mirror of
https://github.com/qdm12/gluetun.git
synced 2026-06-18 09:24:07 +02:00
feat(netlink): detect ipv6 support level (#2523)
- add option `IPV6_CHECK_ADDRESSESES=[2001:4860:4860::8888]:53,[2606:4700:4700::1111]:53` - gluetun needs access to the addresses above through the host firewall, to test ipv6 support before setting up the vpn
This commit is contained in:
Quentin McGaw
@@ -7,6 +7,7 @@ import (
|
||||
"github.com/qdm12/gluetun/internal/amneziawg"
|
||||
"github.com/qdm12/gluetun/internal/configuration/settings"
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
"github.com/qdm12/gluetun/internal/netlink"
|
||||
"github.com/qdm12/gluetun/internal/provider"
|
||||
"github.com/qdm12/gluetun/internal/wireguard"
|
||||
"github.com/qdm12/gosettings"
|
||||
@@ -15,15 +16,16 @@ import (
|
||||
// setupAmneziaWg sets AmneziaWG up using the configurators and settings given.
|
||||
func setupAmneziaWg(ctx context.Context, netlinker NetLinker,
|
||||
fw Firewall, providerConf provider.Provider,
|
||||
settings settings.VPN, ipv6Supported bool, logger wireguard.Logger) (
|
||||
settings settings.VPN, ipv6SupportLevel netlink.IPv6SupportLevel, logger wireguard.Logger) (
|
||||
amneziawger *amneziawg.Amneziawg, connection models.Connection, err error,
|
||||
) {
|
||||
connection, err = providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Supported)
|
||||
ipv6Internet := ipv6SupportLevel == netlink.IPv6Internet
|
||||
connection, err = providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Internet)
|
||||
if err != nil {
|
||||
return nil, models.Connection{}, fmt.Errorf("finding a VPN server: %w", err)
|
||||
}
|
||||
|
||||
amneziaWGSettings := buildAmneziaWgSettings(connection, settings.AmneziaWg, ipv6Supported)
|
||||
amneziaWGSettings := buildAmneziaWgSettings(connection, settings.AmneziaWg, ipv6SupportLevel.IsSupported())
|
||||
|
||||
logger.Debug("Amneziawg server public key: " + amneziaWGSettings.Wireguard.PublicKey)
|
||||
logger.Debug("Amneziawg client private key: " + gosettings.ObfuscateKey(amneziaWGSettings.Wireguard.PrivateKey))
|
||||
|
||||
+34
-33
@@ -8,6 +8,7 @@ import (
|
||||
"github.com/qdm12/gluetun/internal/constants"
|
||||
"github.com/qdm12/gluetun/internal/loopstate"
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
"github.com/qdm12/gluetun/internal/netlink"
|
||||
"github.com/qdm12/gluetun/internal/vpn/state"
|
||||
"github.com/qdm12/log"
|
||||
)
|
||||
@@ -21,10 +22,10 @@ type Loop struct {
|
||||
healthChecker HealthChecker
|
||||
healthServer HealthServer
|
||||
// Fixed parameters
|
||||
buildInfo models.BuildInformation
|
||||
versionInfo bool
|
||||
ipv6Supported bool
|
||||
vpnInputPorts []uint16 // TODO make changeable through stateful firewall
|
||||
buildInfo models.BuildInformation
|
||||
versionInfo bool
|
||||
ipv6SupportLevel netlink.IPv6SupportLevel
|
||||
vpnInputPorts []uint16 // TODO make changeable through stateful firewall
