Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var MTU = 9000
Functions ¶
This section is empty.
Types ¶
type GvisorTun ¶
type GvisorTun struct { // The IP stack serving the tun. It intercepts all TCP connections. IPStack *stack.Stack DefUDP tcpip.Endpoint DefTCP tcpip.Endpoint // If set, will be used to handle accepted TCP connections and UDP packets. // Else the Listener interface is used. Handler TUNHandler UDPHandler UDPHandler // contains filtered or unexported fields }
Intercept using a TUN and google netstack to parse TCP/UDP into streams. The connections are redirected to a capture.ProxyHandler
func NewGvisorTunCapture ¶
func NewGvisorTunCapture(ep *stack.LinkEndpoint, handler TUNHandler, udpNat ugate.UDPHandler, snif bool) *GvisorTun
NewTunCapture creates an in-process tcp stack, backed by an tun-like network interface. All TCP streams initiated on the tun or localhost will be captured.
func (*GvisorTun) DefTcp6Server ¶
func (nt *GvisorTun) DefTcp6Server()
func (*GvisorTun) DefTcpServer ¶
func (nt *GvisorTun) DefTcpServer(handler TUNHandler)
type TUNHandler ¶
Interface implemented by uGate.
Important: for android the system makes sure tun is the default route, but packets from the VPN app are excluded.
On Linux we need a similar setup. This still requires iptables to mark packets from istio-proxy, and use 2 routing tables.
type UDPHandler ¶
type UDPHandler interface {
HandleUdp(dstAddr net.IP, dstPort uint16, localAddr net.IP, localPort uint16, data []byte)
}
Used by the TUN interface
type UdpWriter ¶
type UdpWriter interface {
WriteTo(data []byte, dstAddr *net.UDPAddr, srcAddr *net.UDPAddr) (int, error)
}
UdpWriter is the interface implemented by the GvisorTun, to send raw UDP packets back to the virtual interface
func NewTUNFD ¶
func NewTUNFD(fd io.ReadWriteCloser, handler TUNHandler, udpNat UDPHandler) UdpWriter
NewTUNFD creates a gVisor stack on a TUN.