Documentation ¶
Overview ¶
Package wgengine provides the Tailscale WireGuard engine interface.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrEngineClosing = errors.New("engine closing; no status")
var ErrNoChanges = errors.New("no changes made to Engine config")
ErrNoChanges is returned by Engine.Reconfig if no changes were made.
Functions ¶
This section is empty.
Types ¶
type BIRDClient ¶ added in v1.16.0
type BIRDClient interface { EnableProtocol(proto string) error DisableProtocol(proto string) error Close() error }
BIRDClient handles communication with the BIRD Internet Routing Daemon.
type Config ¶ added in v1.6.0
type Config struct { // Tun is the device used by the Engine to exchange packets with // the OS. // If nil, a fake Device that does nothing is used. Tun tun.Device // IsTAP is whether Tun is actually a TAP (Layer 2) device that'll // require ethernet headers. IsTAP bool // Router interfaces the Engine to the OS network stack. // If nil, a fake Router that does nothing is used. Router router.Router // DNS interfaces the Engine to the OS DNS resolver configuration. // If nil, a fake OSConfigurator that does nothing is used. DNS dns.OSConfigurator // ReconfigureVPN provides an optional hook for platforms like Android to // know when it's time to reconfigure their VPN implementation. Such // platforms can only set their entire VPN configuration (routes, DNS, etc) // at all once and can't make piecemeal incremental changes, so this // provides a hook to "flush" a batch of Router and/or DNS changes. ReconfigureVPN func() error // NetMon optionally provides an existing network monitor to re-use. // If nil, a new network monitor is created. NetMon *netmon.Monitor // HealthTracker, if non-nil, is the health tracker to use. HealthTracker *health.Tracker // Dialer is the dialer to use for outbound connections. // If nil, a new Dialer is created. Dialer *tsdial.Dialer // ControlKnobs is the set of control plane-provied knobs // to use. // If nil, defaults are used. ControlKnobs *controlknobs.Knobs // ListenPort is the port on which the engine will listen. // If zero, a port is automatically selected. ListenPort uint16 // RespondToPing determines whether this engine should internally // reply to ICMP pings, without involving the OS. // Used in "fake" mode for development. RespondToPing bool // BIRDClient, if non-nil, will be used to configure BIRD whenever // this node is a primary subnet router. BIRDClient BIRDClient // SetSubsystem, if non-nil, is called for each new subsystem created, just before a successful return. SetSubsystem func(any) // DriveForLocal, if populated, will cause the engine to expose a Taildrive // listener at 100.100.100.100:8080. DriveForLocal drive.FileSystemForLocal }
Config is the engine configuration.
type Engine ¶
type Engine interface { // Reconfig reconfigures WireGuard and makes sure it's running. // This also handles setting up any kernel routes. // // This is called whenever tailcontrol (the control plane) // sends an updated network map. // // The returned error is ErrNoChanges if no changes were made. Reconfig(*wgcfg.Config, *router.Config, *dns.Config) error // PeerForIP returns the node to which the provided IP routes, // if any. If none is found, (nil, false) is returned. PeerForIP(netip.Addr) (_ PeerForIP, ok bool) // GetFilter returns the current packet filter, if any. GetFilter() *filter.Filter // SetFilter updates the packet filter. SetFilter(*filter.Filter) // GetJailedFilter returns the current packet filter for jailed nodes, // if any. GetJailedFilter() *filter.Filter // SetJailedFilter updates the packet filter for jailed nodes. SetJailedFilter(*filter.Filter) // SetStatusCallback sets the function to call when the // WireGuard status changes. SetStatusCallback(StatusCallback) // RequestStatus requests a WireGuard status update right // away, sent to the callback registered via SetStatusCallback. RequestStatus() // PeerByKey returns the WireGuard status of the provided peer. // If the peer is not found, ok is false. PeerByKey(key.NodePublic) (_ wgint.Peer, ok bool) // Close shuts down this wireguard instance, remove any routes // it added, etc. To bring it up again later, you'll need a // new Engine. Close() // Done returns a channel that is closed when the Engine's // Close method is called, the engine aborts with an error, // or it shuts down due to the closure of the underlying device. // You don't have to call this. Done() <-chan struct{} // SetNetworkMap informs the engine of the latest network map // from the server. The network map's DERPMap field should be // ignored as as it might be disabled; get it from SetDERPMap // instead. // The network map should only be read from. SetNetworkMap(*netmap.NetworkMap) // UpdateStatus populates the network state using the provided // status builder. UpdateStatus(*ipnstate.StatusBuilder) // Ping is a request to start a ping of the given message size to the peer // handling the given IP, then call cb with its ping latency & method. // // If size is zero too small, it is ignored. See tailscale.PingOpts for details. Ping(ip netip.Addr, pingType tailcfg.PingType, size int, cb func(*ipnstate.PingResult)) // InstallCaptureHook registers a function to be called to capture // packets traversing the data path. The hook can be uninstalled by // calling this function with a nil value. InstallCaptureHook(capture.Callback) }
Engine is the Tailscale WireGuard engine interface.
