feat(rust-server, rust-client, ts-interfaces): add configurable packet forwarding with TUN and userspace NAT modes

rust/src/wireguard.rs

@@ -1,5 +1,5 @@
 use std::collections::HashMap;
-use std::net::{IpAddr, Ipv4Addr, Ipv6Addr, SocketAddr};
+use std::net::{IpAddr, Ipv4Addr, SocketAddr};
 use std::sync::atomic::{AtomicU32, Ordering};
 use std::sync::Arc;
 use std::time::Instant;
@@ -18,6 +18,7 @@ use tokio::sync::{mpsc, oneshot, RwLock};
 use tracing::{debug, error, info, warn};
 
 use crate::network;
+use crate::tunnel::extract_dst_ip;
 use crate::tunnel::{self, TunConfig};
 
 // ============================================================================
@@ -228,26 +229,6 @@ impl AllowedIp {
     }
 }
 
-/// Extract destination IP from an IP packet header.
-fn extract_dst_ip(packet: &[u8]) -> Option<IpAddr> {
-    if packet.is_empty() {
-        return None;
-    }
-    let version = packet[0] >> 4;
-    match version {
-        4 if packet.len() >= 20 => {
-            let dst = Ipv4Addr::new(packet[16], packet[17], packet[18], packet[19]);
-            Some(IpAddr::V4(dst))
-        }
-        6 if packet.len() >= 40 => {
-            let mut octets = [0u8; 16];
-            octets.copy_from_slice(&packet[24..40]);
-            Some(IpAddr::V6(Ipv6Addr::from(octets)))
-        }
-        _ => None,
-    }
-}
-
 // ============================================================================
 // Dynamic peer management commands
 // ============================================================================
@@ -1096,6 +1077,7 @@ fn chrono_now() -> String {
 #[cfg(test)]
 mod tests {
     use super::*;
+    use std::net::Ipv6Addr;
 
     #[test]
     fn test_generate_wg_keypair() {