blob: e80806077823984dafe278a3bc56927f6cb26bda (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
#!/usr/bin/env python3
import base64
import subprocess
import ipaddress
import os
import nacl.utils
import sys
from nacl.public import PrivateKey
from tqdm import tqdm
from timeit import default_timer as timer
NETWORK=ipaddress.ip_network('10.99.0.0/16')
def shell(cmd, input=''):
return subprocess.run(cmd.split(' '), input=input.encode('utf-8'), stdout=subprocess.PIPE)
class Peer:
def __init__(self, ip):
privkey = PrivateKey.generate()
self.privkey = base64.b64encode(bytes(privkey)).decode('utf-8')
self.pubkey = base64.b64encode(bytes(privkey.public_key)).decode('utf-8')
self.ip = ip
if os.geteuid() != 0:
print("must be root.")
exit()
peers = []
hosts = list(NETWORK.hosts())
print("generating {} peers".format(len(hosts)))
gen_start = timer()
for ip in tqdm(hosts):
peers.append(Peer(ip))
gen_end = timer()
print("finished generating in {:.2f}".format(gen_end - gen_start))
if len(sys.argv) > 1:
print("using " + sys.argv[1])
print(shell(sys.argv[1] + " utun8").stdout.decode('utf-8').strip())
else:
print("using kernel wireguard")
shell("ip link add dev utun8 type wireguard").check_returncode()
add_start = timer()
print("adding peers to device")
cmds = []
for peer in tqdm(peers):
cmds.append("peer {} allowed-ips {}/32".format(peer.pubkey, peer.ip))
if len(cmds) > 1000:
ret = shell("wg set utun8 " + ' '.join(cmds))
if ret.returncode != 0:
print("ERROR " + ret.stdout.decode('utf-8').strip())
exit()
cmds = []
if len(cmds) > 0:
shell("wg set utun8 " + ' '.join(cmds))
add_end = timer()
print("finished adding in {:.2f}".format(add_end - add_start))
# print("destroying interface")
# os.remove("/var/run/wireguard/utun8.sock")
|