personal_interest_mirrors/nebula
1
0
Fork 0
mirror of https://github.com/slackhq/nebula.git synced 2026-05-15 20:37:36 +02:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Add a way to set the network type on windows + tests (#1710)
Some checks failed
gofmt / Run gofmt (push) Failing after 2s
Details
smoke-extra / freebsd-amd64 (push) Failing after 2s
Details
smoke-extra / linux-amd64-ipv6disable (push) Failing after 3s
Details
smoke-extra / netbsd-amd64 (push) Failing after 3s
Details
smoke-extra / openbsd-amd64 (push) Failing after 3s
Details
smoke-extra / linux-386 (push) Failing after 3s
Details
smoke / Run multi node smoke test (push) Failing after 2s
Details
Build and test / Build all and test on ubuntu-linux (push) Failing after 3s
Details
Build and test / Build and test on linux with boringcrypto (push) Failing after 2s
Details
Build and test / Build and test on linux with pkcs11 (push) Failing after 2s
Details
smoke-extra / Run windows smoke test (push) Has been cancelled
Details
Build and test / Build and test on macos-latest (push) Has been cancelled
Details
Build and test / Build and test on windows-latest (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Nate Brown
2026-05-07 20:17:38 -05:00
committed by GitHub
parent c82db210ef
commit 696903d6d9
15 changed files with 1349 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
overlay/tun_windows.go
View File

@@ -25,15 +25,24 @@ import (
"golang.zx2c4.com/wireguard/windows/tunnel/winipcfg"
)
type closer interface {
Close()
}
const tunGUIDLabel = "Fixed Nebula Windows GUID v1"
type winTun struct {
Device string
vpnNetworks []netip.Prefix
MTU int
Routes atomic.Pointer[[]Route]
routeTree atomic.Pointer[bart.Table[routing.Gateways]]
l *slog.Logger
Device string
vpnNetworks []netip.Prefix
MTU int
Routes atomic.Pointer[[]Route]
routeTree atomic.Pointer[bart.Table[routing.Gateways]]
guid windows.GUID
networkCategory networkCategory
setCategory bool
bypassWDF bool
wdfBypass closer
l *slog.Logger
tun *wintun.NativeTun
}
@@ -54,11 +63,20 @@ func newTun(c *config.C, l *slog.Logger, vpnNetworks []netip.Prefix, _ bool) (*w
return nil, fmt.Errorf("generate GUID failed: %w", err)
}
cat, setCat, err := parseNetworkCategory(c.GetString("tun.network_category", "private"))
if err != nil {
return nil, err
}
t := &winTun{
Device: deviceName,
vpnNetworks: vpnNetworks,
MTU: c.GetInt("tun.mtu", DefaultMTU),
l: l,
Device: deviceName,
vpnNetworks: vpnNetworks,
MTU: c.GetInt("tun.mtu", DefaultMTU),
guid: *guid,
networkCategory: cat,
setCategory: setCat,
bypassWDF: c.GetBool("tun.windows_bypass_wdf", true),
l: l,
}
err = t.reload(c, true)
@@ -142,6 +160,17 @@ func (t *winTun) Activate() error {
return err
}
if t.setCategory {
// The wintun adapter takes a moment to register with the Network List
// Manager, so we apply the category in the background and retry until
// it shows up.
go applyNetworkCategory(t.l, t.guid, t.networkCategory)
}
if t.bypassWDF {
t.wdfBypass = installInterfaceBypass(t.l, uint64(t.tun.LUID()))
}
return nil
}
@@ -255,6 +284,11 @@ func (t *winTun) Close() error {
_ = luid.FlushDNS(windows.AF_INET)
_ = luid.FlushDNS(windows.AF_INET6)
if t.wdfBypass != nil {
t.wdfBypass.Close()
t.wdfBypass = nil
}
return t.tun.Close()
}