Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

improve wireguard code #198

Merged
merged 5 commits into from
Aug 3, 2024
+358 −209
Merged

improve wireguard code #198

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
05a019f
wiresocks: reduce ipscanner timeout to 1min
markpash Aug 3, 2024
c02b99a
wiresocks: ignore client-side conn resets
markpash Aug 3, 2024
6c98f7a
ipscanner: slim down scanner and use ctx everywhere
markpash Aug 3, 2024
56c443c
wireguard: some refactors
markpash Aug 3, 2024
742db3c
proxy: remove some log lines
markpash Aug 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
231 changes: 148 additions & 83 deletions app/app.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ import (
"github.com/bepass-org/warp-plus/iputils"
"github.com/bepass-org/warp-plus/psiphon"
"github.com/bepass-org/warp-plus/warp"
"github.com/bepass-org/warp-plus/wireguard/tun"
"github.com/bepass-org/warp-plus/wireguard/tun/netstack"
"github.com/bepass-org/warp-plus/wiresocks"
)

Expand Down Expand Up @@ -80,7 +82,7 @@ func RunWarp(ctx context.Context, l *slog.Logger, opts WarpOptions) error {
return err
}

l.Info("scan results", "endpoints", res)
l.Debug("scan results", "endpoints", res)

endpoints = make([]string, len(res))
for i := 0; i < len(res); i++ {
Expand Down Expand Up @@ -122,7 +124,7 @@ func runWireguard(ctx context.Context, l *slog.Logger, opts WarpOptions) error {
// Enable trick and keepalive on all peers in config
for i, peer := range conf.Peers {
peer.Trick = true
peer.KeepAlive = 3
peer.KeepAlive = 5

// Try resolving if the endpoint is a domain
addr, err := iputils.ParseResolveAddressPort(peer.Endpoint, false, opts.DnsAddr.String())
Expand All @@ -134,35 +136,56 @@ func runWireguard(ctx context.Context, l *slog.Logger, opts WarpOptions) error {
}

if opts.Tun {
// Create a new tun interface
tunDev, err := newNormalTun([]netip.Addr{opts.DnsAddr})
if err != nil {
return err
}

// Establish wireguard tunnel on tun interface
if err := establishWireguard(l, conf, tunDev, true, opts.FwMark); err != nil {
return err
var werr error
var tunDev tun.Device
for _, t := range []string{"t1", "t2"} {
// Create a new tun interface
tunDev, werr = newNormalTun([]netip.Addr{opts.DnsAddr})
if werr != nil {
continue
}

werr = establishWireguard(l, conf, tunDev, true, opts.FwMark, t)
if werr != nil {
continue
}
break
}
if werr != nil {
return werr
}

l.Info("serving tun", "interface", "warp0")
return nil
}

// Create userspace tun network stack
tunDev, tnet, err := newUsermodeTun(conf)
if err != nil {
return err
}

// Establish wireguard on userspace stack
if err := establishWireguard(l, conf, tunDev, false, opts.FwMark); err != nil {
return err
}
var werr error
var tnet *netstack.Net
var tunDev tun.Device
for _, t := range []string{"t1", "t2"} {
// Create userspace tun network stack
tunDev, tnet, werr = netstack.CreateNetTUN(conf.Interface.Addresses, conf.Interface.DNS, conf.Interface.MTU)
if err != nil {
continue
}

werr = establishWireguard(l, conf, tunDev, false, opts.FwMark, t)
if werr != nil {
continue
}

// // Test wireguard connectivity
// if err := usermodeTunTest(ctx, l, tnet); err != nil {
// return err
// }
// Test wireguard connectivity
werr = usermodeTunTest(ctx, l, tnet)
if werr != nil {
continue
}
break
}
if werr != nil {
return werr
}

