daemon

package
v0.5.36 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 16, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Overview

Package watcher keeps track and monitors for new, removed and modified WireGuard interfaces and peers.

Index

Constants

View Source
const (
	PeerStateNew        = coreproto.PeerState_NEW
	PeerStateConnecting = coreproto.PeerState_CONNECTING
	PeerStateConnected  = coreproto.PeerState_CONNECTED
	PeerStateFailed     = coreproto.PeerState_FAILED
	PeerStateClosed     = coreproto.PeerState_CLOSED
)

Prettier aliases for the protobuf constants

Variables

View Source
var (
	ErrFeatureDeactivated = errors.New("feature deactivated")
)
View Source
var InterfaceModifiersStrings = []string{
	"name",
	"type",
	"private-key",
	"listen-port",
	"firewall-mark",
	"peers",
}
View Source
var PeerModifiersStrings = []string{
	"preshared-key",
	"endpoint",
	"keepalive-interval",
	"handshake-time",
	"receive-bytes",
	"transmit-bytes",
	"allowed-ips",
	"protocol-version",
	"name",
}

Functions

func RegisterFeature

func RegisterFeature[I FeatureInterface](ctor func(i *Interface) (I, error), order int,
) func(*Interface) I

Types

type Daemon

type Daemon struct {
	*Watcher

	Backend *signaling.MultiBackend
	Client  *wgctrl.Client
	Config  *config.Config
	// contains filtered or unexported fields
}

func NewDaemon

func NewDaemon(cfg *config.Config) (*Daemon, error)

func (*Daemon) Close

func (d *Daemon) Close() error

func (*Daemon) CreateDevices

func (d *Daemon) CreateDevices() error

func (*Daemon) OnInterfaceAdded

func (d *Daemon) OnInterfaceAdded(i *Interface)

func (*Daemon) OnInterfaceRemoved

func (d *Daemon) OnInterfaceRemoved(i *Interface)

func (*Daemon) Shutdown

func (d *Daemon) Shutdown(restart bool)

Stop stops the daemon

func (*Daemon) Start

func (d *Daemon) Start() error

Start starts the daemon and blocks until Stop() is called.

func (*Daemon) Sync

func (d *Daemon) Sync() error

type Event

type Event any

type EventsHandler

type EventsHandler struct {
	Events chan Event
}

func NewEventsHandler

func NewEventsHandler(length int) *EventsHandler

func (*EventsHandler) OnInterfaceAdded

func (h *EventsHandler) OnInterfaceAdded(i *Interface)

func (*EventsHandler) OnInterfaceModified

func (h *EventsHandler) OnInterfaceModified(i *Interface, old *wg.Interface, m InterfaceModifier)

func (*EventsHandler) OnInterfaceRemoved

func (h *EventsHandler) OnInterfaceRemoved(i *Interface)

func (*EventsHandler) OnPeerAdded

func (h *EventsHandler) OnPeerAdded(p *Peer)

func (*EventsHandler) OnPeerModified

func (h *EventsHandler) OnPeerModified(p *Peer, old *wgtypes.Peer, m PeerModifier, ipsAdded, ipsRemoved []net.IPNet)

func (*EventsHandler) OnPeerRemoved

func (h *EventsHandler) OnPeerRemoved(p *Peer)

type Feature

type Feature struct {
	New func(i *Interface) (FeatureInterface, error)
	// contains filtered or unexported fields
}

type FeatureInterface

type FeatureInterface interface {
	Start() error
	Close() error
}

type Interface

type Interface struct {
	// WireGuard handle of device
	*wg.Interface

	// OS abstractions for kernel device
	device.Device

	Peers map[crypto.Key]*Peer

	LastSync time.Time

	Daemon   *Daemon
	Settings *config.InterfaceSettings
	// contains filtered or unexported fields
}

func NewInterface

func NewInterface(wgDev *wgtypes.Device, client *wgctrl.Client) (*Interface, error)

func (*Interface) AddModifiedHandler

func (i *Interface) AddModifiedHandler(h InterfaceModifiedHandler)

func (*Interface) AddPeer

func (i *Interface) AddPeer(pcfg *wgtypes.PeerConfig) error

func (*Interface) AddPeerHandler

func (i *Interface) AddPeerHandler(h PeerHandler)

