Skip to content
This repository has been archived by the owner. It is now read-only.
a userspace implementation of WireGuard (obsoleted)
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
cbits
include
src
tests
.gitignore
LICENSE
README.md
Setup.hs
nara.cabal
stack.yaml

README.md

nara is a userspace implementation of WireGuard, a fast, modern and secure VPN based on Noise protocol.

Build

Only Linux and macOS are supported at this moment.

To build nara, download and install haskell-stack first.

$ stack setup   # This will download and install GHC in a sandboxed environment,
                # optional if stack has been configured to use global GHC.
$ stack install

Usage

The following command will create a TUN device named wg0 and then daemonize to background. On macOS, the device name has to be like utun1 or utun2. Root privilege is also required.

# nara wg0

After that, use the usual wg tool to configure the device. For most distributions it's in the wireguard-tools package. Check the manpage of wg for details.

Status

Currently this is just a prototype, and there are still a lot to be done.

  • Documents and test coverage
  • Receiver-side nonce deduplicate
  • Logging and better exceptions handling
  • Cookie support to prevent DDOS attack
  • Full IPv6 support
  • An accurate timer based approach to manage lifetimes
  • Send ICMP packets back in case of unreachable hosts
  • Persistent-keepalive
  • Per-host packet queue
  • Benchmark, and performance optimization
  • FreeBSD support (perhaps Windows support as well)
  • MTU discovery and setting

License

This software is licensed in GPLv3+.

You can’t perform that action at this time.