iface

package
v0.22.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 8, 2023 License: BSD-3-Clause Imports: 23 Imported by: 0

Documentation

Overview

Package iface provides wireguard network interface creation and management

Index

Constants

View Source
const (
	DefaultMTU    = 1280
	DefaultWgPort = 51820
)
View Source
const WgInterfaceDefault = "wt0"

WgInterfaceDefault is a default interface name of Wiretrustee

Variables

View Source
var (
	// ErrModuleNotFound is the error resulting if a module can't be found.
	ErrModuleNotFound = errors.New("module not found")
)

Functions

func WireGuardModuleIsLoaded added in v0.16.0

func WireGuardModuleIsLoaded() bool

WireGuardModuleIsLoaded check if we can load WireGuard mod (linux only)

Types

type DeviceWrapper added in v0.21.0

type DeviceWrapper struct {
	tun.Device
	// contains filtered or unexported fields
}

DeviceWrapper to override Read or Write of packets

func (*DeviceWrapper) Read added in v0.21.0

func (d *DeviceWrapper) Read(bufs [][]byte, sizes []int, offset int) (n int, err error)

Read wraps read method with filtering feature

func (*DeviceWrapper) SetFilter added in v0.21.2

func (d *DeviceWrapper) SetFilter(filter PacketFilter)

SetFilter sets packet filter to device

func (*DeviceWrapper) Write added in v0.21.0

func (d *DeviceWrapper) Write(bufs [][]byte, offset int) (int, error)

Write wraps write method with filtering feature

type MobileIFaceArguments added in v0.21.2

type MobileIFaceArguments struct {
	Routes []string
	Dns    string
}

type NetInterface

type NetInterface interface {
	Close() error
}

NetInterface represents a generic network tunnel interface

type PacketFilter added in v0.21.0

type PacketFilter interface {
	// DropOutgoing filter outgoing packets from host to external destinations
	DropOutgoing(packetData []byte) bool

	// DropIncoming filter incoming packets from external sources to host
	DropIncoming(packetData []byte) bool

	// AddUDPPacketHook calls hook when UDP packet from given direction matched
	//
	// Hook function returns flag which indicates should be the matched package dropped or not.
	// Hook function receives raw network packet data as argument.
	AddUDPPacketHook(in bool, ip net.IP, dPort uint16, hook func(packet []byte) bool) string

	// RemovePacketHook removes hook by ID
	RemovePacketHook(hookID string) error

	// SetNetwork of the wireguard interface to which filtering applied
	SetNetwork(*net.IPNet)
}

PacketFilter interface for firewall abilities

type TunAdapter added in v0.14.5

type TunAdapter interface {
	ConfigureInterface(address string, mtu int, dns string, routes string) (int, error)
	UpdateAddr(address string) error
}

TunAdapter is an interface for create tun device from externel service

type WGAddress

type WGAddress struct {
	IP      net.IP
	Network *net.IPNet
}

WGAddress Wireguard parsed address

func (WGAddress) String added in v0.6.3

func (addr WGAddress) String() string

type WGIface

type WGIface struct {
	// contains filtered or unexported fields
}

WGIface represents a interface instance

func NewWGIFace added in v0.6.3

func NewWGIFace(iFaceName string, address string, mtu int, tunAdapter TunAdapter, transportNet transport.Net) (*WGIface, error)

NewWGIFace Creates a new WireGuard interface instance

func (*WGIface) AddAllowedIP added in v0.9.0

func (w *WGIface) AddAllowedIP(peerKey string, allowedIP string) error

AddAllowedIP adds a prefix to the allowed IPs list of peer

func (*WGIface) Address

func (w *WGIface) Address() WGAddress

Address returns the interface address

func (*WGIface) Close

func (w *WGIface) Close() error

Close closes the tunnel interface

func (*WGIface) Configure

func (w *WGIface) Configure(privateKey string, port int) error

Configure configures a Wireguard interface The interface must exist before calling this method (e.g. call interface.Create() before)

func (*WGIface) Create

func (w *WGIface) Create() error

Create creates a new Wireguard interface, sets a given IP and brings it up. Will reuse an existing one.

func (*WGIface) CreateOnMobile added in v0.21.2

func (w *WGIface) CreateOnMobile(mIFaceArgs MobileIFaceArguments) error

CreateOnMobile this function make sense on mobile only

func (*WGIface) GetBind added in v0.16.0

func (w *WGIface) GetBind() *bind.ICEBind

GetBind returns a userspace implementation of WireGuard Bind interface

func (*WGIface) GetDevice added in v0.21.2

func (w *WGIface) GetDevice() *DeviceWrapper

GetDevice to interact with raw device (with filtering)

func (*WGIface) GetFilter added in v0.21.2

func (w *WGIface) GetFilter() PacketFilter

GetFilter returns packet filter used by interface if it uses userspace device implementation

func (*WGIface) IsUserspaceBind added in v0.16.0

func (w *WGIface) IsUserspaceBind() bool

IsUserspaceBind indicates whether this interfaces is userspace with bind.ICEBind

func (*WGIface) Name

func (w *WGIface) Name() string

Name returns the interface name

func (*WGIface) RemoveAllowedIP added in v0.9.0

func (w *WGIface) RemoveAllowedIP(peerKey string, allowedIP string) error

RemoveAllowedIP removes a prefix from the allowed IPs list of peer

func (*WGIface) RemovePeer

func (w *WGIface) RemovePeer(peerKey string) error

RemovePeer removes a Wireguard Peer from the interface iface

func (*WGIface) SetFilter added in v0.21.2

func (w *WGIface) SetFilter(filter PacketFilter) error

SetFilter sets packet filters for the userspace impelemntation

func (*WGIface) UpdateAddr added in v0.6.3

func (w *WGIface) UpdateAddr(newAddr string) error

UpdateAddr updates address of the interface

func (*WGIface) UpdatePeer

func (w *WGIface) UpdatePeer(peerKey string, allowedIps string, keepAlive time.Duration, endpoint *net.UDPAddr, preSharedKey *wgtypes.Key) error

UpdatePeer updates existing Wireguard Peer or creates a new one if doesn't exist Endpoint is optional

Directories

Path Synopsis
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.
iface/mocks
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL