Skip to content

feat: support wsl2 mirrored networking mode #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: support wsl2 mirrored networking mode #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
666b603
feat: support wsl2 mirrored networking mode
zyition Jun 16, 2024
11fdac9
chore: update actions/upload-artifact to v4 in ci
zyition Jun 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/distro.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
ls -la wsl-vpnkit.tar.gz

- name: Artifacts
uses: actions/upload-artifact@v3
uses: actions/upload-artifact@v4
with:
name: wsl-vpnkit
path: |
Expand Down
8 changes: 4 additions & 4 deletions distro/alpine.dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
FROM docker.io/library/alpine:3.17.2 as gvisor-tap-vsock
WORKDIR /app/bin
RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.6.1/gvproxy-windows.exe && \
wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.6.1/vm && \
chmod +x ./gvproxy-windows.exe ./vm
RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.3/gvproxy-windows.exe && \
wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.3/gvforwarder && \
chmod +x ./gvproxy-windows.exe ./gvforwarder
RUN find . -type f -exec sha256sum {} \;

FROM docker.io/library/alpine:3.17.2
Expand All @@ -12,7 +12,7 @@ RUN apk update && \
apk list --installed && \
rm -rf /var/cache/apk/*
WORKDIR /app
COPY --from=gvisor-tap-vsock /app/bin/vm ./wsl-vm
COPY --from=gvisor-tap-vsock /app/bin/gvforwarder ./wsl-vm
COPY --from=gvisor-tap-vsock /app/bin/gvproxy-windows.exe ./wsl-gvproxy.exe
COPY ./wsl-vpnkit ./wsl-vpnkit.service ./
COPY ./distro/wsl.conf /etc/wsl.conf
Expand Down
8 changes: 4 additions & 4 deletions distro/fedora.dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
FROM docker.io/library/alpine:3.17.2 as gvisor-tap-vsock
WORKDIR /app/bin
RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.6.1/gvproxy-windows.exe && \
wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.6.1/vm && \
chmod +x ./gvproxy-windows.exe ./vm
RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.3/gvproxy-windows.exe && \
wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.3/gvforwarder && \
chmod +x ./gvproxy-windows.exe ./gvforwarder
RUN find . -type f -exec sha256sum {} \;

FROM docker.io/library/fedora:37
RUN dnf upgrade -y && \
dnf install -y iproute iptables-legacy iputils bind-utils wget && \
dnf clean all
WORKDIR /app
COPY --from=gvisor-tap-vsock /app/bin/vm ./wsl-vm
COPY --from=gvisor-tap-vsock /app/bin/gvforwarder ./wsl-vm
COPY --from=gvisor-tap-vsock /app/bin/gvproxy-windows.exe ./wsl-gvproxy.exe
COPY ./wsl-vpnkit ./wsl-vpnkit.service ./
COPY ./distro/wsl.conf /etc/wsl.conf
Expand Down
8 changes: 4 additions & 4 deletions distro/ubuntu.dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
FROM docker.io/library/alpine:3.17.2 as gvisor-tap-vsock
WORKDIR /app/bin
RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.6.1/gvproxy-windows.exe && \
wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.6.1/vm && \
chmod +x ./gvproxy-windows.exe ./vm
RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.3/gvproxy-windows.exe && \
wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.3/gvforwarder && \
chmod +x ./gvproxy-windows.exe ./gvforwarder
RUN find . -type f -exec sha256sum {} \;

FROM docker.io/library/ubuntu:22.04
Expand All @@ -11,7 +11,7 @@ RUN apt-get update && \
apt-get install -y iproute2 iptables iputils-ping dnsutils wget && \
apt-get clean
WORKDIR /app
COPY --from=gvisor-tap-vsock /app/bin/vm ./wsl-vm
COPY --from=gvisor-tap-vsock /app/bin/gvforwarder ./wsl-vm
COPY --from=gvisor-tap-vsock /app/bin/gvproxy-windows.exe ./wsl-gvproxy.exe
COPY ./wsl-vpnkit ./wsl-vpnkit.service ./
COPY ./distro/wsl.conf /etc/wsl.conf
Expand Down
51 changes: 33 additions & 18 deletions wsl-vpnkit
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,8 @@ TAP_MAC_ADDR=${TAP_MAC_ADDR:-5a:94:ef:e4:0c:ee}

