wireguard

package
v0.5.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 2, 2025 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func TryStun

func TryStun(ctx context.Context, bind conn.Bind, srcPort uint16, stunServers ...string) (netip.AddrPort, error)

TrySTUN tries to resolve the external IP address and port of the host by sending a STUN request to the specified STUN servers.

Types

type DeviceConfig

type DeviceConfig struct {
	// Private key (base64). "0" indicates removal in set operations.
	PrivateKey *string `ini:"PrivateKey" uapi:"private_key,hex"`
	// Listening port in decimal-string format.
	ListenPort *uint16 `ini:"ListenPort" uapi:"listen_port"`
	// Decimal-string integer for fwmark. Zero indicates removal in set operations.
	FirewallMark *uint32 `ini:"FwMark" uapi:"fwmark"`
	// Only for set operations; true means subsequent peers replace existing ones.
	ReplacePeers *bool `uapi:"replace_peers"`

	// wg-quick specific fields.
	// Comma-separated list of IP (v4 or v6) addresses with CIDR to assign to the interface.
	Address []string `ini:"Address"`
	// Comma-separated list of DNS IPs or non-IP DNS search domains.
	DNS []string `ini:"DNS"`
	// Optional MTU; if unset, system automatically determines it.
	MTU *int `ini:"MTU"`
	// Controls the routing table; "off" disables routes, "auto" is default.
	Table *string `ini:"Table"`
	// Commands executed before the interface is up. Can be specified multiple times.
	PreUp []string `ini:"PreUp"`
	// Commands executed after the interface is up. Can be specified multiple times.
	PostUp []string `ini:"PostUp"`
	// Commands executed before the interface is down. Can be specified multiple times.
	PreDown []string `ini:"PreDown"`
	// Commands executed after the interface is down. Can be specified multiple times.
	PostDown []string `ini:"PostDown"`

	// Apoxy specific fields.
	// STUN servers to use for endpoint resolution.
	STUNServers []string
	// Verbose logging.
	Verbose *bool
}

DeviceConfig represents the configuration of a WireGuard device. This is the [Interface] section of a wg-quick(8) compatible INI configuration file.

type PeerConfig

type PeerConfig struct {
	// Public key (base64). Unique within a message; not repeated.
	PublicKey *string `ini:"PublicKey" uapi:"public_key,hex"`
	// Preshared key (base64), "0" removes it in set operations.
	PresharedKey *string `ini:"PresharedKey" uapi:"preshared_key,hex"`
	// Endpoint in IP:port format (IPv4) or [IP]:port format (IPv6).
	Endpoint *string `ini:"Endpoint" uapi:"endpoint"`
	// Keepalive interval; 0 disables it.
	PersistentKeepaliveIntervalSec *uint16 `ini:"PersistentKeepalive" uapi:"persistent_keepalive_interval"`
	// IP/cidr for allowed IPs for this peer.
	AllowedIPs []string `ini:"AllowedIPs" uapi:"allowed_ip"`
	// Only for set operations; true means allowed IPs replace existing ones.
	ReplaceAllowedIPs *bool `uapi:"replace_allowed_ips"`
	// Only for set operations; true removes the previously added peer.
	Remove *bool `uapi:"remove"`
	// Only for set operations; true restricts changes to existing peers only.
	UpdateOnly *bool `uapi:"update_only"`

	// Fields valid only in get operations
	// Number of received bytes.
	RxBytes *uint64 `uapi:"rx_bytes"`
	// Number of transmitted bytes.
	TxBytes *uint64 `uapi:"tx_bytes"`
	// Seconds since Unix epoch of last handshake.
	LastHandshakeTimeSec *uint64 `uapi:"last_handshake_time_sec"`
	// Nanoseconds since Unix epoch of last handshake.
	LastHandshakeTimeNSec *uint64 `uapi:"last_handshake_time_nsec"`
}

PeerConfig represents the configuration of a WireGuard peer. This is the [Peer] section of a wg-quick(8) compatible INI configuration file.

type WireGuardNetwork

type WireGuardNetwork struct {
	// contains filtered or unexported fields
}

WireGuardNetwork is a user-space network implementation that uses WireGuard.

func Network

func Network(conf *DeviceConfig) (*WireGuardNetwork, error)

Network returns a new WireGuardNetwork.

func (*WireGuardNetwork) AddPeer

func (n *WireGuardNetwork) AddPeer(peerConf *PeerConfig) error

AddPeer adds, or updates, a peer to the WireGuard network.

func (*WireGuardNetwork) Close

func (n *WireGuardNetwork) Close()

func (*WireGuardNetwork) DialContext

func (n *WireGuardNetwork) DialContext(ctx context.Context, network, addr string) (net.Conn, error)

func (*WireGuardNetwork) Endpoint

func (n *WireGuardNetwork) Endpoint() netip.AddrPort

Endpoint returns the external endpoint of the WireGuard network.

func (*WireGuardNetwork) FowardToLoopback

func (n *WireGuardNetwork) FowardToLoopback(ctx context.Context) error

FowardToLoopback forwards all inbound traffic to the loopback interface.

func (*WireGuardNetwork) LocalAddresses

func (n *WireGuardNetwork) LocalAddresses() []netip.Prefix

LocalAddresses returns the list of local addresses assigned to the WireGuard network.

func (*WireGuardNetwork) LookupContextHost

func (n *WireGuardNetwork) LookupContextHost(ctx context.Context, host string) ([]string, error)

func (*WireGuardNetwork) Peers added in v0.4.2

func (n *WireGuardNetwork) Peers() ([]PeerConfig, error)

Peers returns the list of public keys for all peers on the WireGuard network.

func (*WireGuardNetwork) PublicKey

func (n *WireGuardNetwork) PublicKey() string

PublicKey returns the public key for this peer on the WireGuard network.

func (*WireGuardNetwork) RemovePeer

func (n *WireGuardNetwork) RemovePeer(publicKey string) error

RemovePeer removes a peer from the WireGuard network.

Directories

Path Synopsis
Package uapi implements a marshaller for the WireGuard User-space API.
Package uapi implements a marshaller for the WireGuard User-space API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL