wireguard

package
v0.3.15 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2025 License: MPL-2.0 Imports: 32 Imported by: 4

Documentation

Overview

Package wireguard manages kernel and user-space Wireguard interfaces.

Index

Constants

View Source 
const (
	// PeerDownInterval is the time since last handshake when established peer is considered to be down.
	//
	// WG whitepaper defines a downed peer as being:
	// Handshake Timeout (180s) + Rekey Timeout (5s) + Rekey Attempt Timeout (90s)
	//
	// This interval is applied when the link is already established.
	PeerDownInterval = (180 + 5 + 90) * time.Second

	// LinkMTU is the suggested MTU of the link for Wireguard.
	//
	// Wireguard sets DF (Don't Fragment) bit on all packets, so the MTU of the link
	// should be so that with the overhead of the Wireguard header, the packet
	// is still smaller than the MTU of the link.
	//
	// To be on the safe side, we set the MTU to 1280, which is the minimum MTU
	// for IPv6.
	LinkMTU = 1280

	// RecommendedPersistentKeepAliveInterval is the recommended interval for persistent keepalive.
	RecommendedPersistentKeepAliveInterval = 25 * time.Second
)
View Source 
const InterfaceName = "siderolink"

InterfaceName is the name of the WireGuard interface.

Variables

This section is empty.

Functions

func AsUDP added in v0.3.7 

func AsUDP(addr netip.AddrPort) *net.UDPAddr

AsUDP converts netip.AddrPort to net.UDPAddr.

func DeviceLogger added in v0.3.5 

func DeviceLogger(logger *zap.Logger) *device.Logger

DeviceLogger returns a device.Logger that logs to the given zap.Logger.

func GenerateRandomNodeAddr added in v0.3.5 

func GenerateRandomNodeAddr(prefix netip.Prefix) (netip.Prefix, error)

GenerateRandomNodeAddr generates a random node address within the last 8 bytes of the given prefix.

func LinkUp added in v0.3.5 

func LinkUp(iface *net.Interface) error

LinkUp brings the WireGuard interface up.

func NetworkPrefix 

func NetworkPrefix(installationID string) netip.Prefix

NetworkPrefix returns IPv6 prefix for the SideroLink.

Server is using the first address in the block. Nodes are using random addresses from the /64 space.

func PrepareDeviceConfig added in v0.3.7 

func PrepareDeviceConfig(peerEvents []PeerEvent, oldCfg *wgtypes.Device, userHandler PeerHandler, logger *zap.Logger) ([]wgtypes.PeerConfig, error)

PrepareDeviceConfig takes a list of peer events and prepares a list of peer configurations comparing them with the old configuration.

func SetupIPToInterface added in v0.3.5 

func SetupIPToInterface(address netip.Prefix, ifaceName string) (func() error, error)

SetupIPToInterface sets up the IP address to the interface.

func UAPIOpen 

func UAPIOpen(interfaceName string) (net.Listener, error)

UAPIOpen opens a UAPI socket.

func VirtualNetworkPrefix added in v0.3.5 

func VirtualNetworkPrefix() netip.Prefix

VirtualNetworkPrefix returns IPv6 prefix for the SideroLink over GRPC. Virtual nodes will use random addresses from the /64 space.

Types

type Device 

type Device struct {
	// contains filtered or unexported fields
}

Device manages Wireguard link.

func NewDevice 

func NewDevice(config DeviceConfig) (*Device, error)

NewDevice creates a new device with settings.

func (*Device) Close 

func (dev *Device) Close() (err error)

Close the device.

func (*Device) Peers 

func (dev *Device) Peers() ([]wgtypes.Peer, error)

Peers returns underlying peer states from the underlying wireguard device.

func (*Device) Run 

func (dev *Device) Run(ctx context.Context, logger *zap.Logger, peers PeerSource) (retErr error)

Run the device.

type DeviceConfig added in v0.3.5 

type DeviceConfig struct {
	// Bind is the bind configuration for the wireguard device. If nil the default bind is used.
	Bind conn.Bind
	// PeerHandler is the optional handler for peer events.
	PeerHandler PeerHandler
	// Logger is the logger to use.
	Logger *zap.Logger
	// ServerPrefix is the prefix to bind to the wireguard device.
	ServerPrefix netip.Prefix
	// InputPacketFilters enables packet filtering on the wireguard level.
	InputPacketFilters []tun.InputPacketFilter
	// PrivateKey is the server private key.
	PrivateKey wgtypes.Key
	// AutoPeerRemoveInterval is the checks interval to remove downed peers. If zero, it's disabled.
	AutoPeerRemoveInterval time.Duration
	// ListenPort is the port to listen on. If zero, a random port is used.
	ListenPort uint16
	// ForceUserspace forces the use of userspace wireguard implementation.
	// If Bind or InputPacketFilters is set this field is always true.
	ForceUserspace bool
}

DeviceConfig is the configuration for the wireguard device.

type PeerEvent 

type PeerEvent struct {
	PubKey wgtypes.Key

	Remove   bool
	Endpoint string

	Address netip.Addr

	PersistentKeepAliveInterval *time.Duration

	VirtualAddr netip.Addr
}

PeerEvent is the event about peer state change.

type PeerHandler added in v0.3.5 

type PeerHandler interface {
	HandlePeerAdded(event PeerEvent) error
	HandlePeerRemoved(pubKey wgtypes.Key) error
}

PeerHandler is an interface for handling peer events.

type PeerSource 

type PeerSource interface {
	EventCh() <-chan PeerEvent
}

PeerSource is the interface of the "database" providing SideroLink peer information.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.