// Run a proxy on the userspace stack
_, err = wiresocks.StartProxy(ctx, l, tnet, opts.Bind)
Expand Down Expand Up @@ -194,7 +217,7 @@ func runWarp(ctx context.Context, l *slog.Logger, opts WarpOptions, endpoint str
for i, peer := range conf.Peers {
peer.Endpoint = endpoint
peer.Trick = true
peer.KeepAlive = 3
peer.KeepAlive = 5

if opts.Reserved != "" {
r, err := wiresocks.ParseReserved(opts.Reserved)
Expand All @@ -208,35 +231,55 @@ func runWarp(ctx context.Context, l *slog.Logger, opts WarpOptions, endpoint str
}

if opts.Tun {
// Create a new tun interface
tunDev, err := newNormalTun([]netip.Addr{opts.DnsAddr})
if err != nil {
return err
}

// Establish wireguard tunnel on tun interface
if err := establishWireguard(l, &conf, tunDev, true, opts.FwMark); err != nil {
return err
var werr error
var tunDev tun.Device
for _, t := range []string{"t1", "t2"} {
// Create a new tun interface
tunDev, werr = newNormalTun([]netip.Addr{opts.DnsAddr})
if werr != nil {
continue
}

// Create userspace tun network stack
werr = establishWireguard(l, &conf, tunDev, true, opts.FwMark, t)
if werr != nil {
continue
}
break
}
if werr != nil {
return werr
}
l.Info("serving tun", "interface", "warp0")
return nil
}

// Create userspace tun network stack
tunDev, tnet, err := newUsermodeTun(&conf)
if err != nil {
return err
}

// Establish wireguard on userspace stack
if err := establishWireguard(l, &conf, tunDev, false, opts.FwMark); err != nil {
return err
}
var werr error
var tnet *netstack.Net
var tunDev tun.Device
for _, t := range []string{"t1", "t2"} {
tunDev, tnet, werr = netstack.CreateNetTUN(conf.Interface.Addresses, conf.Interface.DNS, conf.Interface.MTU)
if werr != nil {
continue
}

// // Test wireguard connectivity
// if err := usermodeTunTest(ctx, l, tnet); err != nil {
// return err
// }
werr = establishWireguard(l, &conf, tunDev, false, opts.FwMark, t)
if werr != nil {
continue
}

// Test wireguard connectivity
werr = usermodeTunTest(ctx, l, tnet)
if werr != nil {
continue
}
break
}
if werr != nil {
return werr
}

// Run a proxy on the userspace stack
_, err = wiresocks.StartProxy(ctx, l, tnet, opts.Bind)
Expand Down Expand Up @@ -267,7 +310,7 @@ func runWarpInWarp(ctx context.Context, l *slog.Logger, opts WarpOptions, endpoi
for i, peer := range conf.Peers {
peer.Endpoint = endpoints[0]
peer.Trick = true
peer.KeepAlive = 3
peer.KeepAlive = 5

if opts.Reserved != "" {
r, err := wiresocks.ParseReserved(opts.Reserved)
Expand All @@ -280,24 +323,35 @@ func runWarpInWarp(ctx context.Context, l *slog.Logger, opts WarpOptions, endpoi
conf.Peers[i] = peer
}

// Create userspace tun network stack
tunDev, tnet, err := newUsermodeTun(&conf)
if err != nil {
return err
}

// Establish wireguard on userspace stack and bind the wireguard sockets to the default interface and apply
if err := establishWireguard(l.With("gool", "outer"), &conf, tunDev, opts.Tun, opts.FwMark); err != nil {
return err
}
var werr error
var tnet1 *netstack.Net
var tunDev tun.Device
for _, t := range []string{"t1", "t2"} {
// Create userspace tun network stack
tunDev, tnet1, werr = netstack.CreateNetTUN(conf.Interface.Addresses, conf.Interface.DNS, conf.Interface.MTU)
if werr != nil {
continue
}

// // Test wireguard connectivity
// if err := usermodeTunTest(ctx, l, tnet); err != nil {
// return err
// }
werr = establishWireguard(l.With("gool", "outer"), &conf, tunDev, opts.Tun, opts.FwMark, t)
if werr != nil {
continue
}

// Test wireguard connectivity
werr = usermodeTunTest(ctx, l, tnet1)
if werr != nil {
continue
}
break
}
if werr != nil {
return werr
}

// Create a UDP port forward between localhost and the remote endpoint
addr, err := wiresocks.NewVtunUDPForwarder(ctx, netip.MustParseAddrPort("127.0.0.1:0"), endpoints[0], tnet, singleMTU)
addr, err := wiresocks.NewVtunUDPForwarder(ctx, netip.MustParseAddrPort("127.0.0.1:0"), endpoints[0], tnet1, singleMTU)
if err != nil {
return err
}
Expand All @@ -319,7 +373,7 @@ func runWarpInWarp(ctx context.Context, l *slog.Logger, opts WarpOptions, endpoi
// Enable keepalive on all peers in config
for i, peer := range conf.Peers {
peer.Endpoint = addr.String()
peer.KeepAlive = 10
peer.KeepAlive = 20

if opts.Reserved != "" {
r, err := wiresocks.ParseReserved(opts.Reserved)
Expand All @@ -341,30 +395,30 @@ func runWarpInWarp(ctx context.Context, l *slog.Logger, opts WarpOptions, endpoi

// Establish wireguard tunnel on tun interface but don't bind
// wireguard sockets to default interface and don't apply fwmark.
if err := establishWireguard(l.With("gool", "inner"), &conf, tunDev, false, opts.FwMark); err != nil {
if err := establishWireguard(l.With("gool", "inner"), &conf, tunDev, false, opts.FwMark, "t0"); err != nil {
return err
}
l.Info("serving tun", "interface", "warp0")
return nil
}

// Create userspace tun network stack
tunDev, tnet, err = newUsermodeTun(&conf)
tunDev, tnet2, err := netstack.CreateNetTUN(conf.Interface.Addresses, conf.Interface.DNS, conf.Interface.MTU)
if err != nil {
return err
}

// Establish wireguard on userspace stack
if err := establishWireguard(l.With("gool", "inner"), &conf, tunDev, false, opts.FwMark); err != nil {
if err := establishWireguard(l.With("gool", "inner"), &conf, tunDev, false, opts.FwMark, "t0"); err != nil {
return err
}

// // Test wireguard connectivity
// if err := usermodeTunTest(ctx, l, tnet); err != nil {
// return err
// }
// Test wireguard connectivity
if err := usermodeTunTest(ctx, l, tnet2); err != nil {
return err
}

_, err = wiresocks.StartProxy(ctx, l, tnet, opts.Bind)
_, err = wiresocks.StartProxy(ctx, l, tnet2, opts.Bind)
if err != nil {
return err
}
Expand Down Expand Up @@ -392,7 +446,7 @@ func runWarpWithPsiphon(ctx context.Context, l *slog.Logger, opts WarpOptions, e
for i, peer := range conf.Peers {
peer.Endpoint = endpoint
peer.Trick = true
peer.KeepAlive = 3
peer.KeepAlive = 5

if opts.Reserved != "" {
r, err := wiresocks.ParseReserved(opts.Reserved)
Expand All @@ -405,21 +459,32 @@ func runWarpWithPsiphon(ctx context.Context, l *slog.Logger, opts WarpOptions, e
conf.Peers[i] = peer
}

// Create userspace tun network stack
tunDev, tnet, err := newUsermodeTun(&conf)
if err != nil {
return err
}

// Establish wireguard on userspace stack
if err := establishWireguard(l, &conf, tunDev, false, opts.FwMark); err != nil {
return err
}
var werr error
var tnet *netstack.Net
var tunDev tun.Device
for _, t := range []string{"t1", "t2"} {
// Create userspace tun network stack
tunDev, tnet, werr = netstack.CreateNetTUN(conf.Interface.Addresses, conf.Interface.DNS, conf.Interface.MTU)
if werr != nil {
continue
}

// // Test wireguard connectivity
// if err := usermodeTunTest(ctx, l, tnet); err != nil {
// return err
// }
werr = establishWireguard(l, &conf, tunDev, false, opts.FwMark, t)
if werr != nil {
continue
}

// Test wireguard connectivity
werr = usermodeTunTest(ctx, l, tnet)
if werr != nil {
continue
}
break
}
if werr != nil {
return werr
}

// Run a proxy on the userspace stack
warpBind, err := wiresocks.StartProxy(ctx, l, tnet, netip.MustParseAddrPort("127.0.0.1:0"))
Expand Down
Loading