daemon

package
v0.5.20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 5, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Overview

Package watcher keeps track and monitors for new, removed and modified WireGuard interfaces and peers.

Index

Constants

View Source 
const (
	PeerStateNew        = coreproto.PeerState_NEW
	PeerStateConnecting = coreproto.PeerState_CONNECTING
	PeerStateConnected  = coreproto.PeerState_CONNECTED
	PeerStateFailed     = coreproto.PeerState_FAILED
	PeerStateClosed     = coreproto.PeerState_CLOSED
)

Prettier aliases for the protobuf constants

Variables

View Source 
var (
	ErrFeatureDeactivated = errors.New("feature deactivated")
)
View Source 
var InterfaceModifiersStrings = []string{
	"name",
	"type",
	"private-key",
	"listen-port",
	"firewall-mark",
	"peers",
}
View Source 
var PeerModifiersStrings = []string{
	"preshared-key",
	"endpoint",
	"keepalive-interval",
	"handshake-time",
	"receive-bytes",
	"transmit-bytes",
	"allowed-ips",
	"protocol-version",
	"name",
}

Functions

func RegisterFeature 

func RegisterFeature[I FeatureInterface](ctor func(i *Interface) (I, error), order int,
) func(*Interface) I

Types

type AllHandler 

type AllHandler interface {
	InterfaceHandler
	InterfaceModifiedHandler
	PeerHandler
	PeerModifiedHandler
}

type Daemon 

type Daemon struct {
	*Watcher

	Backend *signaling.MultiBackend
	Client  *wgctrl.Client
	Config  *config.Config
	// contains filtered or unexported fields
}

func NewDaemon 

func NewDaemon(cfg *config.Config) (*Daemon, error)

func (*Daemon) Close 

func (d *Daemon) Close() error

func (*Daemon) CreateDevices 

func (d *Daemon) CreateDevices() error

func (*Daemon) OnInterfaceAdded 

func (d *Daemon) OnInterfaceAdded(i *Interface)

func (*Daemon) OnInterfaceRemoved 

func (d *Daemon) OnInterfaceRemoved(i *Interface)

func (*Daemon) Shutdown 

func (d *Daemon) Shutdown(restart bool)

Stop stops the daemon

func (*Daemon) Start 

func (d *Daemon) Start() error

Start starts the daemon and blocks until Stop() is called.

func (*Daemon) Sync 

func (d *Daemon) Sync() error

type Event 

type Event any

type EventsHandler 

type EventsHandler struct {
	Events chan Event
}

func NewEventsHandler 

func NewEventsHandler(length int) *EventsHandler

func (*EventsHandler) OnInterfaceAdded 

func (h *EventsHandler) OnInterfaceAdded(i *Interface)

func (*EventsHandler) OnInterfaceModified 

func (h *EventsHandler) OnInterfaceModified(i *Interface, old *wg.Interface, m InterfaceModifier)

func (*EventsHandler) OnInterfaceRemoved 

func (h *EventsHandler) OnInterfaceRemoved(i *Interface)

func (*EventsHandler) OnPeerAdded 

func (h *EventsHandler) OnPeerAdded(p *Peer)

func (*EventsHandler) OnPeerModified 

func (h *EventsHandler) OnPeerModified(p *Peer, old *wgtypes.Peer, m PeerModifier, ipsAdded, ipsRemoved []net.IPNet)

func (*EventsHandler) OnPeerRemoved 

func (h *EventsHandler) OnPeerRemoved(p *Peer)

type Feature 

type Feature struct {
	New func(i *Interface) (FeatureInterface, error)
	// contains filtered or unexported fields
}

type FeatureInterface 

type FeatureInterface interface {
	Start() error
	Close() error
}

type Interface 

type Interface struct {
	// WireGuard handle of device
	*wg.Interface

	// OS abstractions for kernel device
	device.Device

	Peers map[crypto.Key]*Peer

	LastSync time.Time

	Daemon   *Daemon
	Settings *config.InterfaceSettings
	// contains filtered or unexported fields
}

func NewInterface 

func NewInterface(wgDev *wgtypes.Device, client *wgctrl.Client) (*Interface, error)

func (*Interface) AddModifiedHandler 

func (i *Interface) AddModifiedHandler(h InterfaceModifiedHandler)

func (*Interface) AddPeer 

func (i *Interface) AddPeer(pcfg *wgtypes.PeerConfig) error

func (*Interface) AddPeerHandler 

func (i *Interface) AddPeerHandler(h PeerHandler)

