mirror of
https://github.com/netbirdio/netbird.git
synced 2025-01-13 17:38:44 +01:00
2eeed55c18
This PR adds supports for the WireGuard userspace implementation using Bind interface from wireguard-go. The newly introduced ICEBind struct implements Bind with UDPMux-based structs from pion/ice to handle hole punching using ICE. The core implementation was taken from StdBind of wireguard-go. The result is a single WireGuard port that is used for host and server reflexive candidates. Relay candidates are still handled separately and will be integrated in the following PRs. ICEBind checks the incoming packets for being STUN or WireGuard ones and routes them to UDPMux (to handle hole punching) or to WireGuard respectively.
43 lines
1.1 KiB
Go
43 lines
1.1 KiB
Go
package proxy
|
|
|
|
import (
|
|
log "github.com/sirupsen/logrus"
|
|
"net"
|
|
)
|
|
|
|
// NoProxy is used just to configure WireGuard without any local proxy in between.
|
|
// Used when the WireGuard interface is userspace and uses bind.ICEBind
|
|
type NoProxy struct {
|
|
config Config
|
|
}
|
|
|
|
// NewNoProxy creates a new NoProxy with a provided config
|
|
func NewNoProxy(config Config) *NoProxy {
|
|
return &NoProxy{config: config}
|
|
}
|
|
|
|
// Close removes peer from the WireGuard interface
|
|
func (p *NoProxy) Close() error {
|
|
err := p.config.WgInterface.RemovePeer(p.config.RemoteKey)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Start just updates WireGuard peer with the remote address
|
|
func (p *NoProxy) Start(remoteConn net.Conn) error {
|
|
|
|
log.Debugf("using NoProxy to connect to peer %s at %s", p.config.RemoteKey, remoteConn.RemoteAddr().String())
|
|
addr, err := net.ResolveUDPAddr("udp", remoteConn.RemoteAddr().String())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return p.config.WgInterface.UpdatePeer(p.config.RemoteKey, p.config.AllowedIps, DefaultWgKeepAlive,
|
|
addr, p.config.PreSharedKey)
|
|
}
|
|
|
|
func (p *NoProxy) Type() Type {
|
|
return TypeNoProxy
|
|
}
|