wireguard

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 28, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func TryStun 

func TryStun(ctx context.Context, bind conn.Bind, srcPort uint16, stunServers ...string) (netip.AddrPort, error)

TrySTUN tries to resolve the external IP address and port of the host by sending a STUN request to the specified STUN servers.

Types

type DeviceConfig 

type DeviceConfig struct {
	// Private key (base64). "0" indicates removal in set operations.
	PrivateKey *string `ini:"PrivateKey" uapi:"private_key,hex"`
	// Listening port in decimal-string format.
	ListenPort *uint16 `ini:"ListenPort" uapi:"listen_port"`
	// Decimal-string integer for fwmark. Zero indicates removal in set operations.
	FirewallMark *uint32 `ini:"FwMark" uapi:"fwmark"`
	// Only for set operations; true means subsequent peers replace existing ones.
	ReplacePeers *bool `uapi:"replace_peers"`

	// wg-quick specific fields.
	// Comma-separated list of IP (v4 or v6) addresses with CIDR to assign to the interface.
	Address []string `ini:"Address"`
	// Comma-separated list of DNS IPs or non-IP DNS search domains.
	DNS []string `ini:"DNS"`
	// Optional MTU; if unset, system automatically determines it.
	MTU *int `ini:"MTU"`
	// Controls the routing table; "off" disables routes, "auto" is default.
	Table *string `ini:"Table"`
	// Commands executed before the interface is up. Can be specified multiple times.
	PreUp []string `ini:"PreUp"`
	// Commands executed after the interface is up. Can be specified multiple times.
	PostUp []string `ini:"PostUp"`
	// Commands executed before the interface is down. Can be specified multiple times.
	PreDown []string `ini:"PreDown"`
	// Commands executed after the interface is down. Can be specified multiple times.
	PostDown []string `ini:"PostDown"`

	// Apoxy specific fields.
	// STUN servers to use for endpoint resolution.
	STUNServers []string
	// Verbose logging.
	Verbose *bool
}

DeviceConfig represents the configuration of a WireGuard device. This is the [Interface] section of a wg-quick(8) compatible INI configuration file.

type PeerConfig 

type PeerConfig struct {
	// Public key (base64). Unique within a message; not repeated.
	PublicKey *string `ini:"PublicKey" uapi:"public_key,hex"`
	// Preshared key (base64), "0" removes it in set operations.
	PresharedKey *string `ini:"PresharedKey" uapi:"preshared_key,hex"`
	// Endpoint in IP:port format (IPv4) or [IP]:port format (IPv6).
	Endpoint *string `ini:"Endpoint" uapi:"endpoint"`
	// Keepalive interval; 0 disables it.
	PersistentKeepaliveIntervalSec *uint16 `ini:"PersistentKeepalive" uapi:"persistent_keepalive_interval"`
	// IP/cidr for allowed IPs for this peer.
	AllowedIPs []string `ini:"AllowedIPs" uapi:"allowed_ip"`
	// Only for set operations; true means allowed IPs replace existing ones.
	ReplaceAllowedIPs *bool `uapi:"replace_allowed_ips"`
	// Only for set operations; true removes the previously added peer.
	Remove *bool `uapi:"remove"`
	// Only for set operations; true restricts changes to existing peers only.
	UpdateOnly *bool `uapi:"update_only"`

	// Fields valid only in get operations
	// Number of received bytes.
	RxBytes *uint64 `uapi:"rx_bytes"`
	// Number of transmitted bytes.
	TxBytes *uint64 `uapi:"tx_bytes"`
	// Seconds since Unix epoch of last handshake.
	LastHandshakeTimeSec *uint64 `uapi:"last_handshake_time_sec"`
	// Nanoseconds since Unix epoch of last handshake.
	LastHandshakeTimeNSec *uint64 `uapi:"last_handshake_time_nsec"`
}

PeerConfig represents the configuration of a WireGuard peer. This is the [Peer] section of a wg-quick(8) compatible INI configuration file.

type WireGuardNetwork 

type WireGuardNetwork struct {
	// contains filtered or unexported fields
}

WireGuardNetwork is a user-space network implementation that uses WireGuard.

func Network 

func Network(conf *DeviceConfig) (*WireGuardNetwork, error)

Network returns a new WireGuardNetwork.

func (*WireGuardNetwork) AddPeer 

func (n *WireGuardNetwork) AddPeer(peerConf *PeerConfig) error

AddPeer adds, or updates, a peer to the WireGuard network.

func (*WireGuardNetwork) Close 

func (n *WireGuardNetwork) Close()

func (*WireGuardNetwork) DialContext 

func (n *WireGuardNetwork) DialContext(ctx context.Context, network, addr string) (net.Conn, error)

func (*WireGuardNetwork) Endpoint 

func (n *WireGuardNetwork) Endpoint() netip.AddrPort

Endpoint returns the external endpoint of the WireGuard network.

func (*WireGuardNetwork) FowardToLoopback 

func (n *WireGuardNetwork) FowardToLoopback(ctx context.Context) error

FowardToLoopback forwards all inbound traffic to the loopback interface.

func (*WireGuardNetwork) LocalAddresses 

func (n *WireGuardNetwork) LocalAddresses() []netip.Prefix

LocalAddresses returns the list of local addresses assigned to the WireGuard network.

func (*WireGuardNetwork) LookupContextHost 

func (n *WireGuardNetwork) LookupContextHost(ctx context.Context, host string) ([]string, error)

func (*WireGuardNetwork) Peers added in v0.4.2 

func (n *WireGuardNetwork) Peers() ([]PeerConfig, error)

Peers returns the list of public keys for all peers on the WireGuard network.

func (*WireGuardNetwork) PublicKey 

func (n *WireGuardNetwork) PublicKey() string

PublicKey returns the public key for this peer on the WireGuard network.

func (*WireGuardNetwork) RemovePeer 

func (n *WireGuardNetwork) RemovePeer(publicKey string) error

RemovePeer removes a peer from the WireGuard network.

Source Files

View all Source files

Directories

Path Synopsis
Package uapi implements a marshaller for the WireGuard User-space API.
 Package uapi implements a marshaller for the WireGuard User-space API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.