Documentation ¶
Index ¶
- Constants
- type Controller
- type DNSListener
- type DNSOpts
- type DNSResolver
- type DNSSummary
- type DNSTransport
- type DNSTransportMult
- type IpTree
- type PipKey
- type Protector
- type Proxies
- type Proxy
- type ProxyListener
- type RDNS
- type RDNSResolver
- type RadixTree
- type ResolverListener
- type Router
- type Stats
- type WgKey
Constants ¶
const ( Vsep = "," // values separator (csv) Ksep = "," // key separator (csv) Kdelim = "@" // key@csv(v) delimiter KVsep = "|" // k1:v1|k2:v2 separator )
const ( // DNS transport types DOH = "DNS-over-HTTPS" DNSCrypt = "DNSCrypt" DNS53 = "DNS" DOT = "DNS-over-TLS" ODOH = "Oblivious DNS-over-HTTPS" CT = "Cache" // cached transport prefix // special singleton DNS transports (IDs) Goos = "Goos" // Go determined default resolver System = "System" // network/os provided dns Local = "mdns" // mdns; never cached! Default = "Default" // default (fallback) dns Preferred = "Preferred" // user preferred dns, primary for alg Preset = "Preset" // synthesizes answers from presets (ex: IPs) BlockFree = "BlockFree" // no local blocks; if not set, default is used BlockAll = "BlockAll" // all blocks; never cached! Bootstrap = "Bootstrap" // bootstrap dns; always encapsulted by Default Alg = "Alg" // dns application-level gateway DcProxy = "DcProxy" // dnscrypt.Proxy as a transport IpMapper = "IpMapper" // dns resolver for dns resolvers SummaryProxyLabel = "proxy:" )
const ( // Start: Transaction started Start = iota // Complete : Transaction completed successfully Complete // SendFailed : Failed to send query SendFailed // NoResponse : Got no response NoResponse // BadQuery : Malformed input BadQuery // BadResponse : Response was invalid BadResponse // InternalError : This should never happen InternalError // TransportError: Transport has issues TransportError // ClientError: Client has issues ClientError )
const ( EB32 = iota EB64 )
const ( // nb: Base proxies are Catch-All / fallback proxies // IDs for default proxies Block = "Block" // blocks all traffic Base = "Base" // does not proxy traffic; in sync w dnsx.NetNoProxy Exit = "Exit" // always connects to the Internet (exit node); in sync w dnsx.NetExitProxy OrbotS5 = "OrbotSocks5" // Orbot: Base Tor-as-a-SOCKS5 proxy OrbotH1 = "OrbotHttp1" // Orbot: Base Tor-as-a-HTTP/1.1 proxy // type of proxies SOCKS5 = "socks5" // SOCKS5 proxy HTTP1 = "http1" // HTTP/1.1 proxy WG = "wg" // WireGuard-as-a-proxy WGFAST = "gsro" // WireGuard-as-a-proxy w/ UDP GRO/GSO prefix PIPH2 = "piph2" // PIP: HTTP/2 proxy PIPWS = "pipws" // PIP: WebSockets proxy NOOP = "noop" // No proxy, ex: Base, Block INTERNET = "net" // egress network, ex: Exit // status of proxies TNT = 2 // proxy UP but not responding TZZ = 1 // proxy idle TUP = 0 // proxy UP but not yet OK TOK = -1 // proxy OK TKO = -2 // proxy not OK END = -3 // proxy stopped )
const ( UidSelf = "rethink" UidSystem = "system" Localhost = "localhost" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Controller ¶
type Controller interface { // Bind4 binds fd to any internet-capable IPv4 interface. Bind4(who, addrport string, fd int) // Bind6 binds fd to any internet-capable IPv6 interface. // also: github.com/lwip-tcpip/lwip/blob/239918c/src/core/ipv6/ip6.c#L68 Bind6(who, addrport string, fd int) // Protect marks fd as protected. Protect(who string, fd int) }
Controller provides answers to filter network traffic.
type DNSListener ¶
type DNSListener interface { ResolverListener // OnQuery is called when a DNS query is received. The listener // can return a DNSOpts to modify OnQuery(domain string, qtyp int) *DNSOpts // OnResponse is called when a DNS response is received. OnResponse(*DNSSummary) }
DNSListener receives Summaries.
