mirror of
https://github.com/netbirdio/netbird.git
synced 2024-11-26 01:53:42 +01:00
ecac82a5ae
This PR brings support of a shared port between stun (ICE agent) and the kernel WireGuard It implements a single port mode for execution with kernel WireGuard interface using a raw socket listener. BPF filters ensure that only STUN packets hit the NetBird userspace app Removed a lot of the proxy logic and direct mode exchange. Now we are doing an extra hole punch to the remote WireGuard port for best-effort cases and support to old client's direct mode.
12 lines
360 B
Go
12 lines
360 B
Go
package sharedsock
|
|
|
|
import "golang.org/x/net/bpf"
|
|
|
|
const magicCookie uint32 = 0x2112A442
|
|
|
|
// BPFFilter is a generic filter that provides ipv4 and ipv6 BPF instructions
|
|
type BPFFilter interface {
|
|
// GetInstructions returns raw BPF instructions for ipv4 and ipv6
|
|
GetInstructions(port uint32) (ipv4 []bpf.RawInstruction, ipv6 []bpf.RawInstruction, err error)
|
|
}
|