func (*Interface) AddPeerStateChangeHandler 

func (i *Interface) AddPeerStateChangeHandler(h PeerStateChangedHandler)

func (*Interface) BindUpdate 

func (i *Interface) BindUpdate(listenPort int) error

func (*Interface) Close 

func (i *Interface) Close() error

func (*Interface) ConfigureDevice 

func (i *Interface) ConfigureDevice(cfg wgtypes.Config) error

func (*Interface) DumpConfig 

func (i *Interface) DumpConfig(wr io.Writer) error

func (*Interface) ForEachFeature 

func (i *Interface) ForEachFeature(cb func(fi FeatureInterface) error) error

func (*Interface) IsUserspace 

func (i *Interface) IsUserspace() bool

func (*Interface) Marshal 

func (i *Interface) Marshal() *coreproto.Interface

func (*Interface) MarshalWithPeers 

func (i *Interface) MarshalWithPeers(cb func(p *Peer) *coreproto.Peer) *coreproto.Interface

func (*Interface) Name 

func (i *Interface) Name() string

func (*Interface) OnInterfaceModified 

func (i *Interface) OnInterfaceModified(_ *Interface, _ *wg.Interface, mod InterfaceModifier)

func (*Interface) PrivateKey 

func (i *Interface) PrivateKey() crypto.Key

PublicKey returns the Curve25519 private key of the WireGuard interface

func (*Interface) PublicKey 

func (i *Interface) PublicKey() crypto.Key

PublicKey returns the Curve25519 public key of the WireGuard interface

func (*Interface) RemoveModifiedHandler 

func (i *Interface) RemoveModifiedHandler(h InterfaceModifiedHandler)

func (*Interface) RemovePeer 

func (i *Interface) RemovePeer(pk crypto.Key) error

func (*Interface) RemovePeerHandler 

func (i *Interface) RemovePeerHandler(h PeerHandler)

func (*Interface) RemovePeerStateChangeHandler 

func (i *Interface) RemovePeerStateChangeHandler(h PeerStateChangedHandler)

func (*Interface) Start 

func (i *Interface) Start() error

func (*Interface) String 

func (i *Interface) String() string

func (*Interface) SyncFeatures 

func (i *Interface) SyncFeatures() error

func (*Interface) UpdatePeer 

func (i *Interface) UpdatePeer(pcfg *wgtypes.PeerConfig) error

func (*Interface) WireGuardConfig 

func (i *Interface) WireGuardConfig() *wgtypes.Config

type InterfaceAddedEvent 

type InterfaceAddedEvent struct {
	Interface *Interface
}

type InterfaceEvent 

type InterfaceEvent struct {
	Op   InterfaceEventOp
	Name string
}

func (InterfaceEvent) String 

func (e InterfaceEvent) String() string

type InterfaceEventOp 

type InterfaceEventOp int
const (
	InterfaceAdded InterfaceEventOp = iota
	InterfaceDeleted
)

func (InterfaceEventOp) String 

func (ls InterfaceEventOp) String() string

type InterfaceFilterFunc 

type InterfaceFilterFunc func(string) bool

type InterfaceHandler 

type InterfaceHandler interface {
	OnInterfaceAdded(i *Interface)
	OnInterfaceRemoved(i *Interface)
}

type InterfaceList 

type InterfaceList map[string]*Interface

InterfaceList stores all WireGuard interfaces indexed by their unique ifindex

func (*InterfaceList) ByIndex 

func (l *InterfaceList) ByIndex(index int) *Interface

func (*InterfaceList) ByName 

func (l *InterfaceList) ByName(name string) *Interface

func (*InterfaceList) ByPublicKey 

func (l *InterfaceList) ByPublicKey(pk crypto.Key) *Interface

type InterfaceModifiedEvent 

type InterfaceModifiedEvent struct {
	Interface *Interface
	Old       *wg.Interface
	Modified  InterfaceModifier
}

type InterfaceModifiedHandler 

type InterfaceModifiedHandler interface {
	OnInterfaceModified(i *Interface, old *wg.Interface, m InterfaceModifier)
}

type InterfaceModifier 

type InterfaceModifier int
const (
	InterfaceModifiedName InterfaceModifier = (1 << iota)
	InterfaceModifiedType
	InterfaceModifiedPrivateKey
	InterfaceModifiedListenPort
	InterfaceModifiedFirewallMark
	InterfaceModifiedPeers

	InterfaceModifierCount                   = 6
	InterfaceModifiedNone  InterfaceModifier = 0
)

func (InterfaceModifier) Is 

func (i InterfaceModifier) Is(j InterfaceModifier) bool

func (InterfaceModifier) String 

func (i InterfaceModifier) String() string

func (InterfaceModifier) Strings 

func (i InterfaceModifier) Strings() []string

type InterfaceRemovedEvent 

type InterfaceRemovedEvent struct {
	Interface *Interface
}

type Peer 

type Peer struct {
	*wgtypes.Peer

	Name  string
	Hosts map[string][]net.IP

	Interface *Interface

	LastReceiveTime     time.Time
	LastTransmitTime    time.Time
	LastStateChangeTime time.Time
	// contains filtered or unexported fields
}

func NewPeer 

func NewPeer(wgp *wgtypes.Peer, i *Interface) (*Peer, error)

NewPeer creates a peer and initiates a new ICE agent

func (*Peer) AddAllowedIP 

func (p *Peer) AddAllowedIP(a net.IPNet) error

AddAllowedIP adds a new IP network to the allowed ip list of the WireGuard peer

func (*Peer) AddModifiedHandler 

func (p *Peer) AddModifiedHandler(h PeerModifiedHandler)

AddModifiedHandler registers a new handler which is called whenever the peer has been modified

func (*Peer) IsControlling 

func (p *Peer) IsControlling() bool

IsControlling determines if the peer is controlling the ICE session by selecting the peer which has the smaller public key

func (*Peer) Marshal 

func (p *Peer) Marshal() *coreproto.Peer

func (*Peer) PresharedKey 

func (p *Peer) PresharedKey() crypto.Key

PresharedKey returns the Curve25199 preshared key of the WireGuard peer

func (*Peer) PublicKey 

func (p *Peer) PublicKey() crypto.Key

PublicKey returns the Curve25199 public key of the WireGuard peer

func (*Peer) PublicKeyPair 

func (p *Peer) PublicKeyPair() *crypto.PublicKeyPair

PublicKeyPair returns both the public key of the local (our) and remote peer (theirs)

func (*Peer) PublicPrivateKeyPair 

func (p *Peer) PublicPrivateKeyPair() *crypto.KeyPair

PublicPrivateKeyPair returns both the public key of the local (our) and remote peer (theirs)

func (*Peer) Reachability 

func (p *Peer) Reachability() coreproto.ReachabilityType

func (*Peer) RemoveAllowedIP 

func (p *Peer) RemoveAllowedIP(a net.IPNet) error

RemoveAllowedIP removes a new IP network from the allowed ip list of the WireGuard peer

func (*Peer) RemoveModifiedHandler 

func (p *Peer) RemoveModifiedHandler(h PeerModifiedHandler)

func (*Peer) SetEndpoint 

func (p *Peer) SetEndpoint(addr *net.UDPAddr) error

SetEndpoint sets a new endpoint for the WireGuard peer

func (*Peer) SetPresharedKey 

func (p *Peer) SetPresharedKey(psk *crypto.Key) error

SetPresharedKey sets a new preshared key for the WireGuard peer

func (*Peer) SetStateIf 

func (p *Peer) SetStateIf(newState PeerState, prevStates ...PeerState) (PeerState, bool)

SetStateIf updates the connection state of the peer if the previous state matches one of the supplied previous states. It returns true if the state has been changed.

func (*Peer) SetStateIfNot 

func (p *Peer) SetStateIfNot(newState PeerState, prevStates ...PeerState) (PeerState, bool)

SetStateIf updates the connection state of the peer if the previous state does not match any of the supplied previous states.

func (*Peer) State 

func (p *Peer) State() PeerState

func (*Peer) String 

func (p *Peer) String() string

String returns the peers public key as a base64-encoded string

func (*Peer) Sync 

func (p *Peer) Sync(newPeer *wgtypes.Peer) (PeerModifier, []net.IPNet, []net.IPNet)

func (*Peer) WireGuardConfig 

func (p *Peer) WireGuardConfig() *wgtypes.PeerConfig

WireGuardConfig return the WireGuard peer configuration

type PeerAddedEvent 

type PeerAddedEvent struct {
	Peer *Peer
}

type PeerHandler 

type PeerHandler interface {
	OnPeerAdded(p *Peer)
	OnPeerRemoved(p *Peer)
}

type PeerModifiedEvent 

type PeerModifiedEvent struct {
	Peer              *Peer
	Old               *wgtypes.Peer
	Modified          PeerModifier
	AllowedIPsAdded   []net.IPNet
	AllowedIPsRemoved []net.IPNet
}