func (*Interface) AddPeerStateChangeHandler

func (i *Interface) AddPeerStateChangeHandler(h PeerStateChangedHandler)

func (*Interface) BindUpdate

func (i *Interface) BindUpdate(listenPort int) error

func (*Interface) Close

func (i *Interface) Close() error

func (*Interface) ConfigureDevice

func (i *Interface) ConfigureDevice(cfg wgtypes.Config) error

func (*Interface) DumpConfig

func (i *Interface) DumpConfig(wr io.Writer) error

func (*Interface) ForEachFeature

func (i *Interface) ForEachFeature(cb func(fi FeatureInterface) error) error

func (*Interface) IsUserspace

func (i *Interface) IsUserspace() bool

func (*Interface) Marshal

func (i *Interface) Marshal() *coreproto.Interface

func (*Interface) MarshalWithPeers

func (i *Interface) MarshalWithPeers(cb func(p *Peer) *coreproto.Peer) *coreproto.Interface

func (*Interface) Name

func (i *Interface) Name() string

func (*Interface) OnInterfaceModified

func (i *Interface) OnInterfaceModified(_ *Interface, _ *wg.Interface, mod InterfaceModifier)

func (*Interface) PrivateKey

func (i *Interface) PrivateKey() crypto.Key

PublicKey returns the Curve25519 private key of the WireGuard interface

func (*Interface) PublicKey

func (i *Interface) PublicKey() crypto.Key

PublicKey returns the Curve25519 public key of the WireGuard interface

func (*Interface) RemoveModifiedHandler

func (i *Interface) RemoveModifiedHandler(h InterfaceModifiedHandler)

func (*Interface) RemovePeer

func (i *Interface) RemovePeer(pk crypto.Key) error

func (*Interface) RemovePeerHandler

func (i *Interface) RemovePeerHandler(h PeerHandler)

func (*Interface) RemovePeerStateChangeHandler

func (i *Interface) RemovePeerStateChangeHandler(h PeerStateChangedHandler)

func (*Interface) Start

func (i *Interface) Start() error

func (*Interface) String

func (i *Interface) String() string

func (*Interface) SyncFeatures

func (i *Interface) SyncFeatures() error

func (*Interface) UpdatePeer

func (i *Interface) UpdatePeer(pcfg *wgtypes.PeerConfig) error

func (*Interface) WireGuardConfig

func (i *Interface) WireGuardConfig() *wgtypes.Config

type InterfaceAddedEvent

type InterfaceAddedEvent struct {
	Interface *Interface
}

type InterfaceEvent

type InterfaceEvent struct {
	Op   InterfaceEventOp
	Name string
}

func (InterfaceEvent) String

func (e InterfaceEvent) String() string

type InterfaceEventOp

type InterfaceEventOp int
const (
	InterfaceAdded InterfaceEventOp = iota
	InterfaceDeleted
)

func (InterfaceEventOp) String

func (ls InterfaceEventOp) String() string

type InterfaceFilterFunc

type InterfaceFilterFunc func(string) bool

type InterfaceHandler

type InterfaceHandler interface {
	OnInterfaceAdded(i *Interface)
	OnInterfaceRemoved(i *Interface)
}

type InterfaceList

type InterfaceList map[string]*Interface

InterfaceList stores all WireGuard interfaces indexed by their unique ifindex

func (*InterfaceList) ByIndex

func (l *InterfaceList) ByIndex(index int) *Interface

func (*InterfaceList) ByName

func (l *InterfaceList) ByName(name string) *Interface

func (*InterfaceList) ByPublicKey

func (l *InterfaceList) ByPublicKey(pk crypto.Key) *Interface

type InterfaceModifiedEvent

type InterfaceModifiedEvent struct {
	Interface *Interface
	Old       *wg.Interface
	Modified  InterfaceModifier
}

type InterfaceModifiedHandler

type InterfaceModifiedHandler interface {
	OnInterfaceModified(i *Interface, old *wg.Interface, m InterfaceModifier)
}

type InterfaceModifier

type InterfaceModifier int
const (
	InterfaceModifiedName InterfaceModifier = (1 << iota)
	InterfaceModifiedType
	InterfaceModifiedPrivateKey
	InterfaceModifiedListenPort
	InterfaceModifiedFirewallMark
	InterfaceModifiedPeers

