mirror
/
wg-easy
mirror of https://github.com/wg-easy/wg-easy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add advanced security support

pull/1503/head
kolsys 6 months ago
parent
6c752941f3
commit
3eabe9922d
2 changed files with 40 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      src/config.js
  2. 30
      src/lib/WireGuard.js

11
src/config.js
View File

@ -37,6 +37,17 @@ iptables -D INPUT -p udp -m udp --dport ${module.exports.WG_PORT} -j ACCEPT;
iptables -D FORWARD -i wg0 -j ACCEPT;
iptables -D FORWARD -o wg0 -j ACCEPT;
`.split('\n').join(' ');
// Advanced security settings
module.exports.WG_ASC_JC = process.env.WG_ASC_JC;
module.exports.WG_ASC_JMIN = process.env.WG_ASC_JMIN
module.exports.WG_ASC_JMAX = process.env.WG_ASC_JMAX
module.exports.WG_ASC_S1 = process.env.WG_ASC_S1;
module.exports.WG_ASC_S2 = process.env.WG_ASC_S2;
module.exports.WG_ASC_H1 = process.env.WG_ASC_H1;
module.exports.WG_ASC_H2 = process.env.WG_ASC_H2;
module.exports.WG_ASC_H3 = process.env.WG_ASC_H3;
module.exports.WG_ASC_H4 = process.env.WG_ASC_H4;
module.exports.LANG = process.env.LANG || 'en';
module.exports.UI_TRAFFIC_STATS = process.env.UI_TRAFFIC_STATS || 'false';
module.exports.UI_CHART_TYPE = process.env.UI_CHART_TYPE || 0;

30
src/lib/WireGuard.js
View File

@ -26,6 +26,9 @@ const {
WG_POST_DOWN,
WG_ENABLE_EXPIRES_TIME,
WG_ENABLE_ONE_TIME_LINKS,
WG_ASC_JC, WG_ASC_JMIN, WG_ASC_JMAX,
WG_ASC_S1, WG_ASC_S2,
WG_ASC_H1, WG_ASC_H2, WG_ASC_H3, WG_ASC_H4,
} = require('../config');
module.exports = class WireGuard {
@ -110,6 +113,21 @@ PostUp = ${WG_POST_UP}
PreDown = ${WG_PRE_DOWN}
PostDown = ${WG_POST_DOWN}
`;
// Has advanced security config
if (WG_ASC_JC) {
result += `
# Advance security
Jc = ${WG_ASC_JC}
Jmin = ${WG_ASC_JMIN}
Jmax = ${WG_ASC_JMAX}
S1 = ${WG_ASC_S1}
S2 = ${WG_ASC_S2}
H1 = ${WG_ASC_H1}
H2 = ${WG_ASC_H2}
H3 = ${WG_ASC_H3}
H4 = ${WG_ASC_H4}
`;
}
for (const [clientId, client] of Object.entries(config.clients)) {
if (!client.enabled) continue;
@ -211,13 +229,23 @@ ${client.preSharedKey ? `PresharedKey = ${client.preSharedKey}\n` : ''
async getClientConfiguration({ clientId }) {
const config = await this.getConfig();
const client = await this.getClient({ clientId });
const asc = WG_ASC_JC ? `
Jc = ${WG_ASC_JC}
Jmin = ${WG_ASC_JMIN}
Jmax = ${WG_ASC_JMAX}
S1 = ${WG_ASC_S1}
S2 = ${WG_ASC_S2}
H1 = ${WG_ASC_H1}
H2 = ${WG_ASC_H2}
H3 = ${WG_ASC_H3}
H4 = ${WG_ASC_H4}` : '';
return `
[Interface]
PrivateKey = ${client.privateKey ? `${client.privateKey}` : 'REPLACE_ME'}
Address = ${client.address}/24
${WG_DEFAULT_DNS ? `DNS = ${WG_DEFAULT_DNS}\n` : ''}\
${WG_MTU ? `MTU = ${WG_MTU}\n` : ''}\
${asc}
[Peer]
PublicKey = ${config.server.publicKey}

Write Preview
Loading…
Cancel
Save