6a696e03e7
* migrate to golang.zx2c4.com/wireguard/wgctrl This commit introduces the usage of wgctrl. It avoids the usage of exec calls of the wg command and parsing the output of `wg show`. Signed-off-by: leonnicolas <leonloechner@gmx.de> * vendor wgctrl Signed-off-by: leonnicolas <leonloechner@gmx.de> * apply suggestions from code review Remove wireguard.Enpoint struct and use net.UDPAddr for the resolved endpoint and addr string (dnsanme:port) if a DN was supplied. Signed-off-by: leonnicolas <leonloechner@gmx.de> * pkg/*: use wireguard.Enpoint This commit introduces the wireguard.Enpoint struct. It encapsulates a DN name with port and a net.UPDAddr. The fields are private and only accessible over exported Methods to avoid accidental modification. Also iptables.GetProtocol is improved to avoid ipv4 rules being applied by `ip6tables`. Signed-off-by: leonnicolas <leonloechner@gmx.de> * pkg/wireguard/conf_test.go: add tests for Endpoint Signed-off-by: leonnicolas <leonloechner@gmx.de> * cmd/kg/main.go: validate port range Signed-off-by: leonnicolas <leonloechner@gmx.de> * add suggestions from review Signed-off-by: leonnicolas <leonloechner@gmx.de> * pkg/mesh/mesh.go: use Equal func Implement an Equal func for Enpoint and use it instead of comparing strings. Signed-off-by: leonnicolas <leonloechner@gmx.de> * cmd/kgctl/main.go: check port range Signed-off-by: leonnicolas <leonloechner@gmx.de> * vendor Signed-off-by: leonnicolas <leonloechner@gmx.de>
66 lines
1.8 KiB
Go
66 lines
1.8 KiB
Go
// Copyright 2019 the Kilo authors
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
//go:build linux
|
|
// +build linux
|
|
|
|
package wireguard
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/vishvananda/netlink"
|
|
)
|
|
|
|
// DefaultMTU is the the default MTU used by WireGuard.
|
|
const DefaultMTU = 1420
|
|
|
|
type wgLink struct {
|
|
a netlink.LinkAttrs
|
|
t string
|
|
}
|
|
|
|
func (w wgLink) Attrs() *netlink.LinkAttrs {
|
|
return &w.a
|
|
}
|
|
|
|
func (w wgLink) Type() string {
|
|
return w.t
|
|
}
|
|
|
|
// New returns a WireGuard interface with the given name.
|
|
// If the interface exists, its index is returned.
|
|
// Otherwise, a new interface is created.
|
|
// The function also returns a boolean to indicate if the interface was created.
|
|
func New(name string, mtu uint) (int, bool, error) {
|
|
link, err := netlink.LinkByName(name)
|
|
if err == nil {
|
|
return link.Attrs().Index, false, nil
|
|
}
|
|
if _, ok := err.(netlink.LinkNotFoundError); !ok {
|
|
return 0, false, fmt.Errorf("failed to get links: %v", err)
|
|
}
|
|
wl := wgLink{a: netlink.NewLinkAttrs(), t: "wireguard"}
|
|
wl.a.Name = name
|
|
wl.a.MTU = int(mtu)
|
|
if err := netlink.LinkAdd(wl); err != nil {
|
|
return 0, false, fmt.Errorf("failed to create interface %s: %v", name, err)
|
|
}
|
|
link, err = netlink.LinkByName(name)
|
|
if err != nil {
|
|
return 0, false, fmt.Errorf("failed to get interface index: %v", err)
|
|
}
|
|
return link.Attrs().Index, true, nil
|
|
}
|