	InterfaceModifierCount                   = 6
	InterfaceModifiedNone  InterfaceModifier = 0
)

func (InterfaceModifier) Is

func (InterfaceModifier) String

func (i InterfaceModifier) String() string

func (InterfaceModifier) Strings

func (i InterfaceModifier) Strings() []string

type InterfaceRemovedEvent

type InterfaceRemovedEvent struct {
	Interface *Interface
}

type Peer

type Peer struct {
	*wgtypes.Peer

	Name  string
	Hosts map[string][]net.IP

	Interface *Interface

	LastReceiveTime     time.Time
	LastTransmitTime    time.Time
	LastStateChangeTime time.Time
	// contains filtered or unexported fields
}

func NewPeer

func NewPeer(wgp *wgtypes.Peer, i *Interface) (*Peer, error)

NewPeer creates a peer and initiates a new ICE agent

func (*Peer) AddAllowedIP

func (p *Peer) AddAllowedIP(a net.IPNet) error

AddAllowedIP adds a new IP network to the allowed ip list of the WireGuard peer

func (*Peer) AddModifiedHandler

func (p *Peer) AddModifiedHandler(h PeerModifiedHandler)

AddModifiedHandler registers a new handler which is called whenever the peer has been modified

func (*Peer) IsControlling

func (p *Peer) IsControlling() bool

IsControlling determines if the peer is controlling the ICE session by selecting the peer which has the smaller public key

func (*Peer) Marshal

func (p *Peer) Marshal() *coreproto.Peer

func (*Peer) PresharedKey

func (p *Peer) PresharedKey() crypto.Key

PresharedKey returns the Curve25199 preshared key of the WireGuard peer

func (*Peer) PublicKey

func (p *Peer) PublicKey() crypto.Key

PublicKey returns the Curve25199 public key of the WireGuard peer

func (*Peer) PublicKeyPair

func (p *Peer) PublicKeyPair() *crypto.PublicKeyPair

PublicKeyPair returns both the public key of the local (our) and remote peer (theirs)

func (*Peer) PublicPrivateKeyPair

func (p *Peer) PublicPrivateKeyPair() *crypto.KeyPair

PublicPrivateKeyPair returns both the public key of the local (our) and remote peer (theirs)

func (*Peer) Reachability

func (p *Peer) Reachability() coreproto.ReachabilityType

func (*Peer) RemoveAllowedIP

func (p *Peer) RemoveAllowedIP(a net.IPNet) error

RemoveAllowedIP removes a new IP network from the allowed ip list of the WireGuard peer

func (*Peer) RemoveModifiedHandler

func (p *Peer) RemoveModifiedHandler(h PeerModifiedHandler)

func (*Peer) SetEndpoint

func (p *Peer) SetEndpoint(addr *net.UDPAddr) error

SetEndpoint sets a new endpoint for the WireGuard peer

func (*Peer) SetPresharedKey

func (p *Peer) SetPresharedKey(psk *crypto.Key) error

SetPresharedKey sets a new preshared key for the WireGuard peer

func (*Peer) SetStateIf

func (p *Peer) SetStateIf(newState PeerState, prevStates ...PeerState) (PeerState, bool)

SetStateIf updates the connection state of the peer if the previous state matches one of the supplied previous states. It returns true if the state has been changed.

func (*Peer) SetStateIfNot

func (p *Peer) SetStateIfNot(newState PeerState, prevStates ...PeerState) (PeerState, bool)

SetStateIf updates the connection state of the peer if the previous state does not match any of the supplied previous states.

func (*Peer) State

func (p *Peer) State() PeerState

func (*Peer) String

func (p *Peer) String() string

String returns the peers public key as a base64-encoded string

func (*Peer) Sync

func (p *Peer) Sync(newPeer *wgtypes.Peer) (PeerModifier, []net.IPNet, []net.IPNet)

func (*Peer) WireGuardConfig

func (p *Peer) WireGuardConfig() *wgtypes.PeerConfig

WireGuardConfig return the WireGuard peer configuration

type PeerAddedEvent

type PeerAddedEvent struct {
	Peer *Peer
}

type PeerHandler

type PeerHandler interface {
	OnPeerAdded(p *Peer)
	OnPeerRemoved(p *Peer)
}

type PeerModifiedEvent

type PeerModifiedEvent struct {
	Peer              *Peer
	Old               *wgtypes.Peer
	Modified          PeerModifier
	AllowedIPsAdded   []net.IPNet
	AllowedIPsRemoved []net.IPNet
}