type DNSResolver ¶
type DNSResolver interface { DNSTransportMult RDNSResolver }
type DNSSummary ¶
type DNSSummary struct { Type string // dnscrypt, dns53, doh, odoh, dot ID string // transport id Latency float64 // Response (or failure) latency in seconds QName string // query domain QType int // A, AAAA, SVCB, HTTPS, etc. RData string // response data, usually a csv of ips RCode int // response code RTtl int // response ttl Server string RelayServer string // hop, if any; proxy or a relay server Status int Blocklists string // csv separated list of blocklists names, if any. UpstreamBlocks bool // true if any among upstream transports returned blocked ans. Msg string // final status message, if any }
DNSSummary is a summary of a DNS transaction, reported when it is complete.
func (*DNSSummary) Str ¶
func (s *DNSSummary) Str() string
type DNSTransport ¶
type DNSTransport interface { // uniquely identifies this transport ID() string // one of DNS53, DOH, DNSCrypt, System Type() string // Median round-trip time for this transport, in millis. P50() int64 // Return the server host address used to initialize this transport. GetAddr() string // State of the transport after previous query (see: queryerror.go) Status() int }
DNSTransport exports necessary methods from dnsx.Transport
type DNSTransportMult ¶
type DNSTransportMult interface { // Add adds a transport to this multi-transport. Add(t DNSTransport) bool // Remove removes a transport from this multi-transport. Remove(id string) bool // Get returns a transport from this multi-transport. Get(id string) (DNSTransport, error) // Stop stops this multi-transport. Stop() error // Refresh re-registers transports and returns a csv of active ones. Refresh() (string, error) // LiveTransports returns a csv of active transports. LiveTransports() string }
type IpTree ¶
type IpTree interface { // Adds value v to the cidr route. Add(cidr, v string) error // Sets cidr route to v, overwriting any previous value. Set(cidr, v string) error // Removes value v, if found. Esc(cidr, v string) bool // Deletes cidr route. Returns true if cidr was found. Del(cidr string) bool // Gets the value of cidr or "" if cidr is not found. Get(cidr string) (string, error) // Returns true if the cidr route is found. Has(cidr string) (bool, error) // Returns csv of all routes matching cidr or "". Routes(cidr string) string // Returns csv of values of all routes matching cidr or "". Values(cidr string) string // Returns the route@csv(value) of any route matching cidr or "". GetAny(cidr string) (string, error) // Returns true if any route matches cidr. HasAny(cidr string) (bool, error) // Removes values like v for cidr. EscLike(cidr, likev string) int32 // Returns csv of all routes with any value like v matching cidr. RoutesLike(cidr, likev string) string // Returns csv of all routes with values like v for cidr. ValuesLike(cidr, likev string) string // Returns csv of all values like v for cidr. GetLike(cidr, likev string) string // Returns the longest route for cidr as "r1@csv(v)|r2@csv(v2)" or "". GetAll(cidr string) (string, error) // Deletes all routes matching cidr. Returns the number of routes deleted. DelAll(cidr string) int32 // Clears the trie. Clear() // Returns the number of routes. Len() int }
A IpTree is a thread-safe trie that supports insertion, deletion, and route matching IP CIDRs.
type PipKey ¶
type PipKey interface { // Token gnerates a 32 byte randomized token (auths dataplane ops; see: tokensize) Token() string // Blind generates id:blindMsg:blindingFactor:salt:msg // id is a 64 byte hmac tying blindMsg to the public key // blindMsg is a 256 byte blinded message // blindingFactor is upto 256 byte random blinding factor // salt is 48 bytes random salt (see: hashfn) // msg is a 32 byte random message (see: msgsize) Blind() (string, error) // Finalize returns msg:sig for a finalized blind-signature Finalize(blindSig string) (string, error) }
func NewPipKey ¶
NewPipKey creates a new PipKey instance. pubjwk: JWK string of the public key of the RSA-PSS signer (for which modulus must be 2048 bits, and hash-fn must be SHA384). msgOrExistingState: if empty, a new PipKey is created with a random message, if not empty, it's the state of an existing PipKey.
