mirror of
https://github.com/XTLS/Xray-core.git
synced 2024-12-22 19:33:32 +02:00
WireGuard config: Replace kernelMode
with noKernelTun
https://github.com/XTLS/Xray-core/pull/3871#issuecomment-2420770309
This commit is contained in:
parent
b0272c172a
commit
9bdf72d658
6 changed files with 58 additions and 65 deletions
|
@ -1,10 +1,8 @@
|
|||
package conf
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"github.com/xtls/xray-core/common/errors"
|
||||
|
@ -53,8 +51,7 @@ func (c *WireGuardPeerConfig) Build() (proto.Message, error) {
|
|||
type WireGuardConfig struct {
|
||||
IsClient bool `json:""`
|
||||
|
||||
KernelTun *bool `json:"kernelTun"`
|
||||
KernelMode *bool `json:"kernelMode"`
|
||||
NoKernelTun bool `json:"noKernelTun"`
|
||||
SecretKey string `json:"secretKey"`
|
||||
Address []string `json:"address"`
|
||||
Peers []*WireGuardPeerConfig `json:"peers"`
|
||||
|
@ -121,26 +118,7 @@ func (c *WireGuardConfig) Build() (proto.Message, error) {
|
|||
}
|
||||
|
||||
config.IsClient = c.IsClient
|
||||
kernelTunSupported, err := wireguard.KernelTunSupported()
|
||||
if err != nil {
|
||||
errors.LogWarning(context.Background(), fmt.Sprintf("Failed to check kernel TUN support: %v. This may indicate that your OS doesn't support kernel TUN or you lack the necessary permissions. Please ensure you have the required privileges.", err))
|
||||
config.KernelMode = false
|
||||
return config, nil
|
||||
}
|
||||
if c.KernelMode == nil {
|
||||
c.KernelMode = c.KernelTun
|
||||
}
|
||||
if c.KernelMode != nil {
|
||||
config.KernelMode = *c.KernelMode
|
||||
if config.KernelMode && !kernelTunSupported {
|
||||
errors.LogWarning(context.Background(), "kernel TUN is not supported on your OS or permission is insufficient")
|
||||
}
|
||||
} else {
|
||||
config.KernelMode = kernelTunSupported
|
||||
if config.KernelMode {
|
||||
errors.LogDebug(context.Background(), "kernel TUN is enabled as it's supported and permission is sufficient")
|
||||
}
|
||||
}
|
||||
config.NoKernelTun = c.NoKernelTun
|
||||
|
||||
return config, nil
|
||||
}
|
||||
|
|
|
@ -26,7 +26,7 @@ func TestWireGuardConfig(t *testing.T) {
|
|||
"mtu": 1300,
|
||||
"workers": 2,
|
||||
"domainStrategy": "ForceIPv6v4",
|
||||
"kernelMode": false
|
||||
"noKernelTun": false
|
||||
}`,
|
||||
Parser: loadJSON(creator),
|
||||
Output: &wireguard.DeviceConfig{
|
||||
|
@ -45,7 +45,7 @@ func TestWireGuardConfig(t *testing.T) {
|
|||
Mtu: 1300,
|
||||
NumWorkers: 2,
|
||||
DomainStrategy: wireguard.DeviceConfig_FORCE_IP64,
|
||||
KernelMode: false,
|
||||
NoKernelTun: false,
|
||||
},
|
||||
},
|
||||
})
|
||||
|
|
|
@ -1,5 +1,11 @@
|
|||
package wireguard
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/xtls/xray-core/common/errors"
|
||||
)
|
||||
|
||||
func (c *DeviceConfig) preferIP4() bool {
|
||||
return c.DomainStrategy == DeviceConfig_FORCE_IP ||
|
||||
c.DomainStrategy == DeviceConfig_FORCE_IP4 ||
|
||||
|
@ -25,8 +31,17 @@ func (c *DeviceConfig) fallbackIP6() bool {
|
|||
}
|
||||
|
||||
func (c *DeviceConfig) createTun() tunCreator {
|
||||
if c.KernelMode {
|
||||
return createKernelTun
|
||||
if c.NoKernelTun {
|
||||
return createGVisorTun
|
||||
}
|
||||
return createGVisorTun
|
||||
kernelTunSupported, err := KernelTunSupported()
|
||||
if err != nil {
|
||||
errors.LogWarning(context.Background(), "Using gVisor TUN. Failed to check kernel TUN support:", err)
|
||||
return createGVisorTun
|
||||
}
|
||||
if !kernelTunSupported {
|
||||
errors.LogWarning(context.Background(), "Using gVisor TUN. Kernel TUN is not supported on your OS, or your permission is insufficient.)")
