def _list_peers(self):
result = exec_command(["wg", "show", str(self.interface), "peers"],
quiet=True,
root=True,
fail_msg="failed to get peers for interface: {}".format(self.interface),
exception=WireGuardError)
peers = set(decode_output(result.stdout))
logger.trace("current peers [{}]: {}", self.interface, peers)
return peers
def _list_handshakes(self):
result = exec_command(["wg", "show", str(self.interface), "latest-handshakes"],
quiet=True,
root=True,
fail_msg="failed to get latest handshakes for interface: {}".format(self.interface),
exception=WireGuardError)
handshakes = {}
for line in decode_output(result.stdout):
l_split = list(filter(len, line.split()))
handshakes[l_split[0]] = Timestamp.unix(l_split[1])
logger.trace("current handshakes [{}]: {}", self.interface, handshakes)
return handshakes
def _list_allowed_ips(self):
result = exec_command(["wg", "show", str(self.interface), "allowed-ips"],
quiet=True,
root=True,
fail_msg="failed to get endpoints for interface: {}".format(self.interface),
exception=WireGuardError)
allowed_ips = {}
for line in decode_output(result.stdout):
l_split = list(filter(len, line.split()))
ips = set(map(ipaddress.ip_network,
filter(lambda s: s != "(none)",
filter(len, l_split[1:]))))
allowed_ips[l_split[0]] = ips
logger.trace("current allowed IPs [{}]: {}", self.interface, allowed_ips)
return allowed_ips
def _list_transfer(self):
result = exec_command(["wg", "show", str(self.interface), "transfer"],
quiet=True,
root=True,
fail_msg="failed to get transfer stats for interface: {}".format(self.interface),
exception=WireGuardError)
transfers = {}
for line in decode_output(result.stdout):
l_split = list(filter(len, line.split()))
transfers[l_split[0]] = {
"recv": int(l_split[1]),
"send": int(l_split[2])
}
logger.trace("current transfer stats [{}]: {}", self.interface, transfers)
return transfers
def ipv4_default_gateway():
result = exec_command(["ip", "route"],
fail_msg="failed to get kernel routes")
for line in decode_output(result.stdout):
if not line.startswith("default via "):
continue
l_split = list(filter(len, line.split()))
try:
gw = ipaddress.ip_address(l_split[2])
except Exception as e:
logger.debug("failed to parse as gateway address: {}", l_split[2])
continue
return gw
raise RuntimeError("failed to determine default gateway")
def _list_endpoints(self):
result = exec_command(["wg", "show", str(self.interface), "endpoints"],
quiet=True,
root=True,
fail_msg="failed to get endpoints for interface: {}".format(self.interface),
exception=WireGuardError)
endpoints = {}
for line in decode_output(result.stdout):
l_split = list(filter(len, line.split()))
endp_split = list(filter(len, l_split[1].split(":")))
try:
addr = ipaddress.ip_address(endp_split[0])
port = int(endp_split[1])
except Exception as e:
addr = "<unknown>"
port = "<unknown>"
endpoints[l_split[0]] = {
"address": addr,
"port": port
}
logger.trace("current endpoints [{}]: {}", self.interface, endpoints)
return endpoints