node icon indicating copy to clipboard operation
node copied to clipboard
verified publisher icon mysteriumnetwork

Add initial support for wireguard provider in userspace

Open soffokl opened this issue 3 years ago • 4 comments

soffokl avatar Jun 14 '22 05:06 soffokl

As far as I know we use automatic switching between in-kernel (wg module) and userspace (TUN) implementation. Should we also use such autoswitching via probing for full userspace impl. as well?

Snawoot avatar Jun 14 '22 07:06 Snawoot

@Snawoot sure, but there are many missing parts now like protection for accessing LAN. I want to keep it as an extra flag for now.

soffokl avatar Jun 14 '22 07:06 soffokl

For some next revision I'd suggest to add packet source adress matching, so that unwanted packages could be dropped.

Example: https://github.com/xjasonlyu/tun2socks/blob/1536735456ae36fe3c9f1455bb4fe8fb10d77bc9/tunnel/udp.go#L120

Zensey avatar Jul 15 '22 13:07 Zensey

Missing parts:

  • Protection for accessing LAN
  • Traffic shaping for bandwidth limit

Donatas-MN avatar Aug 09 '22 07:08 Donatas-MN

Codecov Report

Merging #5186 (c583ab5) into master (fd6e5e5) will decrease coverage by 0.01%. The diff coverage is 0.00%.

:exclamation: Current head c583ab5 differs from pull request most recent head 43decff. Consider uploading reports for the commit 43decff to get more accurate results

@@            Coverage Diff             @@
##           master    #5186      +/-   ##
==========================================
- Coverage   38.55%   38.53%   -0.02%     
==========================================
  Files         358      359       +1     
  Lines       19563    19544      -19     
==========================================
- Hits         7542     7531      -11     
+ Misses      11287    11279       -8     
  Partials      734      734
Impacted Files Coverage Δ
config/flags_node.go 9.09% <0.00%> (-0.16%) :arrow_down:
dns/sytemcfg_unix.go 0.00% <ø> (ø)
nat/factory_linux.go 0.00% <0.00%> (ø)
nat/service_iptables.go 0.00% <0.00%> (ø)
nat/service_noop.go 0.00% <0.00%> (ø)
router/router_desktop.go 56.43% <0.00%> (ø)
services/wireguard/service/service.go 20.64% <0.00%> (ø)
services/wireguard/wgcfg/device_config.go 86.53% <ø> (ø)
requests/dialer_swarm.go 72.18% <0.00%> (-6.77%) :arrow_down:
session/pingpong/consumer_balance_tracker.go 56.63% <0.00%> (-1.43%) :arrow_down:
... and 6 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

codecov-commenter avatar Aug 18 '22 12:08 codecov-commenter

Switching to new gvisor version introduced leak of go-routine: github.com/mysteriumnetwork/node/services/wireguard/endpoint/netstack-provider.(*netTun).proxy

But adding defer dst.Close() seems to solve the problem

Zensey avatar Aug 22 '22 07:08 Zensey

It looks like now its ready to be merged

Zensey avatar Aug 23 '22 09:08 Zensey

Congrats!

Snawoot avatar Aug 24 '22 09:08 Snawoot