Crates.io | roameo |
lib.rs | roameo |
version | 0.2.1 |
source | src |
created_at | 2022-05-27 23:27:58.242188 |
updated_at | 2023-10-31 00:51:19.728056 |
description | Test state of current network interfaces against command line options. |
homepage | |
repository | |
max_upload_size | |
id | 595377 |
size | 63,247 |
This small Rust project is a wrapper around a few ioctls and similar to make it easier to test for certain platform state quickly and easily. Examples include being able to test whether we're currently connected to a specific Wi-Fi SSID.
It is intended for use in cases such as ssh_config(5)
's Match exec
clause,
which would allow different OpenSSH client configurations, depending on which
wireless network we're currently connected to. For example, using the
ProxyJump
configuration option to go through a jump host when on a network
other than the corporate/office network.
This could be done with a few lines of shell script wrapped around command line tools, but I was looking for an excuse to write some Rust code, and going direct with ioctls is less likely to break.
Linux is my primary operating system and is the best supported. I do also run and test this code on MacOS, OpenBSD and FreeBSD too, but some of the functionality (ESSID matching for example) are lagging behind a little.
The intent is to support anything Unix-like pretty-well equally.
Here's an example ssh_config(5)
configuration fragment to illustrate how this code might be used:
Match host 10.0.0.? !exec "roameo -e CorporateWiFi"
ProxyJump me@jumphost.corp.net:2222
ForwardAgent yes
DynamicForward 3128
This hypothetical example:
Match exec
with roameo to match the case where we are not on the Wi-Fi network called CorporateWiFi -- presumably our hypothetical corporate network Wi-Fi network ESSID.Essentially, this gives us specific SSH client configuration for the case where we're trying to access corporate resources, but from a network other than the corporate network.
The example then goes on to set a jump host, agent forwarding and SOCKS5 proxy tunnelling automatically. Whereas when we're on the corporate network, these would not necessarily apply.
The initial version only supports matching against an ESSID or a specific source IP address. Functionality planned but not yet implemented includes:
Comments and pull requests welcome.