|
||||
// Configurators
|
||||
openvpnConf OpenVPN
|
||||
netLinker NetLinker
|
||||
@@ -52,7 +53,7 @@ const (
|
||||
defaultBackoffTime = 15 * time.Second
|
||||
)
|
||||
|
||||
func NewLoop(vpnSettings settings.VPN, ipv6Supported bool, vpnInputPorts []uint16,
|
||||
func NewLoop(vpnSettings settings.VPN, ipv6SupportLevel netlink.IPv6SupportLevel, vpnInputPorts []uint16,
|
||||
providers Providers, storage Storage, boringPoll Service,
|
||||
healthSettings settings.Health, healthChecker HealthChecker, healthServer HealthServer,
|
||||
openvpnConf OpenVPN, netLinker NetLinker, fw Firewall, routing Routing,
|
||||
@@ -70,33 +71,33 @@ func NewLoop(vpnSettings settings.VPN, ipv6Supported bool, vpnInputPorts []uint1
|
||||
state := state.New(statusManager, vpnSettings)
|
||||
|
||||
return &Loop{
|
||||
statusManager: statusManager,
|
||||
state: state,
|
||||
providers: providers,
|
||||
storage: storage,
|
||||
healthSettings: healthSettings,
|
||||
healthChecker: healthChecker,
|
||||
healthServer: healthServer,
|
||||
buildInfo: buildInfo,
|
||||
versionInfo: versionInfo,
|
||||
ipv6Supported: ipv6Supported,
|
||||
vpnInputPorts: vpnInputPorts,
|
||||
boringPoll: boringPoll,
|
||||
openvpnConf: openvpnConf,
|
||||
netLinker: netLinker,
|
||||
fw: fw,
|
||||
routing: routing,
|
||||
portForward: portForward,
|
||||
publicip: publicip,
|
||||
dnsLooper: dnsLooper,
|
||||
cmder: cmder,
|
||||
logger: logger,
|
||||
client: client,
|
||||
start: start,
|
||||
running: running,
|
||||
stop: stop,
|
||||
stopped: stopped,
|
||||
userTrigger: true,
|
||||
backoffTime: defaultBackoffTime,
|
||||
statusManager: statusManager,
|
||||
state: state,
|
||||
providers: providers,
|
||||
storage: storage,
|
||||
healthSettings: healthSettings,
|
||||
healthChecker: healthChecker,
|
||||
healthServer: healthServer,
|
||||
buildInfo: buildInfo,
|
||||
versionInfo: versionInfo,
|
||||
ipv6SupportLevel: ipv6SupportLevel,
|
||||
vpnInputPorts: vpnInputPorts,
|
||||
boringPoll: boringPoll,
|
||||
openvpnConf: openvpnConf,
|
||||
netLinker: netLinker,
|
||||
fw: fw,
|
||||
routing: routing,
|
||||
portForward: portForward,
|
||||
publicip: publicip,
|
||||
dnsLooper: dnsLooper,
|
||||
cmder: cmder,
|
||||
logger: logger,
|
||||
client: client,
|
||||
start: start,
|
||||
running: running,
|
||||
stop: stop,
|
||||
stopped: stopped,
|
||||
userTrigger: true,
|
||||
backoffTime: defaultBackoffTime,
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
|
||||
"github.com/qdm12/gluetun/internal/configuration/settings"
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
"github.com/qdm12/gluetun/internal/netlink"
|
||||
"github.com/qdm12/gluetun/internal/openvpn"
|
||||
"github.com/qdm12/gluetun/internal/provider"
|
||||
)
|
||||
@@ -14,15 +15,16 @@ import (
|
||||
// It returns a serverName for port forwarding (PIA) and an error if it fails.