type PeerModifiedHandler

type PeerModifiedHandler interface {
	OnPeerModified(p *Peer, old *wgtypes.Peer, m PeerModifier, ipsAdded, ipsRemoved []net.IPNet)
}

type PeerModifier

type PeerModifier uint32
const (
	PeerModifiedPresharedKey PeerModifier = (1 << iota)
	PeerModifiedEndpoint
	PeerModifiedKeepaliveInterval
	PeerModifiedHandshakeTime
	PeerModifiedReceiveBytes
	PeerModifiedTransmitBytes
	PeerModifiedAllowedIPs
	PeerModifiedProtocolVersion
	PeerModifiedName

	PeerModifierCount              = 8
	PeerModifiedNone  PeerModifier = 0
)

func (PeerModifier) Is

func (i PeerModifier) Is(j PeerModifier) bool

func (PeerModifier) String

func (i PeerModifier) String() string

func (PeerModifier) Strings

func (i PeerModifier) Strings() []string

type PeerRemovedEvent

type PeerRemovedEvent struct {
	Peer *Peer
}

type PeerState

type PeerState = coreproto.PeerState

type PeerStateChangedHandler

type PeerStateChangedHandler interface {
	OnPeerStateChanged(p *Peer, newState, prevState PeerState)
}

type SyncableFeatureInterface

type SyncableFeatureInterface interface {
	Sync() error
}

type Watcher

type Watcher struct {
	// contains filtered or unexported fields
}

Watcher monitors both userspace and kernel for changes to WireGuard interfaces

func NewWatcher

func NewWatcher(client *wgctrl.Client, interval time.Duration, filter InterfaceFilterFunc) (*Watcher, error)

func (*Watcher) AddAllHandler

func (w *Watcher) AddAllHandler(h AllHandler)

AddAllHandler adds a new handler to all the events observed by the watcher.

func (*Watcher) AddInterfaceHandler

func (w *Watcher) AddInterfaceHandler(h InterfaceHandler)

AddInterfaceHandler registers an handler for interface-related events

func (*Watcher) AddPeerHandler

func (w *Watcher) AddPeerHandler(h PeerHandler)

AddPeerHandler registers an handler for peer-related events

func (*Watcher) Close

func (w *Watcher) Close() error

func (*Watcher) ForEachInterface

func (w *Watcher) ForEachInterface(cb func(i *Interface) error) error

func (*Watcher) ForEachPeer

func (w *Watcher) ForEachPeer(cb func(p *Peer) error) error

func (*Watcher) InterfaceByIndex

func (w *Watcher) InterfaceByIndex(idx int) *Interface

func (*Watcher) InterfaceByName

func (w *Watcher) InterfaceByName(name string) *Interface

func (*Watcher) InterfaceByPublicKey

func (w *Watcher) InterfaceByPublicKey(pk crypto.Key) *Interface

func (*Watcher) Peer

func (w *Watcher) Peer(intf string, pk *crypto.Key) *Peer

func (*Watcher) PeerByPublicKey

func (w *Watcher) PeerByPublicKey(pk *crypto.Key) *Peer

func (*Watcher) Sync

func (w *Watcher) Sync() error

func (*Watcher) Watch

func (w *Watcher) Watch()

Directories

Path Synopsis
feature
autocfg
Package autocfg handles initial auto-configuration of new interfaces and peers
Package autocfg handles initial auto-configuration of new interfaces and peers
epdisc
Package epdisc implements endpoint (EP) discovery using Interactive Connection Establishment (ICE).
Package epdisc implements endpoint (EP) discovery using Interactive Connection Establishment (ICE).
hsync
Package hsync synchronizes /etc/hosts with pairs of peer hostname and their respective IP addresses
Package hsync synchronizes /etc/hosts with pairs of peer hostname and their respective IP addresses
pdisc
Package pdisc implements peer discovery based on a shared community passphrase.
Package pdisc implements peer discovery based on a shared community passphrase.
rtsync
Package rtsync synchronizes the kernel routing table with the AllowedIPs of each WireGuard peer
Package rtsync synchronizes the kernel routing table with the AllowedIPs of each WireGuard peer

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL