proxy

package module

v0.1.0 Latest Latest Go to latest Published: Nov 16, 2024 License: GPL-3.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Amnesic-Systems/veil-proxy

Links

Open Source Insights

README ¶

veil-proxy

veil-proxy tunnels network traffic between veil and the Internet by creating a tun-based virtual network interface that's connected to the enclave's tun interface. A single TCP connection between veil-proxy and veil is forwarding traffic back and forth.

The diagram above illustrates the architecture. The yellow components are under your control: clients, the enclave application, and the network traffic between clients and the enclave application. veil-proxy tunnels your network traffic over a VSOCK-based point-to-point TCP connection between veil-proxy and veil. The diagram above shows a client making an HTTPS request to the enclave.

Usage

Compile and run veil-proxy by running:

make run

Performance

Take a look at this wiki page to learn more about traffic throughput.

Documentation ¶

Rendered for

Index ¶

Constants
func SetupTunAsEnclave() (*os.File, error)
func SetupTunAsProxy() (*os.File, error)
func ToggleNAT(toggle bool) error
func TunToVsock(from io.ReadCloser, to io.WriteCloser, ch chan error, wg *sync.WaitGroup)
func VsockToTun(from io.ReadCloser, to io.WriteCloser, ch chan error, wg *sync.WaitGroup)

Constants ¶

View Source

const (
	On  = true
	Off = false
)

View Source

const (
	DefaultPort = 1024
)

Variables ¶

This section is empty.

Functions ¶

func SetupTunAsEnclave ¶

func SetupTunAsEnclave() (*os.File, error)

SetupTunAsEnclave sets up a tun interface and returns a ready-to-use file descriptor.

func SetupTunAsProxy ¶

func SetupTunAsProxy() (*os.File, error)

SetupTunAsProxy sets up a tun interface and returns a ready-to-use file descriptor.

func ToggleNAT ¶

func ToggleNAT(toggle bool) error

ToggleNAT toggles our iptables NAT rules, which ensure that the enclave can talk to the Internet.

func TunToVsock ¶

func TunToVsock(from io.ReadCloser, to io.WriteCloser, ch chan error, wg *sync.WaitGroup)

TunToVsock forwards network packets from the tun device to our TCP-over-VSOCK connection. The function keeps on forwarding packets until we encounter an error or EOF. Errors (including EOF) are written to the given channel.

func VsockToTun ¶

func VsockToTun(from io.ReadCloser, to io.WriteCloser, ch chan error, wg *sync.WaitGroup)

VsockToTun forwards network packets from our TCP-over-VSOCK connection to the tun interface. The function keeps on forwarding packets until we encounter an error or EOF. Errors (including EOF) are written to the given channel.

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL