Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WireGuard kernelTun: Check Capabilities instead of checking UID #3871

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

WireGuard kernelTun: Check Capabilities instead of checking UID #3871

wants to merge 1 commit into from
+21 −9

Conversation

chise0713
Copy link
Contributor

No description provided.

@RPRX
Copy link
Member

RPRX commented Oct 3, 2024

instead of checking

@RPRX
Copy link
Member

RPRX commented Oct 5, 2024

把相关的文档依据发上来

@Fangliding
Copy link
Member

控制interface需要CAP_NET_ADMIN没啥毛病吧(是不是只要这个就够了? 有待测试) 群里讨论觉得讨论觉得应该判断是否有cap而不是懒人直接检查是否是root 因为有时候不想给root权限

@RPRX
Copy link
Member

RPRX commented Oct 5, 2024

看代码只有 linux 支持 kernel tun?

@RPRX
Copy link
Member

RPRX commented Oct 5, 2024

有种 sb 不光没看这里在干嘛,还以为只有自己知道 ebpf

@Fangliding
Copy link
Member

Fangliding commented Oct 5, 2024
edited
Loading

看代码只有 linux 支持 kernel tun?

这个很早以前就说过了是命名错误 kernel mode和wireguard kernel module是半毛钱关系都没有 用系统interface处理效率更高而已

@RPRX
Copy link
Member

RPRX commented Oct 5, 2024

看代码只有 linux 支持 kernel tun?

这个很早以前就说过了是命名错误 kernel mode和wireguard kernel module是半毛钱关系都没有 用系统interface处理效率更高而已

你在回复啥,怎么感觉是已读乱回

@RPRX
Copy link
Member

RPRX commented Oct 5, 2024

我问的是是不是只有 linux 有这种 interface,你说的是配置项命名歧义问题,不过既然提到了就把 kernelMode 改名 kernelTun 吧

@Fangliding 就在这个 pr 里改,一起合并,这个 breaking 应该没事,影响范围很小

@RPRX RPRX changed the title wireguard: Check Capabilities instead check UID WireGuard kernelTun: Check Capabilities instead of checking UID Oct 5, 2024
@RPRX
Copy link
Member

RPRX commented Oct 5, 2024

还有我查了下它叫 WireGuard 而不是 Wireguard,文档需改为大写,还有入站没写 kernelTun 这项 @Fangliding

@Fangliding
Copy link
Member

还有我查了下它叫 WireGuard 而不是 Wireguard,文档需改为大写,还有入站没写 kernelTun 这项 @Fangliding

学隔壁叫 systemInterface 吧 不然有人可能搞得以为xray支持tun了
入站没写因为我不确定它到底支不支持

@RPRX
Copy link
Member

RPRX commented Oct 8, 2024

学隔壁叫 systemInterface 吧 不然有人可能搞得以为xray支持tun了

就叫 kernelTun,毕竟 Xray 又不是不会支持 tun

入站没写因为我不确定它到底支不支持

看下代码

@Fangliding
Copy link
Member

Fangliding commented Oct 8, 2024
edited
Loading

就叫 kernelTun,毕竟 Xray 又不是不会支持 tun

一码归一码 改名是为了防止误解 改一个新的会造成误解的名字不是南辕北辙了 xray以后会不会支持tun和这东西叫啥应该没关系

虽然这东西确实叫 TUN interface 但是也不该带kernel

看下代码

看得懂我就看了(

@RPRX
Copy link
Member

RPRX commented Oct 9, 2024

虽然这东西确实叫 TUN interface 但是也不该带kernel

然而它的确是 linux kernel 提供的,我觉得 kernelTun 这个名字没什么歧义

Xray 自身把代理协议和 wireguard 这样的 vpn 协议互转本身就有 tun2socks 的行为

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chise0713 @RPRX @Fangliding