Add support for UDP proxying

[VastBlast]

This PR adds support for a proxying a UDP server through Wireguard. It can listen on IPv4 while tunneling to an IPv6 address or vice versa.

When sending, it goes through BindAddress -> Wireguard -> Target and the opposite when receiving.

For example, if you wanted to proxy Cloudflare's DNS server, an example config would be:

[Interface]
...

[Peer]
...

[UDPProxyTunnel]
BindAddress = 127.0.0.1:53

#Target = [2606:4700:4700::1111]:53
Target = 1.1.1.1:53

# If its set to 0, it will never timeout
InactivityTimeout = 30

[ghost]

To comply with current architecture this also needs a landlock config rules section
https://github.com/pufferffish/wireproxy/blob/d7106831812f3b69d827148ddfb06a9a48e6c8ad/cmd/wireproxy/main.go#L133-L153

[VastBlast]

To comply with current architecture this also needs a landlock config rules section

https://github.com/pufferffish/wireproxy/blob/d7106831812f3b69d827148ddfb06a9a48e6c8ad/cmd/wireproxy/main.go#L133-L153

I looked into this but there seems to be no specific method for restricting UDP bindings/connects similar to TCP. As of right now go-landlock only has TCP.

[ghost]

Ah sorry I thought this already hit kernel, it appears it did not.

https://lore.kernel.org/all/20240916122230.114800-1-matthieu@buffet.re/
landlock-lsm/linux#10

Latest dec 24th
https://lwn.net/Articles/1002224/

There was plans to follow up in landlock with udp support.

[Neustradamus]

@0xThiebaut: What do you think?

Linked to:

• UDP Support #30
• Add UDP support #51

[ChaosEternal]

may I ask what is preventing this pr being merged?

[Neustradamus]

@VastBlast: Why have you closed your PR?

[Neustradamus]

@whyvl: Have you seen this @VastBlast PR?