Skip to main content

WireGuard interface for mitmproxy

Project description

mitmproxy_wireguard

PyPI PyPI - License PyPI - Status PyPI - Python Version PyPI - Wheel

Transparently proxy any device that can be configured as a WireGuard client!

Work-In-Progress.

Architecture

library architecture

DONE

  • multi-threaded / asynchronous WireGuard server using tokio:
    • one worker thread for the user-space WireGuard server
    • one worker thread for the user-space network stack
    • one worker thread for communicating with the Python runtime
  • basic TCP/IPv4 functionality, IPv6 only partially supported
  • basic UDP functionality
  • Python interface similar to the one provided by asyncio.start_server
  • basic support for reading WireGuard configuration files

TODO

  • better and more complete IPv6 support
  • better and more helpful logging
  • unit tests
  • mitmproxy Integration
  • various other TODO and FIXME items (documented in the code)

Hacking

Setting up the development environment is relatively straightforward, as only a Rust toolchain and Python 3 are required:

# set up a new venv
python3 -m venv venv

# enter venv (use the activation script for your shell)
source ./venv/bin/activate

# install maturin and pdoc
pip install maturin pdoc

Compiling the native Rust module then becomes easy:

# compile native Rust module and install it in venv
maturin develop

# compile native Rust module with optimizations
maturin develop --release

Once that's done (phew! Rust sure does take a while to compile!), the test echo server should work correctly. It will print instructions for connecting to it over a WireGuard VPN:

python3 ./echo_test_server.py

Docs

Documentation for the Python module can be built with pdoc.

The documentation is built from the mitmproxy_wireguard.pyi type stubs and the rustdoc documentation strings themselves. So to generate the documentation, the native module needs to be rebuilt, as well:

maturin develop
pdoc mitmproxy_wireguard

By default, this will build the documentation in HTML format and serve it on http://localhost:8080.

Note: This requires version >=11.2.0 of pdoc. It is the first version that supports generating documentation for "native-only" Python modules (like our mitmproxy_wireguard PyO3 module).

Introspecting the tokio runtime

The asynchronous runtime can be introspected using tokio-console when using a debug build of the native module:

tokio-console http://localhost:6669

There should be no task that is busy when the program is idle, i.e. there should be no busy waiting.

Note: This requires maturin>=0.12.15, as earlier versions accidentally clobbered the RUSTFLAGS that were passed to the Rust compiler, breaking use of the console_subscriber for tokio-console, which requires using the --cfg tokio_unstable flag.

Code style

The format for Rust code is enforced by rustfmt.toml. Some used configuration options are only available on nightly Rust. To apply the formatting rules, use:

cargo +nightly fmt

The format for Python code (i.e. the test echo server and the type stubs in mitmproxy_wireguard.pyi) is enforced with black and can be applied with:

black echo_test_server.py mitmproxy_wireguard.pyi benches/*.py

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

mitmproxy_wireguard-0.1.0a5.tar.gz (23.6 kB view details)

Uploaded Source

Built Distributions

mitmproxy_wireguard-0.1.0a5-cp37-abi3-win_amd64.whl (825.0 kB view details)

Uploaded CPython 3.7+Windows x86-64

mitmproxy_wireguard-0.1.0a5-cp37-abi3-win32.whl (805.3 kB view details)

Uploaded CPython 3.7+Windows x86

mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl (1.5 MB view details)

Uploaded CPython 3.7+manylinux: glibc 2.12+ x86-64

mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_i686.manylinux2010_i686.whl (1.5 MB view details)

Uploaded CPython 3.7+manylinux: glibc 2.12+ i686

mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_9_x86_64.macosx_11_0_arm64.macosx_10_9_universal2.whl (2.0 MB view details)

Uploaded CPython 3.7+macOS 10.9+ universal2 (ARM64, x86-64)macOS 10.9+ x86-64macOS 11.0+ ARM64

mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_7_x86_64.whl (1.0 MB view details)

Uploaded CPython 3.7+macOS 10.7+ x86-64

File details

Details for the file mitmproxy_wireguard-0.1.0a5.tar.gz.

