Zvinoita sekudaro zvinhu zviri kufamba mushe mukati meiyo WireGuard chirongwa, saJason A. Donenfeld, munyori weVPN WireGuard, yakaratidza iyo WireGuardNT chirongwa zvinova yepamusoro-inoshanda WireGuard VPN chiteshi cheWindows kernel inoenderana neWindows 7, 8, 8.1, uye 10, uye inotsigira AMD64, x86, ARM64, uye ARM zvivakwa.
Izvo zvakakosha kuti urangarire kuti mu semester yekupedzisira ye2019 zvigamba zvakagadzirwa pamwe nekuitwa kweprojekti yeVPN interface mubazi rinotevera-rinotevera, izvi nekuti vagadziri veWigeGuard vakaita kuzvipira uye vakabvuma kuendesa chikamu chekodhi kune chikuru kernel, kwete seAPI yakaparadzana, asi sechikamu cheiyo Crypto API subsystem.
Mushure meizvozvo mwedzi mishoma gare gare chirongwa chakauya kuOpenBSD shanduko yeiyo ifconfig uye tcpdump zvinoshandiswa nerutsigiro rweMagetsiGuard mashandiro, zvinyorwa uye shanduko diki kuti dzibatanidze WireGuard pamwe neese system uye mushure meizvozvo chirongwa chakatamiswa kuti chienderane neApple .
WireGuard VPN inoitwa pachishandiswa nzira dzemazuva ano dzekunyorwa, Inopa kuita kwakanyanya kwazvo, iri nyore kushandisa, isina kunetswa, uye yakazviratidza pachayo munzvimbo dzinoverengeka dzakakura dzinobata huwandu hwakawanda hwetraffic.
Iyo purojekiti yave ichivandudza kubvira 2015, yakapfuudza kuongororwa kwepamutemo uye kuongororwa kwenzira dzekunyora dzinoshandiswa. WireGuard inoshandisa iyo pfungwa yekunyorera kiyi nzira, iyo inosanganisira kusungira yakavanzika kiyi kune yega network network uye kushandisa kiyi yeruzhinji kusunga.
Kuchinjaniswa kwemakiyi eruzhinji kumisikidza kubatana kunoitwa nekufananidza neSSH. Kutaurirana makiyi uye kubatana pasina kumhanya kwakasiyana daemon munzvimbo yemushandisi, iyo Noise_IK mashandiro eNoise Protocol Sisitimu inoshandiswa, yakafanana nekuchengetedza mvumo_kiyi muSSH. Kutapurirana kwedata kunoitwa nekuvhara mukati meDP mapaketi. Inotsigira inoshandura VPN server IP kero (kutenderera) isina kutyora kubatana ne otomatiki mutengi kugadzirisazve.
Encryption inoshandisa ChaCha20 rwizi kunyorera uye Poly1305 meseji yekusimbisa algorithm (MAC). ChaCha20 nePoly1305 zvakaiswa seanokurumidza uye akachengeteka zvakaenzana kune AES-256-CTR uye HMAC, iyo software yekushandisa inobvumidza iwe kuwana yakatarwa nguva yekumhanya usingashandisi yakakosha Hardware rutsigiro.
Saka zvino chirongwa chinosvika sechiteshi cheWindows , que inovaka pane yakaedzwa kodhi base yeiyo yepakati WireGuard kuitiswa kweiyo linux kernel, iyo yakashandurwa kuti ishandise maWindows kernel entities uye iyo NDIS network network.
Mushure memwedzi yakawanda yekushanda, ini naSimon tinofara kuzivisa iyo WireGuardNT chirongwa, chizvarwa cheWigerGuard chiteshi cheWindows kernel.
WireGuardNT, yakatanga sechiteshi cheLinux code base… Mushure mekuedza kwekutanga kwekubatika kwakave nekubudirira, iyo NT kodhi base yakachinjika kuti ikwane zvakanaka nevakazvarwa NTisms uye NDIS (Windows networking stack) APIs. Mhedzisiro mhedzisiro kubatanidzwa kwakadzika, kuita-kwepamusoro kuita kweWigeGuard, iyo inoshandisa iko kuzere kwakazara huwandu hwekugona kweiyo NT kernel uye NDIS.
Inofananidzwa neye wireguard-go kuitisa iyo inomhanya munzvimbo yemushandisi uye inoshandisa iyo Wintun network interface, WireGuardNT ine inokosha yekuvandudza mashandiro nekubvisa mamiriro ekuchinja mashandiro uye teedzera zvirimo mupakeji kubva kune kernel kuenda kunzvimbo yemushandisi.
Nekufananidza neWireGuardNT kuitiswa kweLinux, OpenBSD, uye FreeBSD, ese protocol ekugadzirisa mafungiro anoshanda akananga padanho reneti stack.
Kunyangwe pasina kugadziridza chaiko kwakaitwa parizvino, WireGuardNT yatowana mukana wepamusoro wekutamisa data we7,5 Gbps munzvimbo yedu yekuyedza neEthernet.
Mune chaiwo masisitimu evashandisi ane Wi-Fi, mashandiro acho anooneka akaderera, asi kwete zvakasiyana zvakanyanya kubva kunanga kudhinda data. Semuenzaniso, pane sisitimu ine Intel AC9560 isina waya kadhi, mashandiro asina WireGuard aive 600 Mbps uye neWireGuardNT yaive zvakare 600 Mbps, nepo kana uchishandisa waya waya-go / Wintun yaive 95 Mbps.
mabviro: https://lists.zx2c4.com/