Skip to content

feat(linux): route proxy-unaware HTTP traffic through managed proxy#31632

Draft
viyatb-oai wants to merge 2 commits into
mainfrom
codex/viyatb/transparent-linux-networking
Draft

feat(linux): route proxy-unaware HTTP traffic through managed proxy#31632
viyatb-oai wants to merge 2 commits into
mainfrom
codex/viyatb/transparent-linux-networking

Conversation

@viyatb-oai

@viyatb-oai viyatb-oai commented Jul 8, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • route proxy-unaware hostname-based IPv4 HTTP and HTTPS traffic through the existing managed proxy on Linux
  • add a bounded synthetic DNS resolver and fail closed for uncaptured destinations
  • verify activation is running outside the host network namespace
  • grant namespace setup capabilities only to trusted setup code, then clear and verify every capability set before workload execution
  • preserve the existing proxy-aware path when transparent setup is unsupported

This lets tools that do not honor proxy environment variables use managed egress without application-specific changes.

Compatibility

  • proxy-aware clients continue to use the existing environment variables
  • initial capture covers hostname-based IPv4 TCP 80/443 and UDP DNS
  • raw IP destinations, IPv6, and DNS over TCP remain follow-ups
  • transparent mode reserves local UDP 53 and TCP 80/443
  • non-root setuid bubblewrap installations use the existing proxy-aware path
  • loader-affecting environment variables are removed before privileged setup and are not restored to the workload
  • missing resolver setup and unsupported proxy endpoints fall back to the existing proxy-aware path

Testing

  • cargo check -p codex-linux-sandbox --target x86_64-unknown-linux-gnu --tests with the local Zig target wrappers
  • cargo clippy -p codex-linux-sandbox --target x86_64-unknown-linux-gnu --tests --no-deps -- -D warnings with the local Zig target wrappers
  • just test -p codex-linux-sandbox builds on macOS but has no runnable tests because this crate's tests are Linux-only
  • git diff --check
  • direct-routing assertions require a capability-capable launcher; separately gating that section on non-root setuid fallback hosts remains a test-portability follow-up

Co-authored-by: Codex noreply@openai.com
Co-authored-by: Codex noreply@openai.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant