wg

package module
v0.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2024 License: MIT Imports: 24 Imported by: 2

README

wg

Go Reference

wg is a library designed to facilitate the creation and management of userland WireGuard networks. It interfaces with various components of the wireguard-go library, offering a Go-based API for network operations.

Features

  • Device Management: Control over WireGuard devices, including creation, configuration, and teardown.
  • Network Configuration: Tools for setting up and managing a network stack that communicates through wireguard.
  • Advanced Networking: Dial as any address inside the tunnel, allowing remote applications to see the correct remote.

Usage

Basic
var cfg wgapi.Configurable // your configuration
var n *wg.Net
dev, err := wg.New(wg.OptionNetDevice(&n), wg.OptionConfig(cfg))
if err != nil {
	panic(err)
}
// Use `n` in place of built in tcp/udp networking
dev.Close() // Close the device to clean up resources
Networking
TCP
Listen
var n *wg.Net
// Listen on port 80 on address 192.168.99.1
l, err := n.Listen(&net.TCPAddr{IP: net.IPv4(192, 168, 99, 1), Port: 80})
if err != nil {
    panic(err)
}
defer l.Close()

for {
    conn, err := l.Accept()
    if err != nil {
        panic(err)
    }
    // Start a goroutine and handle conn
}
Dial
var n *wg.Net
// Dial with address 192.168.99.2
d := n.Dialer(net.IPv4(192, 168, 99, 2), 0) // Recommended to use port 0, since that will dial with a random open port.
// Dial port 80 on 192.168.99.1
conn, err := d.DialTCP(ctx, &net.TCPAddr{IP: net.IPv4(192, 168, 99, 1), Port: 80})
if err != nil {
    panic(err)
}
defer conn.Close()
// Use conn
Options
OptionNop

Does nothing.

OptionErr

Throws an error on device creation. Used internally.

OptionDevice

Use your own raw network device. Either this option or OptionNetDevice is required.

OptionBind

Use your own UDP device. If not specified DefaultBind is used.

OptionLogger

Specify a device.Logger to pass to the wireguard-go library.

OptionConfig

Configuration to use when configuring wireguard-go.

OptionNetDevice

Automatically configure a wg.Net type for use with this device. It will be closed when the device is closed.

var n *wg.Net
dev, err := wg.New(wg.OptionNetDevice(&n))
OptionCloser

Adds a function to be called when closing the device.

Documentation

Overview

Package wg helps with the creation and usage of userland wireguard networks.

Index

Constants

View Source 
const (
	// WireguardHeaderSize is the size of a wireguard header. The MTU needed for the [Netstack] is <actual hardware MTU> - [WireguardHeaderSize].
	WireguardHeaderSize = 80
	// DefaultMTU is the default MTU as specified from wireguard-go
	DefaultMTU = device.DefaultMTU
	// DefaultBatchSize is the default number of packets read/written from the [tun.Device] in one operation.
	DefaultBatchSize = conn.IdealBatchSize
	// DefaultChannelSize is the size of the packet queue for the underlaying [channel.Endpoint]
	DefaultChannelSize = 8 * DefaultBatchSize
)

Variables

View Source 
var (
	ErrInvalidLocalIP  = errors.New("local ip is invalid")
	ErrInvalidRemoteIP = errors.New("remote ip is invalid")
)
View Source 
var DefaultBind = defaultBind
View Source 
var (
	ErrNoDeviceSpecified = errors.New("no device specified")
)
View Source 
var SetStackOptions = func(s *stack.Stack, ep *channel.Endpoint, id *tcpip.NICID) error {
	// Wireguard-go does this
	var enableSACK tcpip.TCPSACKEnabled = true
	if err := s.SetTransportProtocolOption(tcp.ProtocolNumber, &enableSACK); err != nil {
		return &TCPIPError{Err: err}
	}

	*id = tcpip.NICID(s.UniqueID())
	if err := s.CreateNICWithOptions(*id, ep, stack.NICOptions{Name: ""}); err != nil {
		return &TCPIPError{Err: err}
	}
	return nil
}

Functions

func IsBogon added in v0.0.5 

func IsBogon(ip net.IP) bool

IsBogon returns true if dialing the address would fail due to gonet. IsPrivateNetwork is left out because it will still remote, but it can be used to help check incoming ip addresses.

func IsLinkLocal added in v0.0.5 

func IsLinkLocal(ip net.IP) bool

func IsLoopback added in v0.0.5 

func IsLoopback(ip net.IP) bool

func IsPrivateNetwork added in v0.0.5 

func IsPrivateNetwork(ip net.IP) bool

Types

type Bind 

type Bind = conn.Bind

type Device 

type Device = tun.Device

type Dialer 

type Dialer struct {
	// contains filtered or unexported fields
}

Dialer handles dialing with a given local address

func (*Dialer) DialTCP 

func (d *Dialer) DialTCP(ctx context.Context, addr *net.TCPAddr) (net.Conn, error)

DialTCP initiates a TCP connection with a remote TCP listener.

func (*Dialer) DialUDP 

func (d *Dialer) DialUDP(addr *net.UDPAddr) (net.PacketConn, error)

DialUDP dials a UDP network. Addresses in the 127.0.0.1/24 range

type Net 

type Net Netstack

Net handles the application level dialing/listening.

func (*Net) Dialer 

func (n *Net) Dialer(laddr net.IP, port uint16) *Dialer

Dialer creates a new dialer with a specified local address.

func (*Net) Listen 

func (n *Net) Listen(addr *net.TCPAddr) (net.Listener, error)

Listen listens with the TCP protocol on the given address.

func (*Net) ListenPacket 

func (n *Net) ListenPacket(addr *net.UDPAddr) (net.PacketConn, error)

ListenPacket listens with the UDP protocol on the given address

type Netstack 

type Netstack struct {
	// contains filtered or unexported fields
}

Netstack is a wireguard device that takes the raw packets communicated through wireguard and turns them into meaningful TCP/UDP connections.

func NewDefaultNetstack 

func NewDefaultNetstack() (*Netstack, error)

NewDefaultNetstack calls NewNetstack with the default values.

func NewNetstack 

func NewNetstack(mtu int, batchSize int, channelSize int) (*Netstack, error)

NewNetstack creates a new wireguard network stack.

func (*Netstack) BatchSize 

func (d *Netstack) BatchSize() int

BatchSize implements tun.Device.BatchSize and returns the configured BatchSize

func (*Netstack) Close 

func (d *Netstack) Close() error

Close closes the network stack rendering it unusable in the future.

func (*Netstack) Events 

func (d *Netstack) Events() <-chan tun.Event

Events implements tun.Device.Events

func (*Netstack) File 

func (d *Netstack) File() *os.File

File implements tun.Device.File and always returns nil

func (*Netstack) MTU 

func (d *Netstack) MTU() (int, error)

MTU implements tun.Device.MTU and returns the configured MTU

func (*Netstack) Name 

func (d *Netstack) Name() (string, error)

Name implements tun.Device.Name and always returns "point-c"

func (*Netstack) Net 

func (d *Netstack) Net() *Net

Net allows using the device similar to the net package.

func (*Netstack) Read 

func (d *Netstack) Read(buf [][]byte, sizes []int, offset int) (n int, err error)

Read will always read exactly one packet at a time.

func (*Netstack) Write 

func (d *Netstack) Write(buf [][]byte, offset int) (int, error)

Write will write all packets given to it to the underlaying netstack.

type Option 

type Option func(*options) error

func OptionBind 

func OptionBind(b Bind) Option

OptionBind sets the Bind in the [options] struct. If this is not specified DefaultBind will be used.

func OptionCloser 

func OptionCloser(closer func() error) Option

OptionCloser adds a closer function to the [options] struct. Closer functions are called to gracefully close resources when needed.

func OptionConfig 

func OptionConfig(cfg wgapi.Configurable) Option

OptionConfig specifies a wireguard config to load before the interface is brought up.

func OptionDevice 

func OptionDevice(d Device) Option

OptionDevice specifies the Device in the [options] struct.

func OptionErr 

func OptionErr(e error) Option

OptionErr causes New to fail with the given error

func OptionLogger 

func OptionLogger(l *device.Logger) Option

OptionLogger adds a logger to the [options] struct.

func OptionNetDevice 

func OptionNetDevice(p **Net) Option

OptionNetDevice initializes a userspace networking stack. Note: The pointer *p becomes valid and usable only if the New function successfully completes without returning an error. In case of errors, *p should not be considered reliable.

func OptionNop 

func OptionNop() Option

OptionNop is an Option function that does nothing. Useful as a placeholder.

type TCPIPError 

type TCPIPError struct{ Err tcpip.Error }

TCPIPError turn a tcpip.Error into a normal error.

func (*TCPIPError) Error 

func (err *TCPIPError) Error() string

type Wireguard 

type Wireguard struct {
	// contains filtered or unexported fields
}

Wireguard handles configuring and closing a wireguard client/server.

func New 

func New(opts ...Option) (_ *Wireguard, err error)

New allows the creating of a new wireguard interface.

func (*Wireguard) Close 

func (c *Wireguard) Close() (err error)

Close closes the wireguard server/client, rendering it unusable in the future.

func (*Wireguard) GetConfig 

func (c *Wireguard) GetConfig() (v wgapi.IPC, err error)

GetConfig gets the raw config from an IPC get=1 operation.

func (*Wireguard) SetConfig 

func (c *Wireguard) SetConfig(cfg wgapi.Configurable) error

SetConfig performs an IPC set=1 operation.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.