diff options
Diffstat (limited to 'src/uapi/wireguard.h')
| -rw-r--r-- | src/uapi/wireguard.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/uapi/wireguard.h b/src/uapi/wireguard.h index bcfcf4f..8b60ad1 100644 --- a/src/uapi/wireguard.h +++ b/src/uapi/wireguard.h @@ -30,6 +30,9 @@ * socket. The caller must have CAP_NET_ADMIN in the namespace of the Wireguard * device. * + * If the caller is not in the transit namespace and does not have CAP_NET_ADMIN + * in the transit namespace, then the WGDEVICE_A_LISTEN_PORT is not returned. + * * The kernel will then return several messages (NLM_F_MULTI) containing the * following tree of nested items: * @@ -92,6 +95,10 @@ * of the netlink socket. The caller must have CAP_NET_ADMIN in the namespace of * the Wireguard device. * + * If WGDEVICE_A_LISTEN_PORT is provided and the calling process is not in the + * transit namespace, then the calling process must have CAP_NET_ADMIN the + * transit namespace. + * * WGDEVICE_A_IFINDEX: NLA_U32 * WGDEVICE_A_IFNAME: NLA_NUL_STRING, maxlen IFNAMESIZ - 1 * WGDEVICE_A_FLAGS: NLA_U32, 0 or WGDEVICE_F_REPLACE_PEERS if all current |