iface

package
v0.28.7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 2, 2024 License: BSD-3-Clause Imports: 30 Imported by: 0

Documentation

Overview

Package iface provides wireguard network interface creation and management

Index

Constants

View Source
const (
	DefaultMTU    = 1280
	DefaultWgPort = 51820
)
View Source
const WgInterfaceDefault = "wt0"

WgInterfaceDefault is a default interface name of Wiretrustee

Variables

View Source
var ErrAllowedIPNotFound = fmt.Errorf("allowed IP not found")
View Source
var (
	// ErrModuleNotFound is the error resulting if a module can't be found.
	ErrModuleNotFound = errors.New("module not found")
)
View Source
var ErrPeerNotFound = errors.New("peer not found")

Functions

func WireGuardModuleIsLoaded added in v0.16.0

func WireGuardModuleIsLoaded() bool

WireGuardModuleIsLoaded check if we can load WireGuard mod (linux only)

Types

type DeviceWrapper added in v0.21.0

type DeviceWrapper struct {
	tun.Device
	// contains filtered or unexported fields
}

DeviceWrapper to override Read or Write of packets

func (*DeviceWrapper) Read added in v0.21.0

func (d *DeviceWrapper) Read(bufs [][]byte, sizes []int, offset int) (n int, err error)

Read wraps read method with filtering feature

func (*DeviceWrapper) SetFilter added in v0.21.2

func (d *DeviceWrapper) SetFilter(filter PacketFilter)

SetFilter sets packet filter to device

func (*DeviceWrapper) Write added in v0.21.0

func (d *DeviceWrapper) Write(bufs [][]byte, offset int) (int, error)

Write wraps write method with filtering feature

type MobileIFaceArguments added in v0.21.2

type MobileIFaceArguments struct {
	TunAdapter TunAdapter // only for Android
	TunFd      int        // only for iOS
}

type PacketFilter added in v0.21.0

type PacketFilter interface {
	// DropOutgoing filter outgoing packets from host to external destinations
	DropOutgoing(packetData []byte) bool

	// DropIncoming filter incoming packets from external sources to host
	DropIncoming(packetData []byte) bool

	// AddUDPPacketHook calls hook when UDP packet from given direction matched
	//
	// Hook function returns flag which indicates should be the matched package dropped or not.
	// Hook function receives raw network packet data as argument.
	AddUDPPacketHook(in bool, ip net.IP, dPort uint16, hook func(packet []byte) bool) string

	// RemovePacketHook removes hook by ID
	RemovePacketHook(hookID string) error

	// SetNetwork of the wireguard interface to which filtering applied
	SetNetwork(*net.IPNet)
}

PacketFilter interface for firewall abilities

type TunAdapter added in v0.14.5

type TunAdapter interface {
	ConfigureInterface(address string, mtu int, dns string, searchDomains string, routes string) (int, error)
	UpdateAddr(address string) error
	ProtectSocket(fd int32) bool
}

TunAdapter is an interface for create tun device from external service

type WGAddress

type WGAddress struct {
	IP      net.IP
	Network *net.IPNet
}

WGAddress Wireguard parsed address

func (WGAddress) String added in v0.6.3

func (addr WGAddress) String() string

type WGIface

type WGIface struct {
	// contains filtered or unexported fields
}

WGIface represents a interface instance

func NewWGIFace added in v0.6.3

func NewWGIFace(iFaceName string, address string, wgPort int, wgPrivKey string, mtu int, transportNet transport.Net, args *MobileIFaceArguments, filterFn bind.FilterFn) (*WGIface, error)

NewWGIFace Creates a new WireGuard interface instance

func (*WGIface) AddAllowedIP added in v0.9.0

func (w *WGIface) AddAllowedIP(peerKey string, allowedIP string) error

AddAllowedIP adds a prefix to the allowed IPs list of peer

func (*WGIface) Address

func (w *WGIface) Address() WGAddress

Address returns the interface address

func (*WGIface) Close

func (w *WGIface) Close() error

Close closes the tunnel interface

func (*WGIface) Create

func (w *WGIface) Create() error

Create creates a new Wireguard interface, sets a given IP and brings it up. Will reuse an existing one. this function is different on Android

func (*WGIface) CreateOnAndroid added in v0.25.0

func (w *WGIface) CreateOnAndroid([]string, string, []string) error

CreateOnAndroid this function make sense on mobile only

func (*WGIface) GetDevice added in v0.21.2

func (w *WGIface) GetDevice() *DeviceWrapper

GetDevice to interact with raw device (with filtering)

func (*WGIface) GetFilter added in v0.21.2

func (w *WGIface) GetFilter() PacketFilter

GetFilter returns packet filter used by interface if it uses userspace device implementation

func (*WGIface) GetStats added in v0.25.5

func (w *WGIface) GetStats(peerKey string) (WGStats, error)

GetStats returns the last handshake time, rx and tx bytes for the given peer

func (*WGIface) IsUserspaceBind added in v0.16.0

func (w *WGIface) IsUserspaceBind() bool

IsUserspaceBind indicates whether this interfaces is userspace with bind.ICEBind

func (*WGIface) Name

func (w *WGIface) Name() string

Name returns the interface name

func (*WGIface) RemoveAllowedIP added in v0.9.0

func (w *WGIface) RemoveAllowedIP(peerKey string, allowedIP string) error

RemoveAllowedIP removes a prefix from the allowed IPs list of peer

func (*WGIface) RemovePeer

func (w *WGIface) RemovePeer(peerKey string) error

RemovePeer removes a Wireguard Peer from the interface iface

func (*WGIface) SetFilter added in v0.21.2

func (w *WGIface) SetFilter(filter PacketFilter) error

SetFilter sets packet filters for the userspace implementation

func (*WGIface) ToInterface added in v0.28.0

func (r *WGIface) ToInterface() *net.Interface

ToInterface returns the net.Interface for the Wireguard interface

func (*WGIface) Up added in v0.25.3

Up configures a Wireguard interface The interface must exist before calling this method (e.g. call interface.Create() before)

func (*WGIface) UpdateAddr added in v0.6.3

func (w *WGIface) UpdateAddr(newAddr string) error

UpdateAddr updates address of the interface

func (*WGIface) UpdatePeer

func (w *WGIface) UpdatePeer(peerKey string, allowedIps string, keepAlive time.Duration, endpoint *net.UDPAddr, preSharedKey *wgtypes.Key) error

UpdatePeer updates existing Wireguard Peer or creates a new one if doesn't exist Endpoint is optional

type WGStats added in v0.25.5

type WGStats struct {
	LastHandshake time.Time
	TxBytes       int64
	RxBytes       int64
}

Directories

Path Synopsis
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.
iface/mocks
Package mocks is a generated GoMock package.
Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL