wireguard-rs

by WireGuard

WireGuard / wireguard-rs

Mirror only. Official repository is at https://git.zx2c4.com/wireguard-rs

234 Stars 19 Forks Last release: Not found MIT License 165 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

Rust Implementation of WireGuard

Usage

Most Linux kernel WireGuard users are used to adding an interface with

ip link add wg0 type wireguard
. With wireguard-rs, instead simply run:
$ wireguard-rs wg0

This will create an interface and fork into the background. To remove the interface, use the usual

ip link del wg0
, or if your system does not support removing interfaces directly, you may instead remove the control socket via
rm -f /var/run/wireguard/wg0.sock
, which will result in wireguard-rs shutting down.

When an interface is running, you may use

wg(8)
to configure it, as well as the usual
ip(8)
and
ifconfig(8)
commands.

Platforms

Linux

This will run on Linux; however YOU SHOULD NOT RUN THIS ON LINUX. Instead use the kernel module; see the installation page for instructions.

Windows

Coming soon.

FreeBSD

Coming soon.

OpenBSD

Coming soon.

Building

The wireguard-rs project is targeting the current nightly (although it should also build with stable Rust).

To build wireguard-rs (on supported platforms):

  1. Obtain nightly
    cargo
    and
    rustc
    through rustup
  2. Clone the repository:
    git clone https://git.zx2c4.com/wireguard-rs
    .
  3. Run
    cargo build --release
    from inside the
    wireguard-rs
    directory.

Architecture

This section is intended for those wishing to read/contribute to the code.

WireGuard Rust has a similar separation of concerns as many other implementations of various cryptographic transports: separating the handshake code from the packet protector. The handshake module implements an authenticated key-exchange (NoiseIK), which provides key-material, which is then consumed by the router module (packet protector) responsible for the actual encapsulation of transport messages (IP packets). This is illustrated below:

Structure

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.