intra

package
v0.0.0-...-99b537f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 8, 2024 License: MPL-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	UNKNOWN_UID         = core.UNKNOWN_UID
	UNKNOWN_UID_STR     = core.UNKNOWN_UID_STR
	UNSUPPORTED_NETWORK = core.UNSUPPORTED_NETWORK
)
View Source 
const (
	HDLOK = iota
	HDLEND
)
View Source 
const (
	ProtoTypeUDP  = "udp"
	ProtoTypeTCP  = "tcp"
	ProtoTypeICMP = "icmp"
)

Variables

This section is empty.

Functions

func AddDNSCryptRelay 

func AddDNSCryptRelay(t Tunnel, stamp string) error

AddDNSCryptRelay adds a DNSCrypt relay transport to the tunnel's resolver.

func AddDNSCryptTransport 

func AddDNSCryptTransport(t Tunnel, id, stamp string) (err error)

AddDNSCryptTransport creates and adds a DNSCrypt transport to the tunnel's resolver.

func AddDNSProxy 

func AddDNSProxy(t Tunnel, id, ip, port string) error

AddDNSProxy creates and adds a DNS53 transport to the tunnel's resolver.

func AddDefaultTransport 

func AddDefaultTransport(t Tunnel, typ, ippOrUrl, ips string) error

AddDefaultTransport adds a special default transport to the tunnel's resolver It may be either a DoH or a DNS53 transport.

func AddDoHTransport 

func AddDoHTransport(t Tunnel, id, url, ips string) error

AddDoHTransport creates and adds a Transport that connects to the specified DoH server. `url` is the URL of a DoH server (no template, POST-only).

func AddDoTTransport 

func AddDoTTransport(t Tunnel, id, url, ips string) error

AddDoTTransport creates and adds a Transport that connects to the specified DoT server.

func AddODoHTransport 

func AddODoHTransport(t Tunnel, id, endpoint, resolver, epips string) error

AddODoHTransport creates and adds a Transport that connects to the specified ODoH server. `endpoint` is the entry / proxy for the ODoH server, `resolver` is the URL of the target ODoH server.

func AddProxyDNS 

func AddProxyDNS(t Tunnel, p x.Proxy) error

AddProxyDNS creates and adds a DNS53 transport as defined in Proxy's configuration.

func Build 

func Build(full bool) string

Build returns the build information.

func Experimental 

func Experimental(y bool)

func LogLevel 

func LogLevel(level, consolelevel int32)

Change log level to log.VERYVERBOSE, log.VERBOSE, log.DEBUG, log.INFO, log.WARN, log.ERROR.

func Loopback 

func Loopback(y bool)

Loopback informs the network stack that it must deal with packets originating from its own process routed back into the tunnel.

func LowMem 

func LowMem()

LowMem triggers Go's garbage collection cycle.

func NewICMPHandler 

func NewICMPHandler(pctx context.Context, resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, listener Listener) netstack.GICMPHandler

func NewTCPHandler 

func NewTCPHandler(pctx context.Context, resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, listener SocketListener) netstack.GTCPConnHandler

NewTCPHandler returns a TCP forwarder with Intra-style behavior. Connections to `fakedns` are redirected to DOH. All other traffic is forwarded using `dialer`. `listener` is provided with a summary of each socket when it is closed.

func NewUDPHandler 

func NewUDPHandler(pctx context.Context, resolver dnsx.Resolver, prox ipn.Proxies, tunMode *settings.TunMode, listener SocketListener) netstack.GUDPConnHandler

NewUDPHandler makes a UDP handler with Intra-style DNS redirection: All packets are routed directly to their destination. `timeout` controls the effective NAT mapping lifetime. `config` is used to bind new external UDP ports. `listener` receives a summary about each UDP binding when it expires.

func PrintStack 

func PrintStack()

PrintStack logs the stack trace of all active goroutines.

func SetCrashFd 

func SetCrashFd(fp string) (ok bool)

SetCrashFd sets output file to go runtime crashes to.

func SetSystemDNS 

func SetSystemDNS(t Tunnel, ipcsv string) error

SetSystemDNS creates and adds a DNS53 transport of the specified IP addresses.

func Slowdown 

func Slowdown(y bool)

Slowdown sets the TUN forwarder in single-threaded mode.

func Transparency 

func Transparency(eim, eif bool)

Transparency enables/disables endpoint-independent mapping/filtering. Currently applies only for UDP (RFC 4787).

func UndelegatedDomains 

func UndelegatedDomains(useSystemDNS bool)

Types

type Bridge 

type Bridge interface {
	Listener
	x.Controller
	Console
}

type Console 

type Console log.Console

type DefaultDNS 

type DefaultDNS interface {
	x.DNSTransport
	// contains filtered or unexported methods
}

DefaultDNS is the resolver used by all dialers.

func NewDefaultDNS 

func NewDefaultDNS(typ, url, ips string) (DefaultDNS, error)

NewDefaultDNS creates a new DefaultDNS resolver of type typ. For typ DOH, url scheme is http or https; for typ DNS53, url is ipport or csv(ipport). ips is a csv of ipports for typ DOH, and nil for typ DNS53.

type Listener 

type Listener interface {
	SocketListener
	x.DNSListener
	rnet.ServerListener
	x.ProxyListener
}

Listener receives usage statistics when a UDP or TCP socket is closed, or a DNS query is completed.

