wireguard

package
v0.8.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 21, 2025 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DeviceConfig 

type DeviceConfig struct {
	// Private key (base64). "0" indicates removal in set operations.
	PrivateKey *string `ini:"PrivateKey" uapi:"private_key,hex"`
	// Listening port in decimal-string format.
	ListenPort *uint16 `ini:"ListenPort" uapi:"listen_port"`
	// Decimal-string integer for fwmark. Zero indicates removal in set operations.
	FirewallMark *uint32 `ini:"FwMark" uapi:"fwmark"`
	// Only for set operations; true means subsequent peers replace existing ones.
	ReplacePeers *bool `uapi:"replace_peers"`

	// wg-quick specific fields.
	// Comma-separated list of IP (v4 or v6) addresses with CIDR to assign to the interface.
	Address []string `ini:"Address"`
	// Comma-separated list of DNS IPs or non-IP DNS search domains.
	DNS []string `ini:"DNS"`
	// Optional MTU; if unset, system automatically determines it.
	MTU *int `ini:"MTU"`
	// Controls the routing table; "off" disables routes, "auto" is default.
	Table *string `ini:"Table"`
	// Commands executed before the interface is up. Can be specified multiple times.
	PreUp []string `ini:"PreUp"`
	// Commands executed after the interface is up. Can be specified multiple times.
	PostUp []string `ini:"PostUp"`
	// Commands executed before the interface is down. Can be specified multiple times.
	PreDown []string `ini:"PreDown"`
	// Commands executed after the interface is down. Can be specified multiple times.
	PostDown []string `ini:"PostDown"`

	// Apoxy specific fields.
	// Packet capture file to write to.
	PacketCapturePath string
	// Bind to use for the device. If nil, the default bind is used.
	Bind conn.Bind
	// Verbose logging.
	Verbose *bool
}

DeviceConfig represents the configuration of a WireGuard device. This is the [Interface] section of a wg-quick(8) compatible INI configuration file.

type IceBind added in v0.7.0 

type IceBind struct {
	// contains filtered or unexported fields
}

func NewIceBind added in v0.7.0 

func NewIceBind(ctx context.Context, conf *ice.AgentConfig) *IceBind

NewIceBind creates a new IceBind.

func (*IceBind) BatchSize added in v0.7.0 

func (b *IceBind) BatchSize() int

func (*IceBind) Close added in v0.7.0 

func (b *IceBind) Close() error

func (*IceBind) NewPeer added in v0.7.0 

func (b *IceBind) NewPeer(isControlling bool) (*IcePeer, error)

func (*IceBind) Open added in v0.7.0 

func (b *IceBind) Open(_ uint16) (fns []conn.ReceiveFunc, actualPort uint16, err error)

func (*IceBind) ParseEndpoint added in v0.7.0 

func (b *IceBind) ParseEndpoint(s string) (conn.Endpoint, error)

func (*IceBind) Send added in v0.7.0 

func (b *IceBind) Send(bufs [][]byte, ep conn.Endpoint) error

func (*IceBind) SetMark added in v0.7.0 

func (b *IceBind) SetMark(mark uint32) error

type IcePeer added in v0.7.0 

type IcePeer struct {
	OnCandidate     func(candidate string)
	OnConnected     func()
	OnDisconnected  func(msg string)
	OnCandidatePair func(local, remote string)
	// contains filtered or unexported fields
}

func (*IcePeer) AddRemoteOffer added in v0.7.0 

func (p *IcePeer) AddRemoteOffer(offer *corev1alpha.ICEOffer) error

func (*IcePeer) Close added in v0.7.0 

func (p *IcePeer) Close() error

func (*IcePeer) Connect added in v0.7.0 

func (p *IcePeer) Connect(
	ctx context.Context,
	dst string,
) error

func (*IcePeer) Init added in v0.7.0 

func (p *IcePeer) Init() error

func (*IcePeer) LocalCandidates added in v0.7.0 

func (p *IcePeer) LocalCandidates() []string

func (*IcePeer) LocalUserCredentials added in v0.7.0 

func (p *IcePeer) LocalUserCredentials() (ufrag, pwd string)

