diff options
Diffstat (limited to 'contrib/client-server-example')
-rw-r--r-- | contrib/client-server-example/README | 16 | ||||
-rwxr-xr-x | contrib/client-server-example/client.sh | 20 | ||||
-rwxr-xr-x | contrib/client-server-example/server.sh | 14 |
3 files changed, 0 insertions, 50 deletions
diff --git a/contrib/client-server-example/README b/contrib/client-server-example/README deleted file mode 100644 index fd3088a..0000000 --- a/contrib/client-server-example/README +++ /dev/null @@ -1,16 +0,0 @@ - === IMPORTANT NOTE === - -Do not use these scripts in production. They are simply a -demonstration of how easy the `wg(8)` tool is at the command -line, but by no means should you actually attempt to use -these. They are horribly insecure and defeat the purpose -of WireGuard. - - STAY AWAY! - -Distros: do not distribute these with your packages. - - - -That all said, this is a pretty cool example of just how -darn easy WireGuard can be. diff --git a/contrib/client-server-example/client.sh b/contrib/client-server-example/client.sh deleted file mode 100755 index fbae46a..0000000 --- a/contrib/client-server-example/client.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -set -e -[[ $UID == 0 ]] || { echo "You must be root to run this."; exit 1; } -umask 077 -trap 'rm -f /tmp/wg_private_key' EXIT INT TERM -exec 3<>/dev/tcp/demo.wireguard.io/42912 -wg genkey | tee /tmp/wg_private_key | wg pubkey >&3 -IFS=: read -r status server_pubkey server_port internal_ip <&3 -[[ $status == OK ]] -ip link del dev wg0 2>/dev/null || true -ip link add dev wg0 type wireguard -wg set wg0 private-key /tmp/wg_private_key peer "$server_pubkey" allowed-ips 0.0.0.0/0 endpoint "demo.wireguard.io:$server_port" -ip address add "$internal_ip"/24 dev wg0 -ip link set up dev wg0 -if [ "$1" == "default-route" ]; then - host="$(wg show wg0 endpoints | sed -n 's/.*\t\(.*\):.*/\1/p')" - ip route add $(ip route get $host | sed '/ via [0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/{s/^\(.* via [0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\).*/\1/}' | head -n 1) 2>/dev/null || true - ip route add 0/1 dev wg0 - ip route add 128/1 dev wg0 -fi diff --git a/contrib/client-server-example/server.sh b/contrib/client-server-example/server.sh deleted file mode 100755 index e37861f..0000000 --- a/contrib/client-server-example/server.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash -if [[ -z $NCAT_REMOTE_ADDR ]]; then - ip link del dev wg0 2>/dev/null - set -e - ip link add dev wg0 type wireguard - ip address add 192.168.4.1/24 dev wg0 - wg set wg0 private-key <(wg genkey) listen-port 12912 - ip link set up dev wg0 - exec ncat -e "$(readlink -f "$0")" -k -l -p 42912 -v -fi -read -r public_key -[[ $(wg show wg0 | grep peer | wc -l) -ge 253 ]] && wg set wg0 peer $(wg show wg0 latest-handshakes | sort -k 2 -b -n | head -n 1 | cut -f 1) remove -next_ip=$(all="$(wg show wg0 allowed-ips)"; for ((i=2; i<=254; i++)); do ip="192.168.4.$i"; [[ $all != *$ip/32* ]] && echo $ip && break; done) -wg set wg0 peer "$public_key" allowed-ips $next_ip/32 2>/dev/null && echo "OK:$(wg show wg0 private-key | wg pubkey):$(wg show wg0 listen-port):$next_ip" || echo ERROR |