Expand description

§defguard_wireguard_rs

defguard_wireguard_rs is a multi-platform Rust library providing a unified high-level API for managing WireGuard interfaces using native OS kernel and userspace WireGuard protocol implementations.

It can be used to create your own WireGuard:tm: VPN servers or clients for secure and private networking.

It was developed as part of defguard security platform and used in the gateway/server as well as desktop client.

§Example

use x25519_dalek::{EphemeralSecret, PublicKey};
use defguard_wireguard_rs::{InterfaceConfiguration, WGApi, WireguardInterfaceApi, host::Peer};

// Create new API struct for interface
let ifname: String = if cfg!(target_os = "linux") || cfg!(target_os = "freebsd") {
    "wg0".into()
} else {
    "utun3".into()
};
let wgapi = WGApi::new(ifname.clone(), false)?;

// Create host interfaces
wgapi.create_interface()?;

// Configure host interface
let interface_config = InterfaceConfiguration {
    name: ifname.clone(),
    prvkey: "AAECAwQFBgcICQoLDA0OD/Dh0sO0pZaHeGlaSzwtHg8=".to_string(),
    address: "10.6.0.30".to_string(),
    port: 12345,
    peers: vec![],
};
wgapi.configure_interface(&interface_config)?;

// Create, add & remove peers
for _ in 0..32 {
    let secret = EphemeralSecret::random();
    let key = PublicKey::from(&secret);
    let peer = Peer::new(key.as_ref().try_into().unwrap());
    wgapi.configure_peer(&peer)?;
    wgapi.remove_peer(&peer.public_key)?;
}

// Remove host interface
wgapi.remove_interface()?;

Modules§

  • Interface management errors
  • Host interface configuration
  • Public key utilities
  • Network address utilities
  • Netlink utilities for controlling network interfaces on Linux

Structs§

Traits§