Skip to content

Releases: ancwrd1/snx-rs

Version 6.1.2

Choose a tag to compare

@github-actions github-actions released this 25 Jun 08:07
v6.1.2
be4f12c
  • Fixed a problem with connectivity check on some corporate networks
  • Fixed a bug in the UI where the XFRM transport choice was not shown
  • Ask for HSM pin code if it is not provided by the user (#225)

Version 6.1.1

Choose a tag to compare

@github-actions github-actions released this 09 Jun 20:52
v6.1.1
6c30788
  • Fixed a problem with inconsistent caching of gateway information when certificate settings are changed.
  • Improve visual feedback and notification in the frontend when gateway address is not accessible.

Version 6.1.0

Choose a tag to compare

@github-actions github-actions released this 28 May 12:22

This version adds experimental support to run snx-rs on Windows, using wintun driver.
MSI installer can be downloaded from the releases page.
All original functionality is available in the Windows version, except for the kernel-based (xfrm) IPsec support.
Important note: MSI and binaries are not signed yet.

Additional fixes in this release:

  • Fixed a bug where tray icon was updated too often.
  • More consistent UI for the machine certificate authentication settings.

Version 6.0.6

Choose a tag to compare

@github-actions github-actions released this 15 May 07:30
v6.0.6
88492b2
  • Added no-split-dns option to disable split DNS for systemd-resolved, required in the container images.
  • Fixed native kernel IPsec support detection when IPv6 is disabled.

Version 6.0.5

Choose a tag to compare

@github-actions github-actions released this 07 May 05:48
v6.0.5
62bbe38
  • Added interface statistics in the status window.
  • Improved performance when setting up the tunnel.
  • Fixed a problem with icon file permissions in the .run installer.
  • Update the taskbar menu and Connect button in the status window after the profiles are reordered or modified.

Version 6.0.4

Choose a tag to compare

@github-actions github-actions released this 30 Apr 14:40
v6.0.4
13109dd
  • Added tls-version-max parameter to cap the maximum TLS version negotiated with the gateway. The default is now 1.2, which avoids silent connect timeouts against gateways (notably Check Point SVN foundation) that fail to respond to TLS 1.3 ClientHello produced by recent OpenSSL releases. Set tls-version-max=default to keep the previous behavior.
  • Added connection profiles reordering in the UI.
  • Added connection profiles support to snxctl command line utility via the --profile option.
  • Fixed a regression with the manually specified routes when no-routing option was enabled.

Version 6.0.3

Choose a tag to compare

@github-actions github-actions released this 27 Apr 19:48
v6.0.3
fe8b995

Note to downstream package maintainers: this release requires to copy the package/icons/*.svg files to /usr/share/icons/hicolor/symbolic/apps directory.

  • Added deb and rpm repositories, published at ancwrd1.github.io/snx-rs.
  • Added symbolic icons to automatically choose dark/light theme of the taskbar icon.
  • Restart frontend automatically after upgrade (beginning with next version).

Version 6.0.1

Choose a tag to compare

@github-actions github-actions released this 24 Apr 21:49
v6.0.1
c829751
  • Fixed a bug with the .deb package which did not restart the service correctly during upgrade.
  • Fixed labels alignment in the status dialog.
  • Fixed dark/light theme detection on Ubuntu.

Version 6.0.0

Choose a tag to compare

@github-actions github-actions released this 21 Apr 18:14
v6.0.0
6ae153c

Marking the project's three-year anniversary, this major release delivers a complete UI rewrite and a substantial overhaul of the routing stack.
What started as a reverse-engineering experiment born out of frustration with the official snx client has grown into a full-featured application
with feature parity with the Check Point Windows client, while offering better privacy and performance on Linux.

User interface:

  • Rewritten GUI frontend based on the Slint framework, replacing the previous GTK 4 implementation.
  • Dropped the GTK 4 dependency for generic builds. GTK 4 and WebKitGTK are still required when the mobile-access feature is enabled, to host the embedded webview.
  • Tray menu now shows either a Connect or a Disconnect item depending on the current tunnel state, instead of exposing both.
  • The connection status dialog now shows the name of the active connection profile.
  • Fixed a regression where auto-connect did not trigger reliably on GUI startup.

Routing and networking:

  • Refactored split-tunnel routing setup to allow routes that contain the VPN gateway address. Fixes #199.
  • Improved error handling and recovery during routing setup and teardown, so a partial failure no longer leaves stale routes behind.
  • Several routing fixes for the SSL tunnel and the default-route option.
  • Fixed a regression with additional search domains being incorrectly treated as routing domains. Fixes #198.

Credentials and profiles:

  • Keychain passwords are now stored per connection profile instead of globally. Existing users will be prompted to re-enter their password on first connect after the upgrade.

Version 5.3.0

Choose a tag to compare

@github-actions github-actions released this 11 Apr 11:37
v5.3.0
c1c7652
  • Application now uses Linux APIs directly instead of running the external commands to configure OS networking stack.
  • Switched to GTK 4.10, requiring Linux distros from 2023 and later.
  • Flipped the no-keychain parameter to be keychain so that keychain usage is opt-in instead of opt-out.
  • Added allow-forwarding option to enable packet forwarding for the tunnel interface. Forwarding is disabled by default.