Documentation ¶
Overview ¶
Package iface provides wireguard network interface creation and management
Index ¶
- Constants
- Variables
- func WireGuardModuleIsLoaded() bool
- type DeviceWrapper
- type MobileIFaceArguments
- type PacketFilter
- type TunAdapter
- type WGAddress
- type WGIface
- func (w *WGIface) AddAllowedIP(peerKey string, allowedIP string) error
- func (w *WGIface) Address() WGAddress
- func (w *WGIface) Close() error
- func (w *WGIface) Create() error
- func (w *WGIface) CreateOnAndroid([]string, string, []string) error
- func (w *WGIface) GetDevice() *DeviceWrapper
- func (w *WGIface) GetFilter() PacketFilter
- func (w *WGIface) GetStats(peerKey string) (WGStats, error)
- func (w *WGIface) IsUserspaceBind() bool
- func (w *WGIface) Name() string
- func (w *WGIface) RemoveAllowedIP(peerKey string, allowedIP string) error
- func (w *WGIface) RemovePeer(peerKey string) error
- func (w *WGIface) SetFilter(filter PacketFilter) error
- func (w *WGIface) Up() (*bind.UniversalUDPMuxDefault, error)
- func (w *WGIface) UpdateAddr(newAddr string) error
- func (w *WGIface) UpdatePeer(peerKey string, allowedIps string, keepAlive time.Duration, ...) error
- type WGStats
Constants ¶
const ( DefaultMTU = 1280 DefaultWgPort = 51820 )
const WgInterfaceDefault = "wt0"
WgInterfaceDefault is a default interface name of Wiretrustee
Variables ¶
var ( // ErrModuleNotFound is the error resulting if a module can't be found. ErrModuleNotFound = errors.New("module not found") )
Functions ¶
func WireGuardModuleIsLoaded ¶
func WireGuardModuleIsLoaded() bool
WireGuardModuleIsLoaded check if we can load WireGuard mod (linux only)
Types ¶
type DeviceWrapper ¶
DeviceWrapper to override Read or Write of packets
func (*DeviceWrapper) SetFilter ¶
func (d *DeviceWrapper) SetFilter(filter PacketFilter)
SetFilter sets packet filter to device
type MobileIFaceArguments ¶
type MobileIFaceArguments struct { TunAdapter TunAdapter // only for Android TunFd int // only for iOS }
type PacketFilter ¶
type PacketFilter interface { // DropOutgoing filter outgoing packets from host to external destinations DropOutgoing(packetData []byte) bool // DropIncoming filter incoming packets from external sources to host DropIncoming(packetData []byte) bool // AddUDPPacketHook calls hook when UDP packet from given direction matched // // Hook function returns flag which indicates should be the matched package dropped or not. // Hook function receives raw network packet data as argument. AddUDPPacketHook(in bool, ip net.IP, dPort uint16, hook func(packet []byte) bool) string // RemovePacketHook removes hook by ID RemovePacketHook(hookID string) error // SetNetwork of the wireguard interface to which filtering applied SetNetwork(*net.IPNet) }
PacketFilter interface for firewall abilities
type TunAdapter ¶
type TunAdapter interface { ConfigureInterface(address string, mtu int, dns string, searchDomains string, routes string) (int, error) UpdateAddr(address string) error ProtectSocket(fd int32) bool }
TunAdapter is an interface for create tun device from external service
type WGAddress ¶
WGAddress Wireguard parsed address
type WGIface ¶
type WGIface struct {
// contains filtered or unexported fields
}
WGIface represents a interface instance
func NewWGIFace ¶
func NewWGIFace(iFaceName string, address string, wgPort int, wgPrivKey string, mtu int, transportNet transport.Net, args *MobileIFaceArguments) (*WGIface, error)
NewWGIFace Creates a new WireGuard interface instance
func (*WGIface) AddAllowedIP ¶
AddAllowedIP adds a prefix to the allowed IPs list of peer
func (*WGIface) Create ¶
Create creates a new Wireguard interface, sets a given IP and brings it up. Will reuse an existing one. this function is different on Android
func (*WGIface) CreateOnAndroid ¶
CreateOnAndroid this function make sense on mobile only
func (*WGIface) GetDevice ¶
func (w *WGIface) GetDevice() *DeviceWrapper
GetDevice to interact with raw device (with filtering)
func (*WGIface) GetFilter ¶
func (w *WGIface) GetFilter() PacketFilter
GetFilter returns packet filter used by interface if it uses userspace device implementation
func (*WGIface) GetStats ¶
GetStats returns the last handshake time, rx and tx bytes for the given peer
func (*WGIface) IsUserspaceBind ¶
IsUserspaceBind indicates whether this interfaces is userspace with bind.ICEBind
func (*WGIface) RemoveAllowedIP ¶
RemoveAllowedIP removes a prefix from the allowed IPs list of peer
func (*WGIface) RemovePeer ¶
RemovePeer removes a Wireguard Peer from the interface iface
func (*WGIface) SetFilter ¶
func (w *WGIface) SetFilter(filter PacketFilter) error
SetFilter sets packet filters for the userspace implementation
func (*WGIface) Up ¶
func (w *WGIface) Up() (*bind.UniversalUDPMuxDefault, error)
Up configures a Wireguard interface The interface must exist before calling this method (e.g. call interface.Create() before)
func (*WGIface) UpdateAddr ¶
UpdateAddr updates address of the interface
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |
iface/mocks
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |