defguard_wireguard_rs is a multi-platform Rust library providing a unified high-level API for managing WireGuard interfaces using native OS kernel and userspace WireGuard protocol implementations. It can be used to create your own WireGuard:tm: VPN servers or clients for secure and private networking.
It was developed as part of defguard security platform and used in the gateway/server as well as desktop client.
- Native OS Kernel: Linux, FreeBSD (and pfSense/OPNSense), NetBSD, Windows
- Userspace: Linux, macOS, FreeBSD, NetBSD
- Peer routing - see WGApi docs.
- Configuring DNS resolver - see WGApi docs.
- On FreeBSD network interfaces are managed using ioctl.
- On Linux, handle network routing using netlink.
- fwmark handling
Please note that WireGuard needs to be installed on Windows with commands wg and wireguard available to be called from the command line.
- Client: https://github.com/DefGuard/wireguard-rs/blob/main/examples/client.rs
- Server: https://github.com/DefGuard/wireguard-rs/blob/main/examples/server.rs
See the documentation for more information.
Find us on Matrix: #defguard:teonite.com
Please review the Contributing guide for information on how to get started contributing to the project. You might also find our environment setup guide handy.
WireGuard® is registered trademarks of Jason A. Donenfeld.