type Mark 

type Mark struct {
	// PIDCSV is a list of proxies to forward a flow over.
	PIDCSV string
	// CID identifies a flow.
	CID string
	// UID of the app which owns a flow.
	UID string
}

type PreMark 

type PreMark struct {
	// UID of the app which owns a flow.
	UID string
	// TIDCSV is a list of DNS transport IDs.
	TIDCSV string
}

type SocketListener 

type SocketListener interface {
	// Preflow is called before a new connection is established; return "transport id" of a
	// registered DNS transport to to re-resolve egress domain (as mapped by alg at actual
	// resolution time against a "fake" IP) to determine the real egress IP to connect to.
	Preflow(protocol, uid int32, src, dst, domains string) *PreMark
	// Flow is called on a new connection; return "proxyid,connid" to forward the connection
	// to a pre-registered proxy; "Base" to allow the connection; "Block" to block the connection.
	// "connid" is used to uniquely identify a connection across all proxies, and a summary of the
	// connection is sent back to a pre-registered listener.
	// protocol is 6 for TCP, 17 for UDP, 1 for ICMP.
	// uid is -1 in case owner-uid of the connection couldn't be determined.
	// src and dst are string'd representation of net.TCPAddr and net.UDPAddr.
	// origdsts is a comma-separated list of original source IPs, this may be same as dst.
	// domains is a comma-separated list of domain names associated with origsrcs, if any.
	// probableDomains is a comma-separated list of probable domain names associated with origsrcs, if any.
	// blocklists is a comma-separated list of blocklist names, if any.
	Flow(protocol, uid int32, src, dst, origdsts, domains, probableDomains, blocklists string) *Mark
	Inflow(protocol, uid int32, src, dst string) *Mark
	// OnSocketClosed reports summary after a socket closes.
	OnSocketClosed(*SocketSummary)
}

type SocketSummary 

type SocketSummary struct {
	Proto    string // tcp, udp, icmp, etc.
	ID       string // Unique ID for this socket.
	PID      string // Proxy ID that handled this socket.
	UID      string // UID of the app that owns this socket (sans ICMP).
	Target   string // Remote IP, if dialed in.
	Rx       int64  // Total bytes downloaded (sans ICMP).
	Tx       int64  // Total bytes uploaded (sans ICMP).
	Duration int32  // Duration in seconds.

	Rtt int32  // Round-trip time (ms); (sans ICMP).
	Msg string // Err or other messages, if any.
	// contains filtered or unexported fields
}

SocketSummary reports information about each TCP socket or a non-DNS UDP association, or ICMP echo when it is closed.

func (*SocketSummary) String 

func (s *SocketSummary) String() string

String implements fmt.Stringer.

type Tunnel 

type Tunnel interface {
	tunnel.Tunnel

	// Get the resolver.
	GetResolver() (x.DNSResolver, error)

	// Get proxies.
	GetProxies() (x.Proxies, error)

	// Sets new default routes for the given engine, where engine is
	// one of the constants (Ns4, Ns6, Ns46) defined in package settings.
	SetRoute(engine int) error
	// Sets pcap output to fpcap which is the absolute filepath
	// to which a PCAP file will be written to.
	// If len(fpcap) is 0, no PCAP file will be written.
	// If len(fpcap) is 1, PCAP be written to stdout.
	SetPcap(fpcap string) error
	// Set DNSMode, BlockMode, PtMode.
	SetTunMode(dnsmode, blockmode, ptmode int32)
	// contains filtered or unexported methods
}

Tunnel represents an Intra session.

func Connect 

func Connect(fd, mtu int, fakedns string, dtr DefaultDNS, bdg Bridge) (t Tunnel, err error)

Connect creates firestack-administered tunnel. `fd` is the TUN device. The tunnel acquires an additional reference to it, which is released by Disconnect(), so the caller must close `fd` and Disconnect() to close the TUN device. `mtu` is the MTU of the TUN device. `fakedns` are the DNS servers that the system believes it is using, in "host:port" style. `bdg` is a kotlin object that implements the Bridge interface. `dtr` is a kotlin object that implements the DefaultDNS interface. Throws an exception if the TUN file descriptor cannot be opened, or if the tunnel fails to connect.

func NewTunnel 

func NewTunnel(fd, mtu int, fakedns string, tunmode *settings.TunMode, dtr DefaultDNS, bdg Bridge) (t Tunnel, err error)

Source Files

View all Source files

Directories

Path Synopsis
brsa
Package blindrsa implements the RSA Blind Signature Protocol as defined in [RFC9474].
 Package blindrsa implements the RSA Blind Signature Protocol as defined in [RFC9474].
example
ipn
h1
multihost
seasy
warp
wg
Package netstack provides the implemention of data-link layer endpoints backed by boundary-preserving file descriptors (e.g., TUN devices, seqpacket/datagram sockets).
 Package netstack provides the implemention of data-link layer endpoints backed by boundary-preserving file descriptors (e.g., TUN devices, seqpacket/datagram sockets).
ipmap
adopted from: github.com/DNSCrypt/dnscrypt-proxy/blob/df3fb0c9/dnscrypt-proxy/plugin_dns64.go
 adopted from: github.com/DNSCrypt/dnscrypt-proxy/blob/df3fb0c9/dnscrypt-proxy/plugin_dns64.go

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.