amnezia-wg is quite cool and they have built the kmod too, I did some test so far they can works even in my location which block wireguard server quickly.
I would not have guessed that iOS allows enough access to APIs to implement anything vpp-based. Very cool to see. I also enjoyed working with vpp (for the brief 6 months that I had with it).
I was thinking that's hard, but I noticed that vpp get ported to FreeBSD using epoll shim library, and I learnt apple Darwin use some some userland of FreeBSD to do POSIX compatibility, then after some tests and hacking, most related to minor POSIX API adaptation such as mmap and one major coroutine need add some assembly code, and it work! But I think most disappointed to me is that apple do lack some vectorized network IO unless do some kernel extension or other sort non standard ways.
This sucks, it make me feel so silly after decide to move back to github self hosted runners just because I do not want to run act on a remote ARM64 server.
I was just using act (https://github.com/nektos/act) on my local server to build the X64 packages for my project, since I want to streamline it with ARM64 support, I migrated to the github self hosted runners.
This is really ridiculous, is M$ really lack that money just to schedule the Jobs running not in there infra?
As an engineer working on networking and fiddle with various networking OS on router and switch, I finally port my favorite fd.io vpp to darwin platform and built a app to management multiple VPN/Proxy in one profile.
Also in this project I start writing some rust code with many years experience in C but rust's memory and high performance really impressed me a lot.
Great project, I really love tree-sitter, recently I added a ini variant config profile support to my app, and just use gemini to write a grammar and combine it with another great project called runestone to support highlight the config profile, the total progress is quite smooth.
Recently my multiple VPN server nodes just randomly cannot connect to cloudflare CDN IPs, from different provider VPS, while the Host Linux network does not have the issue; vpp share the same address with Linux and use tc stateless NAT to do the trick.
I finally work around this by change the tcp options sent by vpp tcp stack.
But the whole thing made me worry there must be something deployed which cause this issue.
But I do not think that related with this network issue, it just reminds me the above, I feel there are frequently new articles about cloudflare networking, maybe new method or new deployment sort of related high probability of issues
Exit node really is a handy solution for build private vpn for sharing.
I have build a vpn called Echo VPN for apple platform which actually use tailscale open source core.
Also I think there is another benefit is that wireguard can be DPIed easily now adays, but DERP leverage HTTPS and upgrade which can do some obfuscation too
I would assume you only need to make sure that the other clients can access the UDP port, so not like public internet in the sense of 0.0.0.0/0 but just accessible by other peers, whatever their public facing IP addresses will be.
When I was port fd.io vpp to apple platform for my App, there is code that's implement coroutine in inline ASM in a C file but not in Apple supported syntax, I have succesfully use Claude web interface to get the job done (Claude code was not yet released), though as like in this article, I have strong domain specific knowledge to provide a relevant prompt to the code.
Nowadays I heavily rely Claude Code to write code, I start a task by creating a design, then I write a bunch of prompt which cover the design details and detail requirements and interaction/interface with other compoments. So far so good, it boost the productivity much.
But I am really worrying or still not be able to believe this is the new norm of coding.
reply