tsnet: expose field to configure Wireguard port

Signed-off-by: Tom DNetto <[email protected]>
Updates tailscale#1748

Author: Tom DNetto

cmd/sniproxy/sniproxy.go

@@ -26,6 +26,7 @@ import (
 
 var (
 	ports        = flag.String("ports", "443", "comma-separated list of ports to proxy")
+	wgPort       = flag.Int("wg-listen-port", 0, "UDP port to listen on for WireGuard and peer-to-peer traffic; 0 means automatically select")
 	promoteHTTPS = flag.Bool("promote-https", true, "promote HTTP to HTTPS")
 )
 
@@ -40,6 +41,7 @@ func main() {
 	hostinfo.SetApp("sniproxy")
 
 	var s server
+	s.ts.Port = uint16(*wgPort)
 	defer s.ts.Close()
 
 	lc, err := s.ts.LocalClient()

tsnet/tsnet.go

@@ -61,7 +61,7 @@ func inTest() bool { return flag.Lookup("test.v") != nil }
 
 // Server is an embedded Tailscale server.
 //
-// Its exported fields may be changed until the first call to Listen.
+// Its exported fields may be changed until the first method call.
 type Server struct {
 	// Dir specifies the name of the directory to use for
 	// state. If empty, a directory is selected automatically
@@ -108,6 +108,11 @@ type Server struct {
 	// If empty, the Tailscale default is used.
 	ControlURL string
 
+	// Port is the UDP port to listen on for WireGuard and peer-to-peer
+	// traffic. If zero, a port is automatically selected. Leave this
+	// field at zero unless you know what you are doing.
+	Port uint16
+
 	getCertForTesting func(*tls.ClientHelloInfo) (*tls.Certificate, error)
 
 	initOnce         sync.Once
@@ -502,7 +507,7 @@ func (s *Server) start() (reterr error) {
 	sys := new(tsd.System)
 	s.dialer = &tsdial.Dialer{Logf: logf} // mutated below (before used)
 	eng, err := wgengine.NewUserspaceEngine(logf, wgengine.Config{
-		ListenPort:   0,
+		ListenPort:   s.Port,
 		NetMon:       s.netMon,
 		Dialer:       s.dialer,
 		SetSubsystem: sys.Set,