Documentation ¶
Overview ¶
Package iface provides wireguard network interface creation and management
Index ¶
- Constants
- Variables
- func WireGuardModuleIsLoaded() bool
- type DeviceWrapper
- type MobileIFaceArguments
- type NetInterface
- type PacketFilter
- type TunAdapter
- type WGAddress
- type WGIface
- func (w *WGIface) AddAllowedIP(peerKey string, allowedIP string) error
- func (w *WGIface) Address() WGAddress
- func (w *WGIface) Close() error
- func (w *WGIface) Configure(privateKey string, port int) error
- func (w *WGIface) Create() error
- func (w *WGIface) CreateOnMobile(mIFaceArgs MobileIFaceArguments) error
- func (w *WGIface) GetBind() *bind.ICEBind
- func (w *WGIface) GetDevice() *DeviceWrapper
- func (w *WGIface) GetFilter() PacketFilter
- func (w *WGIface) IsUserspaceBind() bool
- func (w *WGIface) Name() string
- func (w *WGIface) RemoveAllowedIP(peerKey string, allowedIP string) error
- func (w *WGIface) RemovePeer(peerKey string) error
- func (w *WGIface) SetFilter(filter PacketFilter) error
- func (w *WGIface) UpdateAddr(newAddr string) error
- func (w *WGIface) UpdatePeer(peerKey string, allowedIps string, keepAlive time.Duration, ...) error
Constants ¶
const ( DefaultMTU = 1280 DefaultWgPort = 51820 )
const WgInterfaceDefault = "wt0"
WgInterfaceDefault is a default interface name of Wiretrustee
Variables ¶
var ( // ErrModuleNotFound is the error resulting if a module can't be found. ErrModuleNotFound = errors.New("module not found") )
Functions ¶
func WireGuardModuleIsLoaded ¶ added in v0.16.0
func WireGuardModuleIsLoaded() bool
WireGuardModuleIsLoaded check if we can load WireGuard mod (linux only)
Types ¶
type DeviceWrapper ¶ added in v0.21.0
DeviceWrapper to override Read or Write of packets
func (*DeviceWrapper) SetFilter ¶ added in v0.21.2
func (d *DeviceWrapper) SetFilter(filter PacketFilter)
SetFilter sets packet filter to device
type MobileIFaceArguments ¶ added in v0.21.2
type NetInterface ¶
type NetInterface interface {
Close() error
}
NetInterface represents a generic network tunnel interface
type PacketFilter ¶ added in v0.21.0
type PacketFilter interface { // DropOutgoing filter outgoing packets from host to external destinations DropOutgoing(packetData []byte) bool // DropIncoming filter incoming packets from external sources to host DropIncoming(packetData []byte) bool // AddUDPPacketHook calls hook when UDP packet from given direction matched // // Hook function returns flag which indicates should be the matched package dropped or not. // Hook function receives raw network packet data as argument. AddUDPPacketHook(in bool, ip net.IP, dPort uint16, hook func(packet []byte) bool) string // RemovePacketHook removes hook by ID RemovePacketHook(hookID string) error // SetNetwork of the wireguard interface to which filtering applied SetNetwork(*net.IPNet) }
PacketFilter interface for firewall abilities
type TunAdapter ¶ added in v0.14.5
type TunAdapter interface { ConfigureInterface(address string, mtu int, dns string, routes string) (int, error) UpdateAddr(address string) error }
TunAdapter is an interface for create tun device from externel service
type WGIface ¶
type WGIface struct {
// contains filtered or unexported fields
}
WGIface represents a interface instance
func NewWGIFace ¶ added in v0.6.3
func NewWGIFace(iFaceName string, address string, mtu int, tunAdapter TunAdapter, transportNet transport.Net) (*WGIface, error)
NewWGIFace Creates a new WireGuard interface instance
func (*WGIface) AddAllowedIP ¶ added in v0.9.0
AddAllowedIP adds a prefix to the allowed IPs list of peer
func (*WGIface) Configure ¶
Configure configures a Wireguard interface The interface must exist before calling this method (e.g. call interface.Create() before)
func (*WGIface) Create ¶
Create creates a new Wireguard interface, sets a given IP and brings it up. Will reuse an existing one.
func (*WGIface) CreateOnMobile ¶ added in v0.21.2
func (w *WGIface) CreateOnMobile(mIFaceArgs MobileIFaceArguments) error
CreateOnMobile this function make sense on mobile only
func (*WGIface) GetBind ¶ added in v0.16.0
GetBind returns a userspace implementation of WireGuard Bind interface
func (*WGIface) GetDevice ¶ added in v0.21.2
func (w *WGIface) GetDevice() *DeviceWrapper
GetDevice to interact with raw device (with filtering)
func (*WGIface) GetFilter ¶ added in v0.21.2
func (w *WGIface) GetFilter() PacketFilter
GetFilter returns packet filter used by interface if it uses userspace device implementation
func (*WGIface) IsUserspaceBind ¶ added in v0.16.0
IsUserspaceBind indicates whether this interfaces is userspace with bind.ICEBind
func (*WGIface) RemoveAllowedIP ¶ added in v0.9.0
RemoveAllowedIP removes a prefix from the allowed IPs list of peer
func (*WGIface) RemovePeer ¶
RemovePeer removes a Wireguard Peer from the interface iface
func (*WGIface) SetFilter ¶ added in v0.21.2
func (w *WGIface) SetFilter(filter PacketFilter) error
SetFilter sets packet filters for the userspace impelemntation
func (*WGIface) UpdateAddr ¶ added in v0.6.3
UpdateAddr updates address of the interface
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |
iface/mocks
Package mocks is a generated GoMock package.
|
Package mocks is a generated GoMock package. |