detectEgressBackend
detectEgressBackend(
deps?):EgressBackend
Defined in: src/egress.ts:164
Detect the egress-firewall backend with a real per-host SELF-TEST (cached per process).
Not merely checking for tool presence: the probe builds the FULL production nesting (membrane bwrap inside egress-runner.sh’s netns) and runs it. Only an exit-0 proves the entire stack — userns-in-userns, nft load, dnsmasq start — actually works.
Available (“slirp4netns”) iff ALL required tools exist AND the full-nesting probe exits 0. Returns null on any failure, including throws (never crashes the caller).