netstack

package
v0.0.0-...-21f6bd8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 4, 2025 License: MPL-2.0 Imports: 39 Imported by: 0

Documentation

Overview

Package netstack provides the implemention of data-link layer endpoints backed by boundary-preserving file descriptors (e.g., TUN devices, seqpacket/datagram sockets).

Adopted from: github.com/google/gvisor/blob/f33d034/pkg/tcpip/link/fdbased/endpoint.go since fdbased isn't built when building for android (it is only built for linux).

Index

Constants

View Source 
const (
	// DirectionSend indicates a sent packet.
	DirectionSend = iota
	// DirectionRecv indicates a received packet.
	DirectionRecv
)
View Source 
const SnapLen uint32 = 2048 // in bytes; some sufficient value

SnapLen is the maximum bytes of a packet to be saved. Packets with a length less than or equal to snapLen will be saved in their entirety. Longer packets will be truncated to snapLen. TODO: MTU instead of SnapLen? Must match pcapsink.begin()

Variables

This section is empty.

Functions

func HandlerAddrs 

func HandlerAddrs(hdl GConnHandler) (ifaddr4 netip.Prefix, ifaddr6 netip.Prefix)

func InboundTCP 

func InboundTCP(who string, s *stack.Stack, in net.Conn, to, from netip.AddrPort, h GTCPConnHandler) error

s is the netstack to use for dialing (reads/writes). in is the incoming connection to netstack, s. to (src) is remote. from (dst) is local (to netstack, s). h is the handler that handles connection in into netstack, s, by dialing to from (dst) from to (src).

func InboundUDP 

func InboundUDP(who string, s *stack.Stack, in net.Conn, to, from netip.AddrPort, h GUDPConnHandler) error

func LogPacket 

func LogPacket(prefix string, dir Direction, protocol tcpip.NetworkProtocolNumber, pkt *stack.PacketBuffer)

LogPacket logs a packet to stdout.

func NewNetstack 

func NewNetstack() (s *stack.Stack)

also: github.com/google/gvisor/blob/adbdac747/runsc/boot/loader.go#L1132 github.com/FlowerWrong/tun2socks/blob/1045a49618/cmd/netstack/main.go github.com/zen-of-proxy/go-tun2io/blob/c08b329b8/tun2io/util.go github.com/WireGuard/wireguard-go/blob/42c9af4/tun/netstack/tun.go github.com/telepresenceio/telepresence/pull/2709

func NewReverseGConnHandler 

func NewReverseGConnHandler(pctx context.Context, to *stack.Stack, of tcpip.NICID, ep SeamlessEndpoint, via GConnHandler) *gconnhandler

func OutboundICMP 

func OutboundICMP(id string, s *stack.Stack, hdl GICMPHandler)

github.com/google/gvisor/blob/738e1d995f/pkg/tcpip/network/ipv4/icmp.go github.com/google/gvisor/blob/738e1d995f/pkg/tcpip/network/ipv6/icmp.go

func OutboundTCP 

func OutboundTCP(id string, s *stack.Stack, h GTCPConnHandler)

OutboundTCP sets up a TCP forwarder h to handle TCP packets. If h is nil, s uses the (built-in) default TCP forwarding logic.

func OutboundUDP 

func OutboundUDP(id string, s *stack.Stack, h GUDPConnHandler)

OutboundUDP sets up a UDP forwarder h for outbound UDP packets. If h is nil, s uses the (built-in) default UDP forwarding logic.

func Pcap2File 

func Pcap2File(y bool) (ok bool)

func Pcap2Stdout 

func Pcap2Stdout(y bool) (ok bool)

func PcapModes 

func PcapModes() string

PCAP logging modes: - stdout: packets are logged to stdout - file: packets are logged to a file - none: no packets are logged

func Route 

func Route(s *stack.Stack, l3 string)

func SetNetstackOpts 

func SetNetstackOpts(s *stack.Stack)

func StackAddrs 

func StackAddrs(s *stack.Stack, nic tcpip.NICID) (netip.Addr, netip.Addr)

func Stat 

func Stat(s *stack.Stack) (out *x.NetStat, err error)

func Up 

func Up(s *stack.Stack, ep SeamlessEndpoint, h GConnHandler) (tcpip.NICID, error)

ref: github.com/brewlin/net-protocol/blob/ec64e5f899/internal/endpoint/endpoint.go#L20

func WritePCAPHeader 

func WritePCAPHeader(w io.Writer) error

Types

type DemuxerFn 

type DemuxerFn func(in net.Conn, to netip.AddrPort) error

type Direction 

type Direction int

A Direction indicates whether the packing is being sent or received.

func (Direction) String 

func (dr Direction) String() string

type EpStat 

type EpStat struct {
	// Fd is the file descriptor of the endpoint.
	Fd int
	// Alive indicates whether the endpoint is alive.
	Alive bool
	// Age is the age of the endpoint.
	Age string
	// Read is the number of bytes read from the endpoint.
	Read string
	// Written is the number of bytes written to the endpoint.
	Written string
	// LastRead is the last time the endpoint was read from.
	LastRead string
	// LastWrite is the last time the endpoint was written to.
	LastWrite string
}

func (EpStat) String 

func (s EpStat) String() string

type FdSwapper 

type FdSwapper interface {
	// Swap closes existing FDs; uses new fd.
	Swap(fd, mtu int) error
	// Dispose closes all existing FDs.
	Dispose() error
	// Stat returns EpStat (fd, age, read, written, lastRead, lastWrite).
	Stat() EpStat
}

type GBaseConnHandler 

type GBaseConnHandler interface {
	// OpenConns returns the number of active connections.
	OpenConns() string
	// CloseConns closes conns by ids, or all if ids is empty.
	CloseConns([]string) []string
	// end closes the handler and all its connections.
	End()
}

type GConnHandler 

type GConnHandler interface {
	Src() []netip.Prefix
	TCP() GTCPConnHandler         // TCP returns the TCP handler.
	UDP() GUDPConnHandler         // UDP returns the UDP handler.
	ICMP() GICMPHandler           // ICMP returns the ICMP handler.
	CloseConns(csv string) string // CloseConns closes the connections with the given IDs, or all if empty.
}

func NewGConnHandler 

func NewGConnHandler(addrs []netip.Prefix, tcp GTCPConnHandler, udp GUDPConnHandler, icmp GICMPHandler) GConnHandler

type GEchoConnHandler 

type GEchoConnHandler interface {
	// Ping informs if ICMP Echo from src to dst is replied to
	Ping(msg []byte, src, dst netip.AddrPort) bool
}

type GICMPConn 

type GICMPConn struct {
	// contains filtered or unexported fields
}

func DialPingAddr 

func DialPingAddr(s *stack.Stack, nic tcpip.NICID, laddr, raddr netip.Addr) (*GICMPConn, error)

func (*GICMPConn) Close 

func (pc *GICMPConn) Close() error

func (*GICMPConn) LocalAddr 

func (pc *GICMPConn) LocalAddr() net.Addr

func (*GICMPConn) Read 

func (pc *GICMPConn) Read(p []byte) (n int, err error)

func (*GICMPConn) ReadFrom 

func (pc *GICMPConn) ReadFrom(p []byte) (n int, addr net.Addr, err error)

func (*GICMPConn) RemoteAddr 

func (pc *GICMPConn) RemoteAddr() net.Addr

func (*GICMPConn) SetDeadline 

func (pc *GICMPConn) SetDeadline(t time.Time) error

func (*GICMPConn) SetReadDeadline 

func (pc *GICMPConn) SetReadDeadline(t time.Time) error

func (*GICMPConn) SetWriteDeadline 

func (pc *GICMPConn) SetWriteDeadline(t time.Time) error

func (*GICMPConn) Write 

func (pc *GICMPConn) Write(p []byte) (n int, err error)

func (*GICMPConn) WriteTo 

func (pc *GICMPConn) WriteTo(p []byte, addr net.Addr) (n int, err error)

type GICMPHandler 

type GICMPHandler interface {
	GBaseConnHandler
	GEchoConnHandler
}

type GMuxConnHandler 

type GMuxConnHandler[T gconns] interface {
	// ProxyMux proxies data between conn and multiple destinations
	// (endpoint-independent mapping).
	ProxyMux(in T, src, dst netip.AddrPort, dmx DemuxerFn) bool
}

type GSpecConnHandler 

type GSpecConnHandler[T gconns] interface {
	GBaseConnHandler
	// Proxy copies data between conn and dst (egress).
	// must not block forever as it may block netstack
	// see: netstack/dispatcher.go:newReadvDispatcher
	Proxy(in T, src, dst netip.AddrPort) bool
	// ReverseProxy copies data between conn and dst (ingress).
	ReverseProxy(out T, in net.Conn, src, dst netip.AddrPort) bool
	// Error notes the error in connecting src to dst; retrying if necessary.
	Error(in T, src, dst netip.AddrPort, err error)
}

type GTCPConn 

type GTCPConn struct {
	// contains filtered or unexported fields
}

func (*GTCPConn) Abort 

func (g *GTCPConn) Abort()

Abort aborts the connection by sending a RST segment.

