vopono
vopono copied to clipboard
jamesmcm
Run applications through VPN tunnels with temporary network namespaces
Unshare: https://stackoverflow.com/questions/10730838/how-to-create-multiple-network-namespace-from-a-single-process-instance https://man7.org/linux/man-pages/man1/unshare.1.html https://crates.io/crates/unshare (does this support modifying current process, i.e. without spawn) https://stackoverflow.com/questions/10730838/how-to-create-multiple-network-namespace-from-a-single-process-instance https://stackoverflow.com/questions/30142799/how-to-add-a-name-to-namespace setns: https://man7.org/linux/man-pages/man2/setns.2.html Also in nix: https://docs.rs/nix/0.19.0/nix/sched/fn.setns.html https://docs.rs/nix/0.19.0/nix/sched/fn.unshare.html Rust example: https://github.com/johnae/netns-exec/blob/master/src/main.rs Bind mount (to keep netns...
See MozWire commit: https://github.com/NilsIrl/MozWire/commit/d5aa228a9d113dcb911ca213b4cb23af6867061c
If wireguard-tools or openvpn are missing then warn the user and handle error from std::Process. Make them mandatory in AUR packages, and add dependencies to README for other distros (Debian,...
`--auth-user-pass` is no longer supported: https://openvpn.net/openvpn-3-linux-and-auth-user-pass/ Beta available in AUR as `openvpn3`
Now out of private beta
See https://unix.stackexchange.com/questions/184964/connect-with-d-bus-in-a-network-namespace Also https://github.com/Intika-Linux-Namespace/Netns-Exec/blob/master/netns-exec-dbus
When choosing which to use, also check that services are running (for systemd systems) and warn if neither are. Also use same service check for NetworkManager.
Will affect all providers with both Wireguard and OpenVPN, need way of sharing credentials between calls (i.e. cache in another struct and pass in rather than calling inside the config...
Add some sort of connection to check to run before launching the application to handle cases of bad Wireguard auth, etc. Could be added as part of ApplicationWrapper or before...
The idea was that we could then pass trait objects to the functions that use the VPN provider objects with dynamic dispatch (i.e. as `Box`, and then check if the...