summaryrefslogtreecommitdiffhomepage
path: root/mullvad-cli
diff options
context:
space:
mode:
Diffstat (limited to 'mullvad-cli')
-rw-r--r--mullvad-cli/Cargo.toml1
-rw-r--r--mullvad-cli/src/cmds/mod.rs1
-rw-r--r--mullvad-cli/src/cmds/proxy.rs95
-rw-r--r--mullvad-cli/src/main.rs7
4 files changed, 104 insertions, 0 deletions
diff --git a/mullvad-cli/Cargo.toml b/mullvad-cli/Cargo.toml
index 5437b1980c..fdfa16262d 100644
--- a/mullvad-cli/Cargo.toml
+++ b/mullvad-cli/Cargo.toml
@@ -23,6 +23,7 @@ natord = "1.0.9"
itertools = "0.10"
mullvad-types = { path = "../mullvad-types", features = ["clap"] }
+mullvad-api = { path = "../mullvad-api" }
mullvad-version = { path = "../mullvad-version" }
talpid-types = { path = "../talpid-types" }
diff --git a/mullvad-cli/src/cmds/mod.rs b/mullvad-cli/src/cmds/mod.rs
index c63a981133..cf715c9e9f 100644
--- a/mullvad-cli/src/cmds/mod.rs
+++ b/mullvad-cli/src/cmds/mod.rs
@@ -10,6 +10,7 @@ pub mod dns;
pub mod lan;
pub mod lockdown;
pub mod obfuscation;
+pub mod proxy;
pub mod relay;
pub mod relay_constraints;
pub mod reset;
diff --git a/mullvad-cli/src/cmds/proxy.rs b/mullvad-cli/src/cmds/proxy.rs
new file mode 100644
index 0000000000..c12aee3683
--- /dev/null
+++ b/mullvad-cli/src/cmds/proxy.rs
@@ -0,0 +1,95 @@
+use anyhow::Result;
+use mullvad_management_interface::MullvadProxyClient;
+use std::net::IpAddr;
+
+use clap::Subcommand;
+use talpid_types::net::openvpn::SHADOWSOCKS_CIPHERS;
+
+#[derive(Subcommand, Debug)]
+pub enum Proxy {
+ /// Get current api settings
+ #[clap(subcommand)]
+ Api(ApiCommands),
+}
+
+impl Proxy {
+ pub async fn handle(self) -> Result<()> {
+ match self {
+ Proxy::Api(cmd) => match cmd {
+ ApiCommands::List => {
+ println!("Listing the API access methods: ..");
+ Self::list().await?;
+ }
+ ApiCommands::Add(cmd) => match cmd {
+ _ => println!("[NOT IMPEMENTLED YET] Adding custom proxy: {:?}", cmd),
+ },
+ },
+ };
+ Ok(())
+ }
+
+ /// Show all API access methods.
+ async fn list() -> Result<()> {
+ let mut rpc = MullvadProxyClient::new().await?;
+ println!("Calling [rpc::get_api_access_methods] ..");
+ for api_access_method in rpc.get_api_access_methods().await? {
+ println!("{:?}", api_access_method);
+ }
+ Ok(())
+ }
+}
+
+#[derive(Subcommand, Debug, Clone)]
+pub enum ApiCommands {
+ /// List the configured API proxies
+ List,
+
+ /// Add a custom API proxy
+ #[clap(subcommand)]
+ Add(AddCustomCommands),
+}
+
+#[derive(Subcommand, Debug, Clone)]
+pub enum AddCustomCommands {
+ /// Configure a local SOCKS5 proxy
+ Local {
+ /// The port that the server on localhost is listening on
+ local_port: u16,
+ /// The IP of the remote peer
+ remote_ip: IpAddr,
+ /// The port of the remote peer
+ remote_port: u16,
+ },
+
+ /// Configure a remote SOCKS5 proxy
+ Remote {
+ /// The IP of the remote proxy server
+ remote_ip: IpAddr,
+ /// The port of the remote proxy server
+ remote_port: u16,
+
+ /// Username for authentication
+ #[arg(requires = "password")]
+ username: Option<String>,
+ /// Password for authentication
+ #[arg(requires = "username")]
+ password: Option<String>,
+ },
+
+ /// Configure bundled Shadowsocks proxy
+ Shadowsocks {
+ /// The IP of the remote Shadowsocks server
+ remote_ip: IpAddr,
+ /// The port of the remote Shadowsocks server
+ #[arg(default_value = "443")]
+ remote_port: u16,
+
+ /// Password for authentication
+ #[arg(default_value = "mullvad")]
+ password: String,
+
+ /// Cipher to use
+ #[arg(value_parser = SHADOWSOCKS_CIPHERS, default_value = "aes-256-gcm")]
+ cipher: String,
+ },
+}
diff --git a/mullvad-cli/src/main.rs b/mullvad-cli/src/main.rs
index 41f1643970..057eb20dea 100644
--- a/mullvad-cli/src/main.rs
+++ b/mullvad-cli/src/main.rs
@@ -71,6 +71,12 @@ enum Cli {
#[clap(subcommand)]
Relay(relay::Relay),
+ /// Manage use of proxies (SOCKS proxies and Shadowsocks) for reaching the API.
+ /// Can make the daemon connect to the the Mullvad API via one of the
+ /// Mullvad bridge servers or a custom proxy.
+ #[clap(subcommand)]
+ Proxy(proxy::Proxy),
+
/// Manage use of obfuscation protocols for WireGuard.
/// Can make WireGuard traffic look like something else on the network.
/// Helps circumvent censorship and to establish a tunnel when on restricted networks
@@ -134,6 +140,7 @@ async fn main() -> Result<()> {
Cli::Dns(cmd) => cmd.handle().await,
Cli::Lan(cmd) => cmd.handle().await,
Cli::Obfuscation(cmd) => cmd.handle().await,
+ Cli::Proxy(cmd) => cmd.handle().await,
Cli::Version => version::print().await,
Cli::FactoryReset => reset::handle().await,
Cli::Relay(cmd) => cmd.handle().await,