func (*GTCPConn) Close 

func (g *GTCPConn) Close() error

func (*GTCPConn) CloseRead 

func (g *GTCPConn) CloseRead() error

func (*GTCPConn) CloseWrite 

func (g *GTCPConn) CloseWrite() error

func (*GTCPConn) Establish 

func (g *GTCPConn) Establish() (open bool, err error)

func (*GTCPConn) LocalAddr 

func (g *GTCPConn) LocalAddr() net.Addr

gonet conn local and remote addresses may be nil ref: github.com/tailscale/tailscale/blob/8c5c87be2/wgengine/netstack/netstack.go#L768-L775 and: github.com/google/gvisor/blob/ffabadf0/pkg/tcpip/transport/tcp/endpoint.go#L2759

func (*GTCPConn) Read 

func (g *GTCPConn) Read(data []byte) (int, error)

func (*GTCPConn) RemoteAddr 

func (g *GTCPConn) RemoteAddr() net.Addr

func (*GTCPConn) SetDeadline 

func (g *GTCPConn) SetDeadline(t time.Time) error

func (*GTCPConn) SetReadDeadline 

func (g *GTCPConn) SetReadDeadline(t time.Time) error

func (*GTCPConn) SetWriteDeadline 

func (g *GTCPConn) SetWriteDeadline(t time.Time) error

func (*GTCPConn) Write 

func (g *GTCPConn) Write(data []byte) (int, error)

type GTCPConnHandler 

type GTCPConnHandler interface {
	GSpecConnHandler[*GTCPConn]
}

type GUDPConn 

type GUDPConn struct {
	// contains filtered or unexported fields
}

func (*GUDPConn) Close 

func (g *GUDPConn) Close() error

Close closes the connection.

func (*GUDPConn) Establish 

func (g *GUDPConn) Establish() error

func (*GUDPConn) LocalAddr 

func (g *GUDPConn) LocalAddr() (addr net.Addr)

func (*GUDPConn) Read 

func (g *GUDPConn) Read(data []byte) (int, error)

func (*GUDPConn) ReadFrom 

func (g *GUDPConn) ReadFrom(data []byte) (int, net.Addr, error)

func (*GUDPConn) RemoteAddr 

func (g *GUDPConn) RemoteAddr() (addr net.Addr)

func (*GUDPConn) SetDeadline 

func (g *GUDPConn) SetDeadline(t time.Time) error

func (*GUDPConn) SetReadDeadline 

func (g *GUDPConn) SetReadDeadline(t time.Time) error

func (*GUDPConn) SetWriteDeadline 

func (g *GUDPConn) SetWriteDeadline(t time.Time) error

func (*GUDPConn) StatefulTeardown 

func (g *GUDPConn) StatefulTeardown() (fin bool)

func (*GUDPConn) Write 

func (g *GUDPConn) Write(data []byte) (int, error)

func (*GUDPConn) WriteTo 

func (g *GUDPConn) WriteTo(data []byte, addr net.Addr) (int, error)

type GUDPConnHandler 

type GUDPConnHandler interface {
	GSpecConnHandler[*GUDPConn]
	GMuxConnHandler[*GUDPConn]
}

type Options 

type Options struct {
	// FDs is a set of FDs used to read/write packets.
	FDs []int

	// MTU is the mtu to use for this endpoint.
	MTU uint32

	// EthernetHeader if true, indicates that the endpoint should read/write
	// ethernet frames instead of IP packets.
	EthernetHeader bool

	// Address is the link address for this endpoint. Only used if
	// EthernetHeader is true.
	Address tcpip.LinkAddress

	// SaveRestore if true, indicates that this NIC capability set should
	// include CapabilitySaveRestore
	SaveRestore bool

	// DisconnectOk if true, indicates that this NIC capability set should
	// include CapabilityDisconnectOk.
	DisconnectOk bool

	// TXChecksumOffload if true, indicates that this endpoints capability
	// set should include CapabilityTXChecksumOffload.
	TXChecksumOffload bool

	// RXChecksumOffload if true, indicates that this endpoints capability
	// set should include CapabilityRXChecksumOffload.
	RXChecksumOffload bool

	// If MaxSyscallHeaderBytes is non-zero, it is the maximum number of bytes
	// of struct iovec, msghdr, and mmsghdr that may be passed by each host
	// system call.
	MaxSyscallHeaderBytes int
}

Options specify the details about the fd-based endpoint to be created.

type PingAddr 

type PingAddr struct {
	// contains filtered or unexported fields
}

func PingAddrFromAddr 

func PingAddrFromAddr(addr netip.Addr) *PingAddr

func (PingAddr) Addr 

func (ipp PingAddr) Addr() netip.Addr

func (PingAddr) Network 

func (ipp PingAddr) Network() string

func (PingAddr) String 

func (ipp PingAddr) String() string

type SeamlessEndpoint 

type SeamlessEndpoint interface {
	stack.LinkEndpoint
	FdSwapper
}

func NewEndpoint 

func NewEndpoint(dev, mtu int, sink io.WriteCloser) (ep SeamlessEndpoint, err error)

ref: github.com/google/gvisor/blob/91f58d2cc/pkg/tcpip/sample/tun_tcp_echo/main.go#L102

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.