noisysockets
boringtun
noisysockets | boringtun | |
---|---|---|
3 | 14 | |
61 | 5,849 | |
- | 1.3% | |
8.4 | 5.2 | |
3 days ago | 3 days ago | |
Go | Rust | |
Mozilla Public License 2.0 | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
noisysockets
-
Attackers Can Decloak Routing-Based VPNs
An interesting (and portable) alternative to network namespaces is to bypass kernel networking entirely and use a userspace network stack.
I've got an example of doing just that with my project Noisy Sockets, https://github.com/noisysockets/noisysockets/blob/main/examp...
-
WireGuard client that exposes itself as a HTTP/SOCKS5 proxy
https://github.com/noisysockets/noisysockets
With that, you can replace a Dialer in Go that connects sockets, effectively wrapping sockets with Wireguard. Since it does that in userspace, you get no tun/tap. This is all open-sourced by @dpeckett
With those things, he also built a userspace wireguard gateway that includes DNS resolution. https://github.com/noisysockets/gateway
https://news.ycombinator.com/user?id=dpeckett
-
JIT WireGuard
Might as well take the opportunity to shill one of my recent experimental projects, If you are interested in building Go apps that act as userspace WireGuard peers take a look at https://github.com/dpeckett/noisysockets
Based off the excellent work in done by wireguard-go but I've attempted to simplify and make things a lot more idiomatic for library use.
boringtun
-
WireGuard client that exposes itself as a HTTP/SOCKS5 proxy
Maybe https://github.com/cloudflare/boringtun or https://github.com/WireGuard/wireguard-go ?
-
I did some benchmarks of Linux WireGuard implementations
Right now the three major Linux implementations are wireguard-linux, wireguard-go and BoringTun. With some recent improvements to wireguard-go I decided to benchmark each one of them with ping and iPerf 3 over TCP and UDP.
-
Wireguard user space Implementation not working after switching network connection
It seems to be a known problem with boringtun: IP Roaming not working when using boringtun as a client (#187)
-
How Rust and Wasm power Cloudflare's 1.1.1.1
They’ve been on the Rust train since at least 2019. Just look at projects like quiche, wrangler, and boringtun
-
Show HN: TunnlTo – Windows WireGuard split tunnel client built with Rust, Tauri
I assume since Wiresock is using BoringTun(https://github.com/cloudflare/boringtun) under the hood, it works similar to other userspace implementations of wireguard, (e.g. wireguard-go, wireguard-rs) in that it uses a TUN device to deliver packets to the userspace implementation, and back out to the network. So, no driver installation required, but CAP_NET_ADMIN is required to create the TUN device.
- Boringtun - Userspace WireGuard® Implementation in Rust
-
Set up your own VPN at home with Raspberry Pi – Wolfang's Blog
It's using some sort of a custom installer that also downloads Cloudflare's BoringTun (https://github.com/cloudflare/boringtun) directly from the author's website (nyr[.]be), since Cloudflare doesn't seem to offer it as a binary release. Example:
{ wget -qO- https://wg.nyr[.]be/1/latest/download 2>/dev/null || curl -sL https://wg.nyr.be/1/latest/download ; } | tar xz -C /usr/local/sbin/ --wildcards 'boringtun-*/boringtun' --strip-components 1
-
Wireguard not working on Xen virtualization
https://github.com/cloudflare/boringtun https://github.com/WireGuard/wireguard-go
- BoringTun: Userspace WireGuard Implementation in Rust
- A survey of AQM and fq_codel in enterprise bufferbloat battles
What are some alternatives?
wireguard-go - Mirror only. Official repository is at https://git.zx2c4.com/wireguard-go
boringtun-example - A real world ping example of boring tun
frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
mullvadvpn-app - The Mullvad VPN client app for desktop and mobile
wireguard-p2p - A tool for setting up WireGuard connections from peer to peer.
openvpn-install - Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.
workers-rs - Write Cloudflare Workers in 100% Rust via WebAssembly
prometheus_wireguard_exporter - A Prometheus exporter for WireGuard, written in Rust.
p4-codel
pivpn - The Simplest VPN installer, designed for Raspberry Pi
ngfw_src - NGFW src
wireguard-install - WireGuard VPN installer for Linux servers