File metadata

  • Download URL: mitmproxy_wireguard-0.1.0a5.tar.gz
  • Upload date:
  • Size: 23.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.1 CPython/3.10.6

File hashes

Hashes for mitmproxy_wireguard-0.1.0a5.tar.gz
Algorithm Hash digest
SHA256 19aa1d5c5be4837868fbc2b52f510dfea5b35aecb932ff7b8ddc88526e6af074
MD5 2a56678814986854c8188d2da7c1296d
BLAKE2b-256 f1e1748734c448049aa03797a5ca453fdff8ddc28b9ddf7e83d0652b2f27ca2e

See more details on using hashes here.

File details

Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-win_amd64.whl.

File metadata

File hashes

Hashes for mitmproxy_wireguard-0.1.0a5-cp37-abi3-win_amd64.whl
Algorithm Hash digest
SHA256 e98fc7a983b337ecf7ea9938c882986a371734b97f85eb8f138710c630dd71ee
MD5 338aff6afa8ece24a2cbb0c137f69a93
BLAKE2b-256 1d8dbd3cd1f6bc779e6689887ad43c858fc3a41c087204e4b02072206866a68b

See more details on using hashes here.

File details

Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-win32.whl.

File metadata

File hashes

Hashes for mitmproxy_wireguard-0.1.0a5-cp37-abi3-win32.whl
Algorithm Hash digest
SHA256 6fa5bae4da923405b2c7205740372fc84595cf26369d49f2f68e4583cbc2b685
MD5 de524c4532f1f61d53e0778635e83a87
BLAKE2b-256 236b69fdb2ec1d71a52f766c5b53d8ac4fb6f0a832bb38087aabc8576106617e

See more details on using hashes here.

File details

Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl.

File metadata

File hashes

Hashes for mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
Algorithm Hash digest
SHA256 cde820329214e304837b898319af62a71ccbb894fdcc13958b81bf92d49ee9dd
MD5 128408ceab82414e79eb3f474339493f
BLAKE2b-256 21c19416e7b9a05722c62ea3062c94f44445380e0d89e275b81a3296cf17f57a

See more details on using hashes here.

File details

Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_i686.manylinux2010_i686.whl.

File metadata

File hashes

Hashes for mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_i686.manylinux2010_i686.whl
Algorithm Hash digest
SHA256 8609fa69dd1117d7cb6d2cb1097db50787687da1d05a56f274a24ba4c0924020
MD5 3aff0017943f15a21319945f36c91fd0
BLAKE2b-256 4baae6055ae824452635ceb1b12ff7119445e260826fb8aac3a6b2d91d32ed5c

See more details on using hashes here.

File details

Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_9_x86_64.macosx_11_0_arm64.macosx_10_9_universal2.whl.

File metadata

File hashes

Hashes for mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_9_x86_64.macosx_11_0_arm64.macosx_10_9_universal2.whl
Algorithm Hash digest
SHA256 604e3efeb0d4732fa716172faa9045b844d0f1beb7520655e7f648666de5907c
MD5 d86ab1d10a54e6bde6e49fb222093956
BLAKE2b-256 ea0eb4495b2a732a59ec33ad0441b7b6a40bcca93a40cc1a3529782ac185107c

See more details on using hashes here.

File details

Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_7_x86_64.whl.

File metadata

File hashes

Hashes for mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_7_x86_64.whl
Algorithm Hash digest
SHA256 e1846c93d211613f92b556b9f22237ea5e458ee2c51547be94a2bb2c30692231
MD5 9b5a4334aecd9ffd6e697f2d5120009c
BLAKE2b-256 1091692528ad7267a4a8c0ba4c02815f41db679d422b608b17690523a4d56d3b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page