type PeerConfig 

type PeerConfig struct {
	// Public key (base64). Unique within a message; not repeated.
	PublicKey *string `ini:"PublicKey" uapi:"public_key,hex"`
	// Preshared key (base64), "0" removes it in set operations.
	PresharedKey *string `ini:"PresharedKey" uapi:"preshared_key,hex"`
	// Endpoint in IP:port format (IPv4) or [IP]:port format (IPv6).
	Endpoint *string `ini:"Endpoint" uapi:"endpoint"`
	// Keepalive interval; 0 disables it.
	PersistentKeepaliveIntervalSec *uint16 `ini:"PersistentKeepalive" uapi:"persistent_keepalive_interval"`
	// IP/cidr for allowed IPs for this peer.
	AllowedIPs []string `ini:"AllowedIPs" uapi:"allowed_ip"`
	// Only for set operations; true means allowed IPs replace existing ones.
	ReplaceAllowedIPs *bool `uapi:"replace_allowed_ips"`
	// Only for set operations; true removes the previously added peer.
	Remove *bool `uapi:"remove"`
	// Only for set operations; true restricts changes to existing peers only.
	UpdateOnly *bool `uapi:"update_only"`

	// Fields valid only in get operations
	// Number of received bytes.
	RxBytes *uint64 `uapi:"rx_bytes"`
	// Number of transmitted bytes.
	TxBytes *uint64 `uapi:"tx_bytes"`
	// Seconds since Unix epoch of last handshake.
	LastHandshakeTimeSec *uint64 `uapi:"last_handshake_time_sec"`
	// Nanoseconds since Unix epoch of last handshake.
	LastHandshakeTimeNSec *uint64 `uapi:"last_handshake_time_nsec"`
}

PeerConfig represents the configuration of a WireGuard peer. This is the [Peer] section of a wg-quick(8) compatible INI configuration file.

type WireGuardNetwork 

type WireGuardNetwork struct {
	// contains filtered or unexported fields
}

WireGuardNetwork is a user-space network implementation that uses WireGuard.

func Network 

func Network(conf *DeviceConfig) (*WireGuardNetwork, error)

Network returns a new WireGuardNetwork.

func (*WireGuardNetwork) AddPeer 

func (n *WireGuardNetwork) AddPeer(peerConf *PeerConfig) error

AddPeer adds, or updates, a peer to the WireGuard network.

func (*WireGuardNetwork) Close 

func (n *WireGuardNetwork) Close()

func (*WireGuardNetwork) DialContext 

func (n *WireGuardNetwork) DialContext(ctx context.Context, network, addr string) (net.Conn, error)

func (*WireGuardNetwork) Endpoint 

func (n *WireGuardNetwork) Endpoint() netip.AddrPort

Endpoint returns the external endpoint of the WireGuard network.

func (*WireGuardNetwork) FowardToLoopback 

func (n *WireGuardNetwork) FowardToLoopback(ctx context.Context) error

FowardToLoopback forwards all inbound traffic to the loopback interface.

func (*WireGuardNetwork) ListenPort added in v0.8.2 

func (n *WireGuardNetwork) ListenPort() (uint16, error)

ListenPort returns the local listen port of this end of the tunnel.

func (*WireGuardNetwork) LocalAddresses 

func (n *WireGuardNetwork) LocalAddresses() []netip.Prefix

LocalAddresses returns the list of local addresses assigned to the WireGuard network.

func (*WireGuardNetwork) LookupContextHost 

func (n *WireGuardNetwork) LookupContextHost(ctx context.Context, host string) ([]string, error)

func (*WireGuardNetwork) Peers added in v0.4.2 

func (n *WireGuardNetwork) Peers() ([]PeerConfig, error)

Peers returns the list of public keys for all peers on the WireGuard network.

func (*WireGuardNetwork) PublicKey 

func (n *WireGuardNetwork) PublicKey() string

PublicKey returns the public key for this peer on the WireGuard network.

func (*WireGuardNetwork) RemovePeer 

func (n *WireGuardNetwork) RemovePeer(publicKey string) error

RemovePeer removes a peer from the WireGuard network.

Source Files

View all Source files

Directories

Path Synopsis
Package uapi implements a marshaller for the WireGuard User-space API.
 Package uapi implements a marshaller for the WireGuard User-space API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.