · Jan 27, 2025 · Feb 21, 2025 · Feb 21, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -35,8 +35,8 @@ jobs:
         uses: Swatinem/rust-cache@v2
         with:
           key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
-      - name: Install protoc
-        run: apt-get update && apt-get -y install protobuf-compiler
+      - name: Install dependencies
+        run: apt-get update && apt-get -y install protobuf-compiler libnftnl-dev libmnl-dev
       - name: Check format
         run: |
           rustup component add rustfmt

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -25,8 +25,8 @@ jobs:
       - name: Install Rust toolchain
         run: rustup update --no-self-update stable
 
-      - name: Install protoc
-        run: apt-get update && apt-get -y install protobuf-compiler
+      - name: Install dependencies
+        run: apt-get update && apt-get -y install protobuf-compiler libnftnl-dev libmnl-dev
 
       - name: Build Docs
         run: cargo doc --all --no-deps

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "defguard-gateway"
-version = "1.2.1"
+version = "1.2.2"
 edition = "2021"
 
 [dependencies]
@@ -19,6 +19,11 @@ tonic = { version = "0.12", features = ["gzip", "tls", "tls-native-roots"] }
 tokio = { version = "1", features = ["macros", "rt-multi-thread"] }
 tokio-stream = { version = "0.1", features = [] }
 toml = { version = "0.8", default-features = false, features = ["parse"] }
+ipnetwork = "0.21"
+
+[target.'cfg(target_os = "linux")'.dependencies]
+nftnl = { git = "https://github.com/DefGuard/nftnl-rs.git", rev = "1a1147271f43b9d7182a114bb056a5224c35d38f" }
+mnl = "0.2"
 
 [dev-dependencies]
 tokio = { version = "1", features = ["io-std", "io-util"] }

diff --git a/Dockerfile b/Dockerfile
@@ -1,13 +1,13 @@
 FROM rust:1-slim as builder
 
-RUN apt-get update && apt-get -y install protobuf-compiler
+RUN apt-get update && apt-get -y install protobuf-compiler libnftnl-dev libmnl-dev
 WORKDIR /app
 COPY . .
 RUN cargo build --release
 
 FROM debian:bookworm-slim
 RUN apt-get update && apt-get -y --no-install-recommends install \
-    iproute2 wireguard-tools sudo ca-certificates iptables ebtables && \
+    iproute2 wireguard-tools sudo ca-certificates iptables ebtables nftables && \
     apt-get clean && rm -rf /var/lib/apt/lists/*
 WORKDIR /app
 COPY --from=builder /app/target/release/defguard-gateway /usr/local/bin

diff --git a/LICENSE b/LICENSE