WireGuard interface for mitmproxy
Project description
mitmproxy_wireguard
Transparently proxy any device that can be configured as a WireGuard client!
Work-In-Progress.
Architecture
DONE
- multi-threaded / asynchronous WireGuard server using tokio:
- one worker thread for the user-space WireGuard server
- one worker thread for the user-space network stack
- one worker thread for communicating with the Python runtime
- basic TCP/IPv4 functionality, IPv6 only partially supported
- basic UDP functionality
- Python interface similar to the one provided by
asyncio.start_server
- basic support for reading WireGuard configuration files
TODO
- better and more complete IPv6 support
- better and more helpful logging
- unit tests
- mitmproxy Integration
- various other
TODO
andFIXME
items (documented in the code)
Hacking
Setting up the development environment is relatively straightforward, as only a Rust toolchain and Python 3 are required:
# set up a new venv
python3 -m venv venv
# enter venv (use the activation script for your shell)
source ./venv/bin/activate
# install maturin and pdoc
pip install maturin pdoc
Compiling the native Rust module then becomes easy:
# compile native Rust module and install it in venv
maturin develop
# compile native Rust module with optimizations
maturin develop --release
Once that's done (phew! Rust sure does take a while to compile!), the test echo server should work correctly. It will print instructions for connecting to it over a WireGuard VPN:
python3 ./echo_test_server.py
Docs
Documentation for the Python module can be built with pdoc
.
The documentation is built from the mitmproxy_wireguard.pyi
type stubs and the
rustdoc documentation strings themselves. So to generate the documentation, the
native module needs to be rebuilt, as well:
maturin develop
pdoc mitmproxy_wireguard
By default, this will build the documentation in HTML format and serve it on http://localhost:8080.
Note: This requires version >=11.2.0
of pdoc. It is the first version that
supports generating documentation for "native-only" Python modules (like our
mitmproxy_wireguard
PyO3 module).
Introspecting the tokio runtime
The asynchronous runtime can be introspected using tokio-console
when using
a debug build of the native module:
tokio-console http://localhost:6669
There should be no task that is busy when the program is idle, i.e. there should be no busy waiting.
Note: This requires maturin>=0.12.15
, as earlier versions accidentally
clobbered the RUSTFLAGS
that were passed to the Rust compiler, breaking use
of the console_subscriber
for tokio-console
, which requires using the
--cfg tokio_unstable
flag.
Code style
The format for Rust code is enforced by rustfmt.toml
. Some used configuration
options are only available on nightly Rust. To apply the formatting rules, use:
cargo +nightly fmt
The format for Python code (i.e. the test echo server and the type stubs in
mitmproxy_wireguard.pyi
) is enforced with black
and can be applied with:
black echo_test_server.py mitmproxy_wireguard.pyi benches/*.py
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
File details
Details for the file mitmproxy_wireguard-0.1.0a5.tar.gz
.
File metadata
- Download URL: mitmproxy_wireguard-0.1.0a5.tar.gz
- Upload date:
- Size: 23.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
19aa1d5c5be4837868fbc2b52f510dfea5b35aecb932ff7b8ddc88526e6af074
|
|
MD5 |
2a56678814986854c8188d2da7c1296d
|
|
BLAKE2b-256 |
f1e1748734c448049aa03797a5ca453fdff8ddc28b9ddf7e83d0652b2f27ca2e
|
File details
Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-win_amd64.whl
.
File metadata
- Download URL: mitmproxy_wireguard-0.1.0a5-cp37-abi3-win_amd64.whl
- Upload date:
- Size: 825.0 kB
- Tags: CPython 3.7+, Windows x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
e98fc7a983b337ecf7ea9938c882986a371734b97f85eb8f138710c630dd71ee
|
|
MD5 |
338aff6afa8ece24a2cbb0c137f69a93
|
|
BLAKE2b-256 |
1d8dbd3cd1f6bc779e6689887ad43c858fc3a41c087204e4b02072206866a68b
|
File details
Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-win32.whl
.
File metadata
- Download URL: mitmproxy_wireguard-0.1.0a5-cp37-abi3-win32.whl
- Upload date:
- Size: 805.3 kB
- Tags: CPython 3.7+, Windows x86
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
6fa5bae4da923405b2c7205740372fc84595cf26369d49f2f68e4583cbc2b685
|
|
MD5 |
de524c4532f1f61d53e0778635e83a87
|
|
BLAKE2b-256 |
236b69fdb2ec1d71a52f766c5b53d8ac4fb6f0a832bb38087aabc8576106617e
|
File details
Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
.
File metadata
- Download URL: mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
- Upload date:
- Size: 1.5 MB
- Tags: CPython 3.7+, manylinux: glibc 2.12+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
cde820329214e304837b898319af62a71ccbb894fdcc13958b81bf92d49ee9dd
|
|
MD5 |
128408ceab82414e79eb3f474339493f
|
|
BLAKE2b-256 |
21c19416e7b9a05722c62ea3062c94f44445380e0d89e275b81a3296cf17f57a
|
File details
Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_i686.manylinux2010_i686.whl
.
File metadata
- Download URL: mitmproxy_wireguard-0.1.0a5-cp37-abi3-manylinux_2_12_i686.manylinux2010_i686.whl
- Upload date:
- Size: 1.5 MB
- Tags: CPython 3.7+, manylinux: glibc 2.12+ i686
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
8609fa69dd1117d7cb6d2cb1097db50787687da1d05a56f274a24ba4c0924020
|
|
MD5 |
3aff0017943f15a21319945f36c91fd0
|
|
BLAKE2b-256 |
4baae6055ae824452635ceb1b12ff7119445e260826fb8aac3a6b2d91d32ed5c
|
File details
Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_9_x86_64.macosx_11_0_arm64.macosx_10_9_universal2.whl
.
File metadata
- Download URL: mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_9_x86_64.macosx_11_0_arm64.macosx_10_9_universal2.whl
- Upload date:
- Size: 2.0 MB
- Tags: CPython 3.7+, macOS 10.9+ universal2 (ARM64, x86-64), macOS 10.9+ x86-64, macOS 11.0+ ARM64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
604e3efeb0d4732fa716172faa9045b844d0f1beb7520655e7f648666de5907c
|
|
MD5 |
d86ab1d10a54e6bde6e49fb222093956
|
|
BLAKE2b-256 |
ea0eb4495b2a732a59ec33ad0441b7b6a40bcca93a40cc1a3529782ac185107c
|
File details
Details for the file mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_7_x86_64.whl
.
File metadata
- Download URL: mitmproxy_wireguard-0.1.0a5-cp37-abi3-macosx_10_7_x86_64.whl
- Upload date:
- Size: 1.0 MB
- Tags: CPython 3.7+, macOS 10.7+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
e1846c93d211613f92b556b9f22237ea5e458ee2c51547be94a2bb2c30692231
|
|
MD5 |
9b5a4334aecd9ffd6e697f2d5120009c
|
|
BLAKE2b-256 |
1091692528ad7267a4a8c0ba4c02815f41db679d422b608b17690523a4d56d3b
|