type Proxies ¶
type Proxies interface { // Add adds a proxy to this multi-transport. AddProxy(id, url string) (Proxy, error) // Remove removes a transport from this multi-transport. RemoveProxy(id string) bool // GetProxy returns a transport from this multi-transport. GetProxy(id string) (Proxy, error) // Router returns a lowest common denomination router for this multi-transport. Router() Router // Stop stops all proxies. StopProxies() error // Refresh re-registers proxies and returns a csv of active ones. RefreshProxies() (string, error) }
type Proxy ¶
type Proxy interface { // ID returns the ID of this proxy. ID() string // Type returns the type of this proxy. Type() string // Returns routes. Router() Router // GetAddr returns the address of this proxy. GetAddr() string // DNS returns the ip:port or doh/dot url or dnscrypt stamp for this proxy. DNS() string // Status returns the status of this proxy. Status() int // Stop stops this proxy. Stop() error // Refresh re-registers this proxy. Refresh() error }
type ProxyListener ¶
type ProxyListener interface { // OnProxyAdded is called when a proxy is added. OnProxyAdded(id string) // OnProxyRemoved is called when a proxy is removed except when all // proxies are stopped, in which case OnProxiesStopped is called. OnProxyRemoved(id string) // OnProxiesStopped is called when all proxies are stopped. // Note: OnProxyRemoved is not called for each proxy. OnProxiesStopped() }
ProxyListener is a listener for proxy events.
type RDNS ¶
type RDNS interface { // SetStamp sets the rethinkdns blockstamp. SetStamp(string) error // GetStamp returns the current rethinkdns blockstamp. GetStamp() (string, error) // StampToNames returns csv group:names of blocklists in the given stamp s. StampToNames(s string) (string, error) // FlagsToStamp returns a blockstamp for given csv blocklist-ids, if valid. FlagsToStamp(csv string, enctyp int) (string, error) // StampToFlags retruns csv blocklist-ids given a valid blockstamp s. StampToFlags(s string) (string, error) }
type RDNSResolver ¶
type RDNSResolver interface { // SetRdnsLocal sets the local rdns resolver. SetRdnsLocal(trie, rank, conf, filetag string) error // GetRdnsLocal returns the local rdns resolver. GetRdnsLocal() (RDNS, error) // SetRdnsRemote sets the remote rdns resolver. SetRdnsRemote(filetag string) error // GetRdnsRemote returns the remote rdns resolver. GetRdnsRemote() (RDNS, error) // Translate enables or disables ALG responses Translate(bool) }
type RadixTree ¶
type RadixTree interface { // Adds k to the trie. Returns true if k was not already in the trie. Add(k string) bool // Sets k to v in the trie, overwriting any previous value. Set(k, v string) // Deletes k from the trie. Returns true if k was in the trie. Del(k string) bool // Gets the value of k from the trie or "" if k is not in the trie. Get(k string) string // Returns true if k is in the trie. Has(k string) bool // Returns the value of the longest prefix of k in the trie or "". GetAny(prefix string) string // Returns true if any key in the trie has the prefix. HasAny(prefix string) bool // Deletes all keys in the trie with the prefix. Returns the number of keys deleted. DelAll(prefix string) int32 // Clears the trie. Clear() // Returns the number of keys in the trie. Len() int }
A RadixTree is a thread-safe trie that supports insertion, deletion, and prefix matching.
func NewRadixTree ¶
func NewRadixTree() RadixTree
type ResolverListener ¶
type ResolverListener interface { // OnDNSAdded is called when a new DNS transport with id is added. OnDNSAdded(id string) // OnDNSRemoved is called when a DNS transport with id is removed, except // when the transport is stopped, then OnDNSStopped is called instead. OnDNSRemoved(id string) // OnDNSStopped is called when the DNS transport is stopped. Note: // OnDNSRemoved is not called for each transport before this. OnDNSStopped() }
type Router ¶
type Router interface { // IP4 returns true if this router supports IPv4. IP4() bool // IP6 returns true if this router supports IPv6. IP6() bool // MTU returns the MTU of this router. MTU() (int, error) // Stats returns the stats of this router. Stat() *Stats // Contains returns true if this router can route ipprefix. Contains(ipprefix string) bool }
type Stats ¶
type Stats struct { Addr string // address of the router Rx int64 // bytes received Tx int64 // bytes transmitted ErrRx int64 // receive errors ErrTx int64 // transmit errors LastRx int64 // last receive in millis LastTx int64 // last transmit in millis LastOK int64 // last handshake or ping or connect millis Since int64 // uptime in millis }
Stats lists interesting stats of a Router.
type WgKey ¶
type WgKey interface { // IsZero returns true if the key is all zeros. IsZero() bool // Base64 returns the key as a base64-encoded string. Base64() string // Hex returns the key as a hex-encoded string. Hex() string // Mult returns the key multiplied by the basepoint (curve25519). Mult() WgKey }