| |
| ▲ | throwaway894345 an hour ago | parent [-] | | Correct me if I’m wrong, but if you use LD_PRELOAD, presumably it will not work for applications that circumvent libc, such as Go binaries (at least those with CGo disabled)? | | |
| ▲ | turblety an hour ago | parent [-] | | Yeah you are right. Can you think of any way we could capture that traffic too? | | |
| ▲ | yjftsjthsd-h 37 minutes ago | parent | next [-] | | Can you use user namespaces to create a network namespace with the VPN active and stick applications in that namespace? From a quick search, https://blog.thea.codes/nordvpn-wireguard-namespaces/ sees to have at least the bones of a decent solution, though I've not had a chance to dig very far. A lot of results use root to set up the namespace, but I was pretty sure that shouldn't be needed with a new kernel and user namespaces enabled | |
| ▲ | throwaway894345 41 minutes ago | parent | prev [-] | | I have no idea. I’ve never messed with it, but maybe something like eBPF to intercept network syscalls? Not sure if that’s a thing—especially without root access? Mostly I was just thinking the project page could use a disclaimer since, in Go, it is common to bypass libc. :shrug: This seems like a very cool, useful project though! |
|
|
|
