github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-19 01:06:27 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2247 from zx2c4/update-wireguard

Browse Source 
wireguard: update to latest snapshot
This commit is contained in:
Rolf Neugebauer 2017-07-19 16:25:06 +01:00 committed by GitHub
commit 83f079eb8b
2 changed files with 11831 additions and 1790 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
projects/wireguard/README.md
View File

@ -1,16 +1,16 @@
# WireGuard
[WireGuard](https://wireguard.io) is a modern VPN released for the Linux kernel that can replace IPSec.
[WireGuard](https://www.wireguard.com) is a modern VPN released for the Linux kernel that can replace IPSec.
We can use WireGuard in Moby to better secure container networking.
WireGuard transparently encrypts *and* authenticates traffic between all peers, and uses state-of-the-art cryptography
from the [Noise protocol](http://www.noiseprotocol.org/). Moreover, WireGuard is implemented in less than a few thousand
from the [Noise protocol](https://noiseprotocol.org/). Moreover, WireGuard is implemented in less than a few thousand
lines of code, making it auditable for security.
Moreover, WireGuard provides a `wg0` (`wg1`, `wg2`,... etc) network interface that can be passed directly to containers,
such that all intercontainer traffic would benefit from encrypted and authenticated networking.
A full technical paper from NDSS 2017 is available [here](https://www.wireguard.io/papers/wireguard.pdf).
A full technical paper from NDSS 2017 is available [here](https://www.wireguard.com/papers/wireguard.pdf). The protocol has been formally verified, with a paper describing the security proofs available [here](https://www.wireguard.com/papers/wireguard-formal-verification.pdf).
## Contents
@ -27,8 +27,8 @@ This is built into the `mobylinux/init-wireguard` image that is generated by `cd
## Quickstart
The quickest way to get started is to use the provided `examples/wireguard.yml` in this directory and use the prebuilt images.
To give WireGuard a spin, the [official quick start](https://www.wireguard.io/quickstart/) is a good way to get going. For containers,
WireGuard has a [network namespace integration](https://www.wireguard.io/netns/) that we could use for Moby's containers.
To give WireGuard a spin, the [official quick start](https://www.wireguard.com/quickstart/) is a good way to get going. For containers,
WireGuard has a [network namespace integration](https://www.wireguard.com/netns/) that we could use for Moby's containers.
## Roadmap

13611
projects/wireguard/kernel/patches-4.9.x/WireGuard.patch
View File

File diff suppressed because it is too large Load Diff