|
||||
return createGVisorTun
|
||||
}
|
||||
return createKernelTun
|
||||
}
|
||||
|
|
|
@ -165,7 +165,7 @@ type DeviceConfig struct {
|
|||
Reserved []byte `protobuf:"bytes,6,opt,name=reserved,proto3" json:"reserved,omitempty"`
|
||||
DomainStrategy DeviceConfig_DomainStrategy `protobuf:"varint,7,opt,name=domain_strategy,json=domainStrategy,proto3,enum=xray.proxy.wireguard.DeviceConfig_DomainStrategy" json:"domain_strategy,omitempty"`
|
||||
IsClient bool `protobuf:"varint,8,opt,name=is_client,json=isClient,proto3" json:"is_client,omitempty"`
|
||||
KernelMode bool `protobuf:"varint,9,opt,name=kernel_mode,json=kernelMode,proto3" json:"kernel_mode,omitempty"`
|
||||
NoKernelTun bool `protobuf:"varint,9,opt,name=no_kernel_tun,json=noKernelTun,proto3" json:"no_kernel_tun,omitempty"`
|
||||
}
|
||||
|
||||
func (x *DeviceConfig) Reset() {
|
||||
|
@ -254,9 +254,9 @@ func (x *DeviceConfig) GetIsClient() bool {
|
|||
return false
|
||||
}
|
||||
|
||||
func (x *DeviceConfig) GetKernelMode() bool {
|
||||
func (x *DeviceConfig) GetNoKernelTun() bool {
|
||||
if x != nil {
|
||||
return x.KernelMode
|
||||
return x.NoKernelTun
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
@ -278,7 +278,7 @@ var file_proxy_wireguard_config_proto_rawDesc = []byte{
|
|||
0x76, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x09, 0x6b, 0x65, 0x65, 0x70, 0x41, 0x6c,
|
||||
0x69, 0x76, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, 0x5f, 0x69,
|
||||
0x70, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65,
|
||||
0x64, 0x49, 0x70, 0x73, 0x22, 0xc8, 0x03, 0x0a, 0x0c, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43,
|
||||
0x64, 0x49, 0x70, 0x73, 0x22, 0xcb, 0x03, 0x0a, 0x0c, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x43,
|
||||
0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x5f,
|
||||
0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, 0x65, 0x63, 0x72, 0x65,
|
||||
0x74, 0x4b, 0x65, 0x79, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74,
|
||||
|
@ -299,21 +299,21 @@ var file_proxy_wireguard_config_proto_rawDesc = []byte{
|
|||
0x65, 0x67, 0x79, 0x52, 0x0e, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74,
|
||||
0x65, 0x67, 0x79, 0x12, 0x1b, 0x0a, 0x09, 0x69, 0x73, 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
|
||||
0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x69, 0x73, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74,
|
||||
0x12, 0x1f, 0x0a, 0x0b, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x18,
|
||||
0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x4d, 0x6f, 0x64,
|
||||
0x65, 0x22, 0x5c, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74, 0x72, 0x61, 0x74,
|
||||
0x65, 0x67, 0x79, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x10,
|
||||
0x00, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x10, 0x01,
|
||||
0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x10, 0x02, 0x12,
|
||||
0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36, 0x10, 0x03, 0x12,
|
||||
0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34, 0x10, 0x04, 0x42,
|
||||
0x5e, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x78,
|
||||
0x79, 0x2e, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x50, 0x01, 0x5a, 0x29, 0x67,
|
||||
0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c, 0x73, 0x2f, 0x78,
|
||||
0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78, 0x79, 0x2f, 0x77,
|
||||
0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0xaa, 0x02, 0x14, 0x58, 0x72, 0x61, 0x79, 0x2e,
|
||||
0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x57, 0x69, 0x72, 0x65, 0x47, 0x75, 0x61, 0x72, 0x64, 0x62,
|
||||
0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