# overrideable with env
VMEXEC_PATH=${VMEXEC_PATH:-/app/wsl-vm}
GVPROXY_PATH=${GVPROXY_PATH:-/app/wsl-gvproxy.exe}
GVPROXY_PATH=${GVPROXY_PATH:-/mnt/c/Users/Public/wsl-gvproxy.exe}
GVPROXY_STORE=${GVPROXY_STORE:-/app/wsl-gvproxy.exe}
TAP_NAME=${TAP_NAME:-wsltap}
CHECK_HOST=${CHECK_HOST:-example.com}
CHECK_DNS=${CHECK_DNS:-1.1.1.1}
Expand All @@ -20,13 +21,8 @@ set +x

# WSL2 default values
WSL2_TAP_NAME=${WSL2_TAP_NAME:-eth0}
WSL2_RESOLVCONF_DEFAULT="/mnt/wsl/resolv.conf"
if [ ! -f "$WSL2_RESOLVCONF_DEFAULT" ]; then
WSL2_RESOLVCONF_DEFAULT="/etc/resolv.conf"
fi
WSL2_RESOLVCONF=${WSL2_RESOLVCONF:-$WSL2_RESOLVCONF_DEFAULT}
WSL2_GATEWAY_IP_FROM_RESOLVCONF="$(cat $WSL2_RESOLVCONF | awk '/^nameserver/ {print $2}')"
WSL2_GATEWAY_IP=${WSL2_GATEWAY_IP:-$WSL2_GATEWAY_IP_FROM_RESOLVCONF}
WSL2_GATEWAY_IP_FROM_IP_ROUTE="$(ip route | awk '/^default/ { print $3 }')"
WSL2_GATEWAY_IP=${WSL2_GATEWAY_IP:-$WSL2_GATEWAY_IP_FROM_IP_ROUTE}

set -x

Expand All @@ -41,6 +37,30 @@ fi
# replace calls to iptables if iptables-legacy exists
command -v iptables-legacy >/dev/null && alias iptables=iptables-legacy

install_file () {
if [ -f $2 ]; then
if [ ! -f "$3" ]; then
mkdir -p "$(dirname $3)"
cp $2 "$3"
echo "copied $1 to $3"
else
echo "$1 exists at $3"
if [ `hash $2` != `hash "$3"` ]; then
cp -f $2 "$3"
echo "updated $1 at $3"
fi
fi
if [ ! -f "$2-ln" ]; then
ln -s "$3" "$2-ln"
echo "created symbolic link at $2-ln"
fi
fi
}

install () {
install_file wsl-gvproxy.exe "$GVPROXY_STORE" "$GVPROXY_PATH"
}

run () {
echo "starting vm and gvproxy..."
$VMEXEC_PATH \
Expand All @@ -54,24 +74,21 @@ run () {
}

wsl2tap_down () {
# remove WSL2 default route
ip route del default

# setup wsl-vpnkit tap
ip tuntap add $TAP_NAME mode tap
ip link set dev $TAP_NAME address $TAP_MAC_ADDR
ip link set dev $TAP_NAME up
ip addr add $VPNKIT_LOCAL_IP/255.255.255.0 dev $TAP_NAME
ip route add default via $VPNKIT_GATEWAY_IP dev $TAP_NAME
ip route add default via $VPNKIT_GATEWAY_IP dev $TAP_NAME metric 1 # Set the low priority
}

wsl2tap_up () {
# take down wsl-vpnkit tap
ip link set dev $TAP_NAME down 2>/dev/null
ip tuntap del $TAP_NAME mode tap

# add WSL2 default route
ip route add default via $WSL2_GATEWAY_IP dev $WSL2_TAP_NAME 2>/dev/null
# del added default route
ip route del default dev $TAP_NAME 2>/dev/null
}

iptables_set () {
Expand Down Expand Up @@ -144,10 +161,8 @@ if [ ! -f "$GVPROXY_PATH" ]; then
echo "GVPROXY_PATH [$GVPROXY_PATH] does not exist"
exit 1
fi
cat $WSL2_RESOLVCONF | grep "automatically generated by WSL" >/dev/null
if [ $? -eq 1 ]; then
echo "resolv.conf has been modified without setting generateResolvConf"
fi

install
$GVPROXY_PATH -help 2>/dev/null
if [ $? -eq 1 ]; then
echo "$GVPROXY_PATH is not executable due to WSL interop settings or Windows permissions"
Expand Down