Skip to content

Latest commit

 

History

History
126 lines (97 loc) · 3.95 KB

README.md

File metadata and controls

126 lines (97 loc) · 3.95 KB

Nimbus VPN provides a robust and secure way to establish VPN connections. It is compatible with both macOS and Linux. The project employs the Diffie-Hellman key exchange algorithm for secure key generation and uses the ChaCha20-Poly1305 algorithm for authenticated encryption, ensuring that data remains confidential and tamper-proof.

Features

  • Secure Key Exchange: Uses the Diffie-Hellman algorithm to securely establish shared secret keys between the client and server.
  • Authenticated Encryption: Implements the ChaCha20-Poly1305 algorithm to encrypt and authenticate data, ensuring both confidentiality and integrity.
  • TUN Device Management: Handles the creation, configuration, and operation of TUN devices for secure network tunneling.
  • Cross-Platform Support: Compatible with macOS and Linux, with platform-specific optimizations.
  • Graceful Shutdown: Handles system signals for clean and safe shutdown of both client and server applications.
  • User-Friendly CLI: Provides an intuitive command-line interface for easy configuration and management.

Architecture

Components

Component File Purpose
Command-Line Interface (CLI) cli.rs Parses command-line arguments to determine the mode (client or server) and configuration options.
Main Entry Point main.rs Initializes the VPN in either client or server mode based on parsed CLI arguments.
Communication Handling comm.rs Implements core communication logic for both client and server sides.
Device Management dev.rs Manages client and server states, key management, and message processing.
TUN Device Handling tun.rs Manages TUN device creation, configuration, and I/O operations.
Cryptographic Operations crypto.rs Handles cryptographic operations for key exchanges.
Error Handling error.rs Defines various error types for comprehensive error handling.

Workflow

  1. Initialization

    • Parse command-line arguments to determine mode (client or server).
    • Initialize necessary components based on mode.
  2. Server Operations

    • Bind to the specified address and port.
    • Enable IP forwarding.
    • Set up a TUN device.
    • Enter event loop to handle incoming connections and data.
  3. Client Operations

    • Bind to the local address and port.
    • Set up a TUN device.
    • Initiate a handshake with the server to establish a secure connection.
    • Configure the default gateway to route traffic through the VPN.
    • Enter event loop to handle data transmission.
  4. Key Exchange and Data Transmission

    • Perform a Diffie-Hellman key exchange to establish a shared secret key.
    • Encrypt and decrypt messages exchanged between client and server.
    • Transmit data through the established VPN tunnel.
  5. Graceful Shutdown

    • Monitor for Ctrl-C signals.

Getting Started

Prerequisites

  • Rust (latest stable version)

Installation

Clone the repository:

git clone https://github.com/Khadka-Bishal/nimbus-vpn.git
cd nimbus-vpn

Build the project:

cargo build --release

Usage

Starting the Server

./target/release/nimbus-vpn server --port 8080 --key "your_server_private_key"

Starting the Client

./target/release/nimbus-vpn client --address "server_address" --port 8080 --key "your_client_private_key" --local-port 8081

License

This project is licensed under the MIT License. See the LICENSE file for more details.