||||
0x12, 0x22, 0x0a, 0x0d, 0x6e, 0x6f, 0x5f, 0x6b, 0x65, 0x72, 0x6e, 0x65, 0x6c, 0x5f, 0x74, 0x75,
|
||||
0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x6e, 0x6f, 0x4b, 0x65, 0x72, 0x6e, 0x65,
|
||||
0x6c, 0x54, 0x75, 0x6e, 0x22, 0x5c, 0x0a, 0x0e, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x53, 0x74,
|
||||
0x72, 0x61, 0x74, 0x65, 0x67, 0x79, 0x12, 0x0c, 0x0a, 0x08, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f,
|
||||
0x49, 0x50, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50,
|
||||
0x34, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36,
|
||||
0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x34, 0x36,
|
||||
0x10, 0x03, 0x12, 0x0e, 0x0a, 0x0a, 0x46, 0x4f, 0x52, 0x43, 0x45, 0x5f, 0x49, 0x50, 0x36, 0x34,
|
||||
0x10, 0x04, 0x42, 0x5e, 0x0a, 0x18, 0x63, 0x6f, 0x6d, 0x2e, 0x78, 0x72, 0x61, 0x79, 0x2e, 0x70,
|
||||
0x72, 0x6f, 0x78, 0x79, 0x2e, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0x50, 0x01,
|
||||
0x5a, 0x29, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x78, 0x74, 0x6c,
|
||||
0x73, 0x2f, 0x78, 0x72, 0x61, 0x79, 0x2d, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x78,
|
||||
0x79, 0x2f, 0x77, 0x69, 0x72, 0x65, 0x67, 0x75, 0x61, 0x72, 0x64, 0xaa, 0x02, 0x14, 0x58, 0x72,
|
||||
0x61, 0x79, 0x2e, 0x50, 0x72, 0x6f, 0x78, 0x79, 0x2e, 0x57, 0x69, 0x72, 0x65, 0x47, 0x75, 0x61,
|
||||
0x72, 0x64, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
||||
}
|
||||
|
||||
var (
|
||||
|
|
|
@ -30,5 +30,5 @@ message DeviceConfig {
|
|||
bytes reserved = 6;
|
||||
DomainStrategy domain_strategy = 7;
|
||||
bool is_client = 8;
|
||||
bool kernel_mode = 9;
|
||||
bool no_kernel_tun = 9;
|
||||
}
|
|
@ -48,13 +48,13 @@ func TestWireguard(t *testing.T) {
|
|||
Listen: net.NewIPOrDomain(net.LocalHostIP),
|
||||
}),
|
||||
ProxySettings: serial.ToTypedMessage(&wireguard.DeviceConfig{
|
||||
IsClient: false,
|
||||
KernelMode: false,
|
||||
Endpoint: []string{"10.0.0.1"},
|
||||
Mtu: 1420,
|
||||
SecretKey: serverPrivate,
|
||||
IsClient: false,
|
||||
NoKernelTun: false,
|
||||
Endpoint: []string{"10.0.0.1"},
|
||||
Mtu: 1420,
|
||||
SecretKey: serverPrivate,
|
||||
Peers: []*wireguard.PeerConfig{{
|
||||
PublicKey: serverPublic,
|
||||
PublicKey: serverPublic,
|
||||
AllowedIps: []string{"0.0.0.0/0", "::0/0"},
|
||||
}},
|
||||
}),
|
||||
|
@ -82,8 +82,8 @@ func TestWireguard(t *testing.T) {
|
|||
Listen: net.NewIPOrDomain(net.LocalHostIP),
|
||||
}),
|
||||
ProxySettings: serial.ToTypedMessage(&dokodemo.Config{
|
||||
Address: net.NewIPOrDomain(dest.Address),
|
||||
Port: uint32(dest.Port),
|
||||
Address: net.NewIPOrDomain(dest.Address),
|
||||
Port: uint32(dest.Port),
|
||||
Networks: []net.Network{net.Network_TCP},
|
||||
}),
|
||||
},
|
||||
|
@ -91,14 +91,14 @@ func TestWireguard(t *testing.T) {
|
|||
Outbound: []*core.OutboundHandlerConfig{
|
||||
{
|
||||
ProxySettings: serial.ToTypedMessage(&wireguard.DeviceConfig{
|
||||
IsClient: true,
|
||||
KernelMode: false,
|
||||
Endpoint: []string{"10.0.0.2"},
|
||||
Mtu: 1420,
|
||||
SecretKey: clientPrivate,
|
||||
IsClient: true,
|
||||
NoKernelTun: false,
|
||||
Endpoint: []string{"10.0.0.2"},
|
||||
Mtu: 1420,
|
||||
SecretKey: clientPrivate,
|
||||
Peers: []*wireguard.PeerConfig{{
|
||||
Endpoint: "127.0.0.1:" + serverPort.String(),
|
||||
PublicKey: clientPublic,
|
||||
Endpoint: "127.0.0.1:" + serverPort.String(),
|
||||
PublicKey: clientPublic,
|
||||
AllowedIps: []string{"0.0.0.0/0", "::0/0"},
|
||||
}},
|
||||
}),
|
||||
|
@ -119,4 +119,4 @@ func TestWireguard(t *testing.T) {
|
|||
// if err := errg.Wait(); err != nil {
|
||||
// t.Error(err)
|
||||
// }
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue