iface

package
v0.0.0-...-93fed14 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 5, 2024 License: BSD-3-Clause Imports: 28 Imported by: 0

Documentation

Overview

Package iface provides wireguard network interface creation and management

Index

Constants

View Source 
const (
	DefaultMTU    = 1280
	DefaultWgPort = 51820
)
View Source 
const WgInterfaceDefault = "wt0"

WgInterfaceDefault is a default interface name of Wiretrustee

Variables

View Source 
var (
	// ErrModuleNotFound is the error resulting if a module can't be found.
	ErrModuleNotFound = errors.New("module not found")
)

Functions

func WireGuardModuleIsLoaded 

func WireGuardModuleIsLoaded() bool

WireGuardModuleIsLoaded check if we can load WireGuard mod (linux only)

Types

type DeviceWrapper 

type DeviceWrapper struct {
	tun.Device
	// contains filtered or unexported fields
}

DeviceWrapper to override Read or Write of packets

func (*DeviceWrapper) Read 

func (d *DeviceWrapper) Read(bufs [][]byte, sizes []int, offset int) (n int, err error)

Read wraps read method with filtering feature

func (*DeviceWrapper) SetFilter 

func (d *DeviceWrapper) SetFilter(filter PacketFilter)

SetFilter sets packet filter to device

func (*DeviceWrapper) Write 

func (d *DeviceWrapper) Write(bufs [][]byte, offset int) (int, error)

Write wraps write method with filtering feature

type MobileIFaceArguments 

type MobileIFaceArguments struct {
	TunAdapter TunAdapter // only for Android
	TunFd      int        // only for iOS
}

type PacketFilter 

type PacketFilter interface {
	// DropOutgoing filter outgoing packets from host to external destinations
	DropOutgoing(packetData []byte) bool

	// DropIncoming filter incoming packets from external sources to host
	DropIncoming(packetData []byte) bool

	// AddUDPPacketHook calls hook when UDP packet from given direction matched
	//
	// Hook function returns flag which indicates should be the matched package dropped or not.
	// Hook function receives raw network packet data as argument.
	AddUDPPacketHook(in bool, ip net.IP, dPort uint16, hook func(packet []byte) bool) string

	// RemovePacketHook removes hook by ID
	RemovePacketHook(hookID string) error

	// SetNetwork of the wireguard interface to which filtering applied
	SetNetwork(*net.IPNet)
}

PacketFilter interface for firewall abilities

type TunAdapter 

type TunAdapter interface {
	ConfigureInterface(address string, mtu int, dns string, searchDomains string, routes string) (int, error)
	UpdateAddr(address string) error
}

TunAdapter is an interface for create tun device from external service

type WGAddress 

type WGAddress struct {
	IP      net.IP
	Network *net.IPNet
}

WGAddress Wireguard parsed address

func (WGAddress) String 

func (addr WGAddress) String() string

type WGIface 

type WGIface struct {
	// contains filtered or unexported fields
}

WGIface represents a interface instance

func NewWGIFace 

func NewWGIFace(iFaceName string, address string, wgPort int, wgPrivKey string, mtu int, transportNet transport.Net, args *MobileIFaceArguments) (*WGIface, error)

NewWGIFace Creates a new WireGuard interface instance

func (*WGIface) AddAllowedIP 

func (w *WGIface) AddAllowedIP(peerKey string, allowedIP string) error

AddAllowedIP adds a prefix to the allowed IPs list of peer

func (*WGIface) Address 

func (w *WGIface) Address() WGAddress

Address returns the interface address

func (*WGIface) Close 

func (w *WGIface) Close() error

Close closes the tunnel interface

func (*WGIface) Create 

func (w *WGIface) Create() error

Create creates a new Wireguard interface, sets a given IP and brings it up. Will reuse an existing one. this function is different on Android

func (*WGIface) CreateOnAndroid 

func (w *WGIface) CreateOnAndroid([]string, string, []string) error

CreateOnAndroid this function make sense on mobile only

func (*WGIface) GetDevice 

func (w *WGIface) GetDevice() *DeviceWrapper

GetDevice to interact with raw device (with filtering)

func (*WGIface) GetFilter 

func (w *WGIface) GetFilter() PacketFilter

GetFilter returns packet filter used by interface if it uses userspace device implementation

func (*WGIface) IsUserspaceBind 

func (w *WGIface) IsUserspaceBind() bool

IsUserspaceBind indicates whether this interfaces is userspace with bind.ICEBind

func (*WGIface) Name 

func (w *WGIface) Name() string

Name returns the interface name

func (*WGIface) RemoveAllowedIP 

func (w *WGIface) RemoveAllowedIP(peerKey string, allowedIP string) error

RemoveAllowedIP removes a prefix from the allowed IPs list of peer

func (*WGIface) RemovePeer 

func (w *WGIface) RemovePeer(peerKey string) error

RemovePeer removes a Wireguard Peer from the interface iface

func (*WGIface) SetFilter 

func (w *WGIface) SetFilter(filter PacketFilter) error

SetFilter sets packet filters for the userspace implementation

func (*WGIface) Up 

func (w *WGIface) Up() (*bind.UniversalUDPMuxDefault, error)

Up configures a Wireguard interface The interface must exist before calling this method (e.g. call interface.Create() before)

func (*WGIface) UpdateAddr 

func (w *WGIface) UpdateAddr(newAddr string) error

UpdateAddr updates address of the interface

func (*WGIface) UpdatePeer 

func (w *WGIface) UpdatePeer(peerKey string, allowedIps string, keepAlive time.Duration, endpoint *net.UDPAddr, preSharedKey *wgtypes.Key) error

UpdatePeer updates existing Wireguard Peer or creates a new one if doesn't exist Endpoint is optional

Source Files

View all Source files

Directories

Path Synopsis
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.
iface/mocks
Package mocks is a generated GoMock package.
 Package mocks is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.