Skip to content

chrj/wgnet

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
.github
.github
 
 
example
example
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
key.go
key.go
 
 
wgnet.go
wgnet.go
 
 
wgnet_test.go
wgnet_test.go
 
 

Repository files navigation

wgnet

Go Reference Go Report Card

wgnet provides a thin frontend for user-space VPN connections using the Go WireGuard implementation running on the gVisor user-space network stack.

It allows Go applications to dial and listen on a WireGuard network entirely in user-space, without requiring root privileges or special kernel modules.

Installation

go get github.com/chrj/wgnet

Quick Start

Client: Dialing over WireGuard

package main

import (
	"io"
	"log"
	"net/netip"
	"os"

	"github.com/chrj/wgnet"
)

func main() {
	// 1. Configure the device
	cfg := wgnet.NewDefaultConfiguration()
	cfg.MyIPv4 = netip.MustParseAddr("10.42.0.2")
	cfg.PrivateKey = "your-private-key"
	cfg.ServerPublicKey = "server-public-key"
	cfg.ServerEndpoint = "1.2.3.4:51820"

	// 2. Create the device
	dev, err := wgnet.NewDevice(cfg)
	if err != nil {
		log.Fatal(err)
	}
	defer dev.Close()

	// 3. Use the device to dial a connection over the VPN
	conn, err := dev.Dial("tcp", "10.42.0.1:80")
	if err != nil {
		log.Fatal(err)
	}
	defer conn.Close()

	// Use conn like a regular net.Conn
	io.WriteString(conn, "GET / HTTP/1.1\r\nHost: 10.42.0.1\r\n\r\n")
	io.Copy(os.Stdout, conn)
}

Server: Listening over WireGuard

package main

import (
	"fmt"
	"log"
	"net/http"
	"net/netip"

	"github.com/chrj/wgnet"
)

func main() {
	cfg := wgnet.NewDefaultConfiguration()
	cfg.MyIPv4 = netip.MustParseAddr("10.42.0.2")
	cfg.PrivateKey = "your-private-key"
	cfg.ServerPublicKey = "server-public-key"
	cfg.ServerEndpoint = "1.2.3.4:51820"

	dev, err := wgnet.NewDevice(cfg)
	if err != nil {
		log.Fatal(err)
	}
	defer dev.Close()

	// Listen on the VPN interface
	ln, err := dev.ListenTCP(&net.TCPAddr{
		IP:   net.ParseIP("10.42.0.2"),
		Port: 8080,
	})
	if err != nil {
		log.Fatal(err)
	}

	http.Serve(ln, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		fmt.Fprintln(w, "Hello from WireGuard!")
	}))
}

WireGuard Server: Allow other WireGuard clients to connect to you

package main

import (
	"fmt"
	"log"
	"net/http"
	"net/netip"

	"github.com/chrj/wgnet"
)

func main() {
	cfg := wgnet.NewDefaultConfiguration()
	cfg.MyIPv4 = netip.MustParseAddr("10.42.0.2")
	cfg.PrivateKey = "your-private-key"

	dev, err := wgnet.NewDevice(cfg)
	if err != nil {
		log.Fatal(err)
	}
	defer dev.Close()

	dev.AddPeer("public-key-of-peer1", netip.MustParseAddr("10.42.0.3"))
	dev.AddPeer("public-key-of-peer2", netip.MustParseAddr("10.42.0.4"))

	for {} // wait forever
}

License

MIT - See LICENSE for details.

About

wgnet provides a thin frontend for user-space VPN connections using the Go WireGuard implementation running on the gVisor user-space network stack.

Topics

go vpn wireguard

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Contributors

Languages