ESP32 Wireguard 示例:通过 Wireguard 进行 HTTP 访问 (PlatformIO)

在此示例中,我们将使用 Wireguard-ESP32-Arduino 在 ESP32 上通过 Wireguard 发出 HTTP 请求。

platformio.ini
[env:esp32-gateway]
platform = espressif32
board = esp32-gateway
framework = arduino
monitor_speed = 115200
lib_deps =
    ciniml/WireGuard-ESP32@^0.1.5
esp32_wireguard_example.cpp
#include <WiFi.h>
#include <WireGuard-ESP32.h>

// WiFi 配置 --- 为你的 WiFi AP 更新此配置
char ssid[] = "MyWifiESSID";
char password[] = "my-wifi-password";

// WireGuard 配置 --- 从 JSON 更新此配置
char private_key[] = "gH2YqDa+St6x5eFhomVQDwtV1F0YMQd3HtOElPkZgVY=";
IPAddress local_ip(10, 217, 59, 2);
char public_key[] = "X6NJW+IznvItD3B5TseUasRPjPzF0PkM5+GaLIjdBG4=";
char endpoint_address[] = "192.168.178.133"; // IP of Wireguard endpoint to connect to.
int endpoint_port = 19628;

static WireGuard wg;

void setup()
{
    Serial.begin(115200);
    Serial.println("正在连接到 AP...");
    WiFi.begin(ssid, password);
    while( !WiFi.isConnected() ) {
        delay(100);
    }
    Serial.println(WiFi.localIP());
    Serial.println("正在调整系统时间...");
    configTime(9 * 60 * 60, 0, "ntp.jst.mfeed.ad.jp", "ntp.nict.jp", "time.google.com");

    Serial.println("已连接。正在初始化 WireGuard...");
    wg.begin(
        local_ip,
        private_key,
        endpoint_address,
        public_key,
        endpoint_port);
}

void loop()
{
    WiFiClient client;

    /**
     * 连接到
     * python3 -m http.server
     */
    if( !client.connect("10.217.59.1", 8000) ) {
        Serial.println("连接失败...");
        delay(1000);
        return;
    } else { // 客户端成功连接。发送虚拟 HTTP 请求。
        client.write("GET /wireguard-test HTTP/1.1\\r\\n");
        client.write("Host: wireguard.test.com\\r\\n");
        client.write("\\r\\n\\r\\n");
    }

}

记住将 192.168.238.133 替换为你的 ESP32 应连接到的计算机的 IP 地址(即运行 WireGuard 的计算机)。你还需要输入正确的 Wifi 凭据。

在计算机上,部署此 WireGuard 配置:

wireguard_computer.ini
[Interface]
# Name = Computer
PrivateKey = ONj6Iefel47uMKtWRCSMLan2UC5eW3Fj9Gsy9bqcyEc=
Address = 10.217.59.1/24
ListenPort = 19628

[Peer]
# Name = ESP32
PublicKey = H3KaL/X94984cLDNWFsM4Hx6Rs/Ku0bW2ECkDUn7wFw=
AllowedIPs = 10.217.59.2/32
PersistentKeepalive = 60

由以下 GuardMyWire 配置自动生成:

guardmywire_config.json
{
    "rules": {
        "Node": {
            "connect_to": ["*"],
            "keepalive": 60
        }
    },
    "peers": [
        {
            "name": "Computer",
            "endpoint": "192.168.178.233:19628",
            "addresses": [
                "10.217.59.1/24"
            ],
            "type": "Node",
            "interface_name": "wg0"
        }, {
            "name": "ESP32",
            "addresses": [
                "10.217.59.2/24"
            ],
            "type": "Node",
            "interface_name": "wg0"
        }
    ]
}

启用此配置并使用以下命令启动 Python HTTP 服务器以接收请求

run_http_server.sh
python3 -m http.server

现在将固件刷写到 ESP32 上。

使用 wg show 你应该看到 ESP 连接:

wg_show_output.txt
interface: Computer
  public key: X6NJW+IznvItD3B5TseUasRPjPzF0PkM5+GaLIjdBG4=
  private key: (hidden)
  listening port: 19628

peer: H3KaL/X94984cLDNWFsM4Hx6Rs/Ku0bW2ECkDUn7wFw=
  endpoint: 10.9.1.108:19628
  allowed ips: 10.217.59.2/32
  latest handshake: 5 seconds ago
  transfer: 11.71 MiB received, 10.43 MiB sent
  persistent keepalive: every 1 minute

查找

wg_latest_handshake.txt
latest handshake: 5 seconds ago

行。

在运行 python3 -m http.server 的 shell 上,你应该看到虚拟 HTTP 请求:

http_server_requests.txt
10.217.59.2 - - [31/Dec/2021 02:36:48] "GET /wireguard-test HTTP/1.1" 404 -
10.217.59.2 - - [31/Dec/2021 02:36:48] code 404, message File not found
10.217.59.2 - - [31/Dec/2021 02:36:48] "GET /wireguard-test HTTP/1.1" 404 -
10.217.59.2 - - [31/Dec/2021 02:36:48] code 404, message File not found
10.217.59.2 - - [31/Dec/2021 02:36:48] "GET /wireguard-test HTTP/1.1" 404 -
10.217.59.2 - - [31/Dec/2021 02:36:48] code 404, message File not found

Check out similar posts by category: ESP8266/ESP32, PlatformIO, Wireguard