mirror of https://github.com/lucheng0127/virtuallan.git synced 2025-12-24 13:17:50 +08:00

Go to file

shawnlu aa4601fa78 Update route when route nexthop user login or logout and send multicast

Only configured routes nexthop user login or logout will make
svc.Routes data change, when svc.Routes change send multicast
to sync routes
SyncRoutesForIface, bind route with tap or bridge interface
so when tap or bridge delted routes will clean up auto.
For know route nexthop ip use replace flag, for unknow route
nexthop ip delete route if exist.

2024-06-30 15:51:47 +08:00

config

Parse routes, sync routes nexthop ip when user authed or client close

2024-06-28 15:47:25 +08:00

demo/multicast

Add multicast demo

2024-06-17 09:55:11 +08:00

docs/statics

Update README

2024-06-11 17:22:23 +08:00

pkg

Update route when route nexthop user login or logout and send multicast

2024-06-30 15:51:47 +08:00

scripts

Make AES key configurable

2024-06-27 15:35:49 +08:00

static

Add endpoint monitor index page

2024-05-06 15:06:43 +08:00

.gitignore

Don't allow use same user login to different endpoint

2024-04-25 11:20:16 +08:00

Dockerfile

Docker image support

2024-05-07 14:54:38 +08:00

go.mod

Customize process output, to hide some info such as key

2024-06-28 10:21:24 +08:00

go.sum

Customize process output, to hide some info such as key

2024-06-28 10:21:24 +08:00

LICENSE

Create LICENSE

2024-05-07 11:31:51 +08:00

main.go

Add user toolkit

2024-04-25 14:20:51 +08:00

Makefile

Docker image support

2024-05-07 14:54:38 +08:00

README.md

Update README

2024-06-11 17:22:23 +08:00

README.md

virtuallan

Description

virtuallan is a l2vpn. It can setup an virtual Ethernet LAN network in WAN.

Features

Basic auth for vpn endpoint
AES encrypt for ethernet traffic
Ethernet traffic in udp

How it work

server create a linux bridge for each virtual ethernet network
server create a tap interface for each authed endpoint
client create a tap interface
encrypt ethernet traffic that on tap interface and send to udp conn
receive udp stream from conn and decrypt then send to tap interface

An udp connection just like a cable connect dc and ep taps. And the taps became to a pair linux veth peer, connected to a linux bridge.

Build

➜  virtuallan git:(master) ✗ make
go generate pkg/cipher/cipher.go
go build -o virtuallan main.go

go generate will generate an random aes key

Use with docker

Build

IMG=<your image name>:<tag> make build-docker

Run docker image as server

docker run --privileged=true -d --restart always -p 6123:6123/udp -p 8000:8000 quay.io/shawnlu0127/virtuallan:20240507

Getting started

Server

➜  ~ virtuallan server -h
NAME:
   virtuallan server - run virtuallan server

USAGE:
   virtuallan server [command options] [arguments...]

OPTIONS:
   --config-dir value, -d value  config directory to launch virtuallan server, conf.yaml as config file, users as user storage
   --help, -h                    show help

config dir files:

config.yaml: server config file
users: user database csv format <username>,<user passwd base64 encode>

config.yaml

port: 6123                                     # UDP server port
ip: 192.168.123.254/24                         # Server local ip address
dhcp-range: 192.168.123.100-192.168.123.200    # DHCP ip pool
bridge: br0                                    # Server local bridge name
log-level: info                                # Log level
web:
  enable: true                                 # Monitor server enable, default false
  port: 8000                                   # Web server port

Endpoint

➜  ~ virtuallan client -h
NAME:
   virtuallan client - connect to virtuallan server

USAGE:
   virtuallan client [command options] [arguments...]

OPTIONS:
   --target value, -t value  socket virtuallan server listened on
   --user value, -u value    username of virtuallan endpoint
   --passwd value, -p value  password of virtuallan endpoint user
   --help, -h                show help

If not set -u and -p flags, you need to input user name and passwd in console

User manage

➜  virtuallan git:(master) ✗ ./virtuallan user list  -d ./config/users
shawn,guest
➜  virtuallan git:(master) ✗ ./virtuallan user add -h
NAME:
   virtuallan user add - add user

USAGE:
   virtuallan user add [command options] [arguments...]

OPTIONS:
   --db value, -d value      user db file loaction
   --user value, -u value    username of user
   --passwd value, -p value  password of user
   --help, -h                show help

Try it out

If enable web, it will start a http server on port 8000. Check the endpoints in index page.

Links of virtuallan server

Alpine-GW:~# ip a show br-vl
120: br-vl: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 9a:6d:ae:1d:5b:47 brd ff:ff:ff:ff:ff:ff
    inet 192.168.138.254/24 brd 192.168.138.255 scope global br-vl
       valid_lft forever preferred_lft forever
    inet6 fe80::7c46:faff:feb5:e372/64 scope link 
       valid_lft forever preferred_lft forever
Alpine-GW:~# ip l show master br-vl
122: tap-XudE: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br-vl state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 9a:6d:ae:1d:5b:47 brd ff:ff:ff:ff:ff:ff
123: tap-mDuc: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br-vl state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 9e:76:5a:46:3e:37 brd ff:ff:ff:ff:ff:ff
124: tap-NFvv: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br-vl state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether 5a:c1:3f:2c:2e:e8 brd ff:ff:ff:ff:ff:ff

Languages

Go 93%

HTML 3.6%

Shell 2.1%

Dockerfile 0.7%

Makefile 0.6%