type PeerModifiedHandler 

type PeerModifiedHandler interface {
	OnPeerModified(p *Peer, old *wgtypes.Peer, m PeerModifier, ipsAdded, ipsRemoved []net.IPNet)
}

type PeerModifier 

type PeerModifier uint32
const (
	PeerModifiedPresharedKey PeerModifier = (1 << iota)
	PeerModifiedEndpoint
	PeerModifiedKeepaliveInterval
	PeerModifiedHandshakeTime
	PeerModifiedReceiveBytes
	PeerModifiedTransmitBytes
	PeerModifiedAllowedIPs
	PeerModifiedProtocolVersion
	PeerModifiedName

	PeerModifierCount              = 8
	PeerModifiedNone  PeerModifier = 0
)

func (PeerModifier) Is 

func (i PeerModifier) Is(j PeerModifier) bool

func (PeerModifier) String 

func (i PeerModifier) String() string

func (PeerModifier) Strings 

func (i PeerModifier) Strings() []string

type PeerRemovedEvent 

type PeerRemovedEvent struct {
	Peer *Peer
}

type PeerState 

type PeerState = coreproto.PeerState

type PeerStateChangedHandler 

type PeerStateChangedHandler interface {
	OnPeerStateChanged(p *Peer, newState, prevState PeerState)
}

type SyncableFeatureInterface 

type SyncableFeatureInterface interface {
	Sync() error
}

type Watcher 

type Watcher struct {
	// contains filtered or unexported fields
}

Watcher monitors both userspace and kernel for changes to WireGuard interfaces

func NewWatcher 

func NewWatcher(client *wgctrl.Client, interval time.Duration, filter InterfaceFilterFunc) (*Watcher, error)

func (*Watcher) AddAllHandler 

func (w *Watcher) AddAllHandler(h AllHandler)

AddAllHandler adds a new handler to all the events observed by the watcher.

func (*Watcher) AddInterfaceHandler 

func (w *Watcher) AddInterfaceHandler(h InterfaceHandler)

AddInterfaceHandler registers an handler for interface-related events

func (*Watcher) AddPeerHandler 

func (w *Watcher) AddPeerHandler(h PeerHandler)

AddPeerHandler registers an handler for peer-related events

func (*Watcher) Close 

func (w *Watcher) Close() error

func (*Watcher) ForEachInterface 

func (w *Watcher) ForEachInterface(cb func(i *Interface) error) error

func (*Watcher) ForEachPeer 

func (w *Watcher) ForEachPeer(cb func(p *Peer) error) error

func (*Watcher) InterfaceByIndex 

func (w *Watcher) InterfaceByIndex(idx int) *Interface

func (*Watcher) InterfaceByName 

func (w *Watcher) InterfaceByName(name string) *Interface

func (*Watcher) InterfaceByPublicKey 

func (w *Watcher) InterfaceByPublicKey(pk crypto.Key) *Interface

func (*Watcher) Peer 

func (w *Watcher) Peer(intf string, pk *crypto.Key) *Peer

func (*Watcher) PeerByPublicKey 

func (w *Watcher) PeerByPublicKey(pk *crypto.Key) *Peer

func (*Watcher) Sync 

func (w *Watcher) Sync() error

func (*Watcher) Watch 

func (w *Watcher) Watch()

Source Files

View all Source files

Directories

Path Synopsis
feature
autocfg
Package autocfg handles initial auto-configuration of new interfaces and peers
 Package autocfg handles initial auto-configuration of new interfaces and peers
cfgsync
epdisc
Package epdisc implements endpoint (EP) discovery using Interactive Connection Establishment (ICE).
 Package epdisc implements endpoint (EP) discovery using Interactive Connection Establishment (ICE).
hooks
hsync
Package hsync synchronizes /etc/hosts with pairs of peer hostname and their respective IP addresses
 Package hsync synchronizes /etc/hosts with pairs of peer hostname and their respective IP addresses
pdisc
Package pdisc implements peer discovery based on a shared community passphrase.
 Package pdisc implements peer discovery based on a shared community passphrase.
rtsync
Package rtsync synchronizes the kernel routing table with the AllowedIPs of each WireGuard peer
 Package rtsync synchronizes the kernel routing table with the AllowedIPs of each WireGuard peer

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.