func NewFakeUserspaceEngine ¶
NewFakeUserspaceEngine returns a new userspace engine for testing.
The opts may contain the following types:
- int or uint16: to set the ListenPort.
func NewUserspaceEngine ¶
NewUserspaceEngine creates the named tun device and returns a Tailscale Engine running on it.
func NewWatchdog ¶
NewWatchdog wraps an Engine and makes sure that all methods complete within a reasonable amount of time.
If they do not, the watchdog crashes the process.
type NetworkMapCallback ¶ added in v1.4.0
type NetworkMapCallback func(*netmap.NetworkMap)
NetworkMapCallback is the type used by callbacks that hook into network map updates.
type PeerForIP ¶ added in v1.20.0
type PeerForIP struct { // Node is the matched node. It's always a valid value when // Engine.PeerForIP returns ok==true. Node tailcfg.NodeView // IsSelf is whether the Node is the local process. IsSelf bool // Route is the route that matched the IP provided // to Engine.PeerForIP. Route netip.Prefix }
PeerForIP is the type returned by Engine.PeerForIP.
type Status ¶
type Status struct { AsOf time.Time // the time at which the status was calculated Peers []ipnstate.PeerStatusLite LocalAddrs []tailcfg.Endpoint // the set of possible endpoints for the magic conn DERPs int // number of active DERP connections }
Status is the Engine status.
TODO(bradfitz): remove this, subset of ipnstate? Need to migrate users.
type StatusCallback ¶
StatusCallback is the type of status callbacks used by Engine.SetStatusCallback.
Exactly one of Status or error is non-nil.
Directories ¶
Path | Synopsis |
---|---|
Create two wgengine instances and pass data through them, measuring throughput, latency, and packet loss.
|
Create two wgengine instances and pass data through them, measuring throughput, latency, and packet loss. |
Package capture formats packet logging into a debug pcap stream.
|
Package capture formats packet logging into a debug pcap stream. |
Package filter is a stateful packet filter.
|
Package filter is a stateful packet filter. |
filtertype
Package filtertype defines the types used by wgengine/filter.
|
Package filtertype defines the types used by wgengine/filter. |
Package magicsock implements a socket that can change its communication path while in use, actively searching for the best way to communicate.
|
Package magicsock implements a socket that can change its communication path while in use, actively searching for the best way to communicate. |
Package netlog provides a logger that monitors a TUN device and periodically records any traffic into a log stream.
|
Package netlog provides a logger that monitors a TUN device and periodically records any traffic into a log stream. |
Package netstack wires up gVisor's netstack into Tailscale.
|
Package netstack wires up gVisor's netstack into Tailscale. |
gro
Package gro implements GRO for the receive (write) path into gVisor.
|
Package gro implements GRO for the receive (write) path into gVisor. |
Package router presents an interface to manipulate the host network stack's state.
|
Package router presents an interface to manipulate the host network stack's state. |
Package wgcfg has types and a parser for representing WireGuard config.
|
Package wgcfg has types and a parser for representing WireGuard config. |
nmcfg
Package nmcfg converts a controlclient.NetMap into a wgcfg config.
|
Package nmcfg converts a controlclient.NetMap into a wgcfg config. |
Package wgint provides somewhat shady access to wireguard-go internals that don't (yet) have public APIs.
|
Package wgint provides somewhat shady access to wireguard-go internals that don't (yet) have public APIs. |
Package wglog contains logging helpers for wireguard-go.
|
Package wglog contains logging helpers for wireguard-go. |
Package winnet contains Windows-specific networking code.
|
Package winnet contains Windows-specific networking code. |