iface

package
v0.0.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 5, 2024 License: BSD-3-Clause Imports: 30 Imported by: 0

Documentation

Overview

Package iface provides wireguard network interface creation and management

Index

Constants

View Source
const (
	DefaultMTU    = 1280
	DefaultWgPort = 51820
)
View Source
const WgInterfaceDefault = "wt0"

WgInterfaceDefault is a default interface name of Wiretrustee

Variables

View Source
var (
	// ErrModuleNotFound is the error resulting if a module can't be found.
	ErrModuleNotFound = errors.New("module not found")
)

Functions

func WireGuardModuleIsLoaded

func WireGuardModuleIsLoaded() bool

WireGuardModuleIsLoaded check if we can load WireGuard mod (linux only)

Types

type DeviceWrapper

type DeviceWrapper struct {
	tun.Device
	// contains filtered or unexported fields
}

DeviceWrapper to override Read or Write of packets

func (*DeviceWrapper) Read

func (d *DeviceWrapper) Read(bufs [][]byte, sizes []int, offset int) (n int, err error)

Read wraps read method with filtering feature

func (*DeviceWrapper) SetFilter

func (d *DeviceWrapper) SetFilter(filter PacketFilter)

SetFilter sets packet filter to device

func (*DeviceWrapper) Write

func (d *DeviceWrapper) Write(bufs [][]byte, offset int) (int, error)

Write wraps write method with filtering feature

type MobileIFaceArguments

type MobileIFaceArguments struct {
	TunAdapter TunAdapter // only for Android
	TunFd      int        // only for iOS
}

type PacketFilter

type PacketFilter interface {
	// DropOutgoing filter outgoing packets from host to external destinations
	DropOutgoing(packetData []byte) bool

	// DropIncoming filter incoming packets from external sources to host
	DropIncoming(packetData []byte) bool

	// AddUDPPacketHook calls hook when UDP packet from given direction matched
	//
	// Hook function returns flag which indicates should be the matched package dropped or not.
	// Hook function receives raw network packet data as argument.
	AddUDPPacketHook(in bool, ip net.IP, dPort uint16, hook func(packet []byte) bool) string

	// RemovePacketHook removes hook by ID
	RemovePacketHook(hookID string) error

	// SetNetwork of the wireguard interface to which filtering applied
	SetNetwork(*net.IPNet)
}

PacketFilter interface for firewall abilities

type TunAdapter

type TunAdapter interface {
	ConfigureInterface(address string, mtu int, dns string, searchDomains string, routes string) (int, error)
	UpdateAddr(address string) error
	ProtectSocket(fd int32) bool
}

TunAdapter is an interface for create tun device from external service

type WGAddress

type WGAddress struct {
	IP      net.IP
	Network *net.IPNet
}

WGAddress Wireguard parsed address

func (WGAddress) Masked

func (addr WGAddress) Masked() WGAddress

Masked returns the WGAddress with the IP address part masked according to its network mask.

func (WGAddress) String

func (addr WGAddress) String() string

type WGIface

type WGIface struct {
	// contains filtered or unexported fields
}

WGIface represents a interface instance

func NewWGIFace

func NewWGIFace(iFaceName string, address string, wgPort int, wgPrivKey string, mtu int, transportNet transport.Net, args *MobileIFaceArguments) (*WGIface, error)

NewWGIFace Creates a new WireGuard interface instance

func (*WGIface) AddAllowedIP

func (w *WGIface) AddAllowedIP(peerKey string, allowedIP string) error

AddAllowedIP adds a prefix to the allowed IPs list of peer

func (*WGIface) Address

func (w *WGIface) Address() WGAddress

Address returns the interface address

func (*WGIface) Close

func (w *WGIface) Close() error

Close closes the tunnel interface

func (*WGIface) Create

func (w *WGIface) Create() error

Create creates a new Wireguard interface, sets a given IP and brings it up. Will reuse an existing one. this function is different on Android

func (*WGIface) CreateOnAndroid

func (w *WGIface) CreateOnAndroid([]string, string, []string) error

CreateOnAndroid this function make sense on mobile only

func (*WGIface) GetDevice

func (w *WGIface) GetDevice() *DeviceWrapper

GetDevice to interact with raw device (with filtering)

func (*WGIface) GetFilter

func (w *WGIface) GetFilter() PacketFilter

GetFilter returns packet filter used by interface if it uses userspace device implementation

func (*WGIface) GetStats

func (w *WGIface) GetStats(peerKey string) (WGStats, error)

GetStats returns the last handshake time, rx and tx bytes for the given peer

func (*WGIface) IsUserspaceBind

func (w *WGIface) IsUserspaceBind() bool

IsUserspaceBind indicates whether this interfaces is userspace with bind.ICEBind

func (*WGIface) Name

func (w *WGIface) Name() string

Name returns the interface name

func (*WGIface) RemoveAllowedIP

func (w *WGIface) RemoveAllowedIP(peerKey string, allowedIP string) error

RemoveAllowedIP removes a prefix from the allowed IPs list of peer

func (*WGIface) RemovePeer

func (w *WGIface) RemovePeer(peerKey string) error

RemovePeer removes a Wireguard Peer from the interface iface

func (*WGIface) SetFilter

func (w *WGIface) SetFilter(filter PacketFilter) error

SetFilter sets packet filters for the userspace implementation

func (*WGIface) Up

Up configures a Wireguard interface The interface must exist before calling this method (e.g. call interface.Create() before)

func (*WGIface) UpdateAddr

func (w *WGIface) UpdateAddr(newAddr string) error

UpdateAddr updates address of the interface

func (*WGIface) UpdatePeer

func (w *WGIface) UpdatePeer(peerKey string, allowedIps string, keepAlive time.Duration, endpoint *net.UDPAddr, preSharedKey *wgtypes.Key) error

UpdatePeer updates existing Wireguard Peer or creates a new one if doesn't exist Endpoint is optional

type WGStats

type WGStats struct {
	LastHandshake time.Time
	TxBytes       int64
	RxBytes       int64
}

Directories

Path Synopsis
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.
iface/mocks
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL