commit fb74e86d44edb8703d6a8f2688b2ced8a3646800
Author: Roy Olav Purser <admin@royolav.net>
Date:   Wed Feb 24 09:13:25 2021 +0100

    first commit

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..36f971e
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+bin/*
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..5b60d07
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,11 @@
+CFLAGS = -std=gnu99 -pie -fPIC -pedantic -Wno-imports -Wunused -Wno-missing-field-initializers -Wextra -Wunreachable-code -O3
+
+all: wireguard-mount wireguard-resolve
+
+wireguard-mount: mount-daemon/wireguard-mount.c
+	mkdir -p bin
+	gcc $(CFLAGS) -o bin/wireguard-mount mount-daemon/wireguard-mount.c
+
+wireguard-resolve: resolver/resolve.c resolver/resolve.s
+	mkdir -p bin
+	gcc -shared -o bin/wireguard-resolve.so -nostdlib -fPIC resolver/resolve.c resolver/resolve.s
diff --git a/mount-daemon/wireguard-mount.c b/mount-daemon/wireguard-mount.c
new file mode 100644
index 0000000..a82bbc7
--- /dev/null
+++ b/mount-daemon/wireguard-mount.c
@@ -0,0 +1,18 @@
+#include <sys/mount.h>
+#include <unistd.h>
+#include <stdio.h>
+
+int main() {
+    char mount_path[32] = {0};
+    snprintf(mount_path, sizeof(mount_path), "/proc/%d/ns", getpid());
+
+    int err = mount(mount_path, "/run/vpn", NULL, MS_BIND, NULL);
+    if(err) {
+        perror("Error");
+        return 1;
+    }
+    while(1) {
+        sleep(10);
+    }
+    return 1;
+}
diff --git a/resolver/resolve.c b/resolver/resolve.c
new file mode 100644
index 0000000..33bab69
--- /dev/null
+++ b/resolver/resolve.c
@@ -0,0 +1,27 @@
+extern int override_open(char *path, int flags);
+extern int override_close(int fd);
+extern int override_socket(int domain, int type, int protocol);
+extern int override_setns(int fd, int nstype);
+
+int socket(int domain, int type, int protocol) {
+    if(domain > 15) {
+        return override_socket(domain, type, protocol);
+    }
+    int fda = override_open("/proc/1/ns/net", 0);
+    int fdb = override_open("/run/netns/vpn", 0);
+    int retval = 0;
+
+    if(fda > 0) {
+        override_setns(fda, 0);
+        override_close(fda);
+    }
+
+    retval = override_socket(domain, type, protocol);
+
+    if(fdb > 0) {
+        override_setns(fdb, 0);
+        override_close(fdb);
+    }
+
+    return retval;
+}
diff --git a/resolver/resolve.s b/resolver/resolve.s
new file mode 100644
index 0000000..d07c96a
--- /dev/null
+++ b/resolver/resolve.s
@@ -0,0 +1,24 @@
+.globl override_open
+.globl override_close
+.globl override_socket
+.globl override_setns
+
+override_open:
+    movq $2, %rax
+    syscall
+    retq
+
+override_close:
+    movq $3, %rax
+    syscall
+    retq
+
+override_socket:
+    movq $41, %rax
+    syscall
+    retq
+
+override_setns:
+    movq $308, %rax
+    syscall
+    retq