|
||||
func setupOpenVPN(ctx context.Context, fw Firewall,
|
||||
openvpnConf OpenVPN, providerConf provider.Provider,
|
||||
settings settings.VPN, ipv6Supported bool, starter Cmder,
|
||||
settings settings.VPN, ipv6SupportLevel netlink.IPv6SupportLevel, starter Cmder,
|
||||
logger openvpn.Logger) (runner *openvpn.Runner, connection models.Connection, err error,
|
||||
) {
|
||||
connection, err = providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Supported)
|
||||
ipv6Internet := ipv6SupportLevel == netlink.IPv6Internet
|
||||
connection, err = providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Internet)
|
||||
if err != nil {
|
||||
return nil, models.Connection{}, fmt.Errorf("finding a valid server connection: %w", err)
|
||||
}
|
||||
|
||||
lines := providerConf.OpenVPNConfig(connection, settings.OpenVPN, ipv6Supported)
|
||||
lines := providerConf.OpenVPNConfig(connection, settings.OpenVPN, ipv6SupportLevel.IsSupported())
|
||||
|
||||
if err := openvpnConf.WriteConfig(lines); err != nil {
|
||||
return nil, models.Connection{}, fmt.Errorf("writing configuration to file: %w", err)
|
||||
|
||||
+3
-3
@@ -37,15 +37,15 @@ func (l *Loop) Run(ctx context.Context, done chan<- struct{}) {
|
||||
case vpn.AmneziaWg:
|
||||
vpnInterface = settings.AmneziaWg.Wireguard.Interface
|
||||
vpnRunner, connection, err = setupAmneziaWg(ctx, l.netLinker, l.fw,
|
||||
providerConf, settings, l.ipv6Supported, subLogger)
|
||||
providerConf, settings, l.ipv6SupportLevel, subLogger)
|
||||
case vpn.OpenVPN:
|
||||
vpnInterface = settings.OpenVPN.Interface
|
||||
vpnRunner, connection, err = setupOpenVPN(ctx, l.fw,
|
||||
l.openvpnConf, providerConf, settings, l.ipv6Supported, l.cmder, subLogger)
|
||||
l.openvpnConf, providerConf, settings, l.ipv6SupportLevel, l.cmder, subLogger)
|
||||
case vpn.Wireguard:
|
||||
vpnInterface = settings.Wireguard.Interface
|
||||
vpnRunner, connection, err = setupWireguard(ctx, l.netLinker, l.fw,
|
||||
providerConf, settings, l.ipv6Supported, subLogger)
|
||||
providerConf, settings, l.ipv6SupportLevel, subLogger)
|
||||
default:
|
||||
panic("vpn type not implemented: " + settings.Type)
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
|
||||
"github.com/qdm12/gluetun/internal/configuration/settings"
|
||||
"github.com/qdm12/gluetun/internal/models"
|
||||
"github.com/qdm12/gluetun/internal/netlink"
|
||||
"github.com/qdm12/gluetun/internal/provider"
|
||||
"github.com/qdm12/gluetun/internal/wireguard"
|
||||
"github.com/qdm12/gosettings"
|
||||
@@ -16,15 +17,16 @@ import (
|
||||
// It returns a serverName for port forwarding (PIA) and an error if it fails.
|
||||
func setupWireguard(ctx context.Context, netlinker NetLinker,
|
||||
fw Firewall, providerConf provider.Provider,
|
||||
settings settings.VPN, ipv6Supported bool, logger wireguard.Logger) (
|
||||
settings settings.VPN, ipv6SupportLevel netlink.IPv6SupportLevel, logger wireguard.Logger) (
|
||||
wireguarder *wireguard.Wireguard, connection models.Connection, err error,
|
||||
) {
|
||||
connection, err = providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Supported)
|
||||
ipv6Internet := ipv6SupportLevel == netlink.IPv6Internet
|
||||
connection, err = providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Internet)
|
||||
if err != nil {
|
||||
return nil, models.Connection{}, fmt.Errorf("finding a VPN server: %w", err)
|
||||
}
|
||||
|
||||
wireguardSettings := buildWireguardSettings(connection, settings.Wireguard, ipv6Supported)
|
||||
wireguardSettings := buildWireguardSettings(connection, settings.Wireguard, ipv6SupportLevel.IsSupported())
|
||||
|
||||
logger.Debug("Wireguard server public key: " + wireguardSettings.PublicKey)
|
||||
logger.Debug("Wireguard client private key: " + gosettings.ObfuscateKey(wireguardSettings.PrivateKey))
|
||||
|
||||
Reference in New Issue
Block a user