defguard_wireguard_rs is a multi-platform Rust library providing a unified high-level API for managing WireGuard interfaces using native OS kernel and userspace WireGuard protocol implementations. It can be used to create your own WireGuard:tm: VPN servers or clients for secure and private networking.
It was developed as part of defguard security platform and used in the gateway/server as well as desktop client.
- Native OS Kernel: Linux, FreeBSD (and pfSense/OPNSense), NetBSD, Windows
- Userspace: Linux, macOS, FreeBSD, NetBSD
- Peer routing - see WGApi docs.
- Configuring DNS resolver - see WGApi docs.
- On FreeBSD network interfaces are managed using ioctl.
- On Linux, handle network routing using netlink.
- fwmark handling
Please note that WireGuard-NT dll file has to be placed under resources-windows/binaries/wireguard.dll path relative to your binary.
For Windows development you'll need:
- The
stable-x86_64-pc-windows-gnuRust toolchain. Userustupto change the toolchain:
rustup install stable-x86_64-pc-windows-gnu
rustup default stable-x86_64-pc-windows-gnu
-
Install MSYS2
-
Then run this in the MSYS2 terminal:
pacman -S --needed base-devel mingw-w64-ucrt-x86_64-toolchain mingw-w64-ucrt-x86_64-nasm
- Finally add msys to your PATH:
# cmd
set PATH=C:\msys64\ucrt64\bin;%PATH%
# power-shell
$env:PATH = "C:\msys64\ucrt64\bin;" + $env:PATH
More info can be found here.
- Client: https://github.com/DefGuard/wireguard-rs/blob/main/examples/client.rs
- Server: https://github.com/DefGuard/wireguard-rs/blob/main/examples/server.rs
See the documentation for more information.
Find us on Matrix: #defguard:teonite.com
Please review the Contributing guide for information on how to get started contributing to the project. You might also find our environment setup guide handy.
WireGuard® is registered trademarks of Jason A. Donenfeld.