aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/tools (follow)
Commit message (Collapse)AuthorAgeFilesLines
* tools: remove double include in ipcJason A. Donenfeld2017-06-291-1/+0
|
* wg-quick: use printf -v instead of namerefs for bash 4.2Jason A. Donenfeld2017-06-281-3/+2
| | | | I'm not happy about this.
* wg-quick: properly match IPv6 endpointJason A. Donenfeld2017-06-241-1/+1
|
* tools: use proper __linux__ ifdefJason A. Donenfeld2017-06-121-1/+1
|
* wg-quick: match ipv6 default route more broadlyJason A. Donenfeld2017-06-121-1/+1
|
* wg-quick: make sure we have empty table for both v6 and v4Jason A. Donenfeld2017-06-111-1/+3
| | | | | | | Otherwise, we wind up not doing the right thing in the v6-only case, or doing something totally borked when v4 and v6 are filled unevenly. Reported-by: Roelf Wichertjes <contact@roelf.org>
* tools: allow creating device with no peersJason A. Donenfeld2017-05-311-4/+0
|
* man: update wg-quick(8) to show Debian resolvconf braindamageJason A. Donenfeld2017-05-301-2/+2
| | | | | | | | | | | | | | | | | | | | While OpenResolv supports explicit ordering directives such as `-m` and exclusivity directives such as `-x`, Debian's own resolvconf supports none of this, instead using a hard coded list of interface name templates for determining ordering. While trying to emulate `-x` is difficult [*], we can at least try to mostly emulate `-m 0` by masquerading as a `tun*` interface to resolvconf. Ugly, but it works. [*] One heavy handed way of emulating `-x` would be something like: # echo nameserver 8.8.8.8 > /etc/resolv.conf.wg0-exclusive # mount --bind -o ro /etc/resolv.conf.wg0-exclusive /etc/resolv.conf # rm -f /etc/resolv.conf.wg0-exclusive This in practice works quite well, but is a bit heavy to put in a man page. It also doesn't "stack" well. For example, if we simply run `umount /etc/resolv.conf`, how do we know which resolv.conf entry we're unmounting?
* wg-quick: use src routing for default routes in v6Jason A. Donenfeld2017-05-181-3/+11
| | | | | Otherwise, traffic is sent with the IP address of a different interface, and then packets don't actually get delivered.
* man: fix psk mention in wg-quick man pageJason A. Donenfeld2017-05-181-2/+2
|
* tools: opt-in globally to GNU-isms to keep the BSDs happyJason A. Donenfeld2017-05-172-2/+1
|
* tools: support text-based ipcJason A. Donenfeld2017-05-178-131/+321
|
* tools: check for proto error on set tooJason A. Donenfeld2017-05-171-3/+4
|
* tools: stricter key file readingJason A. Donenfeld2017-05-171-31/+40
|
* noise: redesign preshared key modeJason A. Donenfeld2017-05-176-49/+52
|
* tools: wg-quick: auto MTU discoveryJason A. Donenfeld2017-05-172-1/+28
|
* tools: retry name resolution on temporary failureJason A. Donenfeld2017-05-171-1/+10
| | | | This should solve many problems at init time.
* tools: no hyphen in preshared, to keep uniformityJason A. Donenfeld2017-04-203-3/+3
|
* tools: argc is always 1Jason A. Donenfeld2017-04-191-1/+1
|
* tools: check for malloc failureJason A. Donenfeld2017-04-191-0/+4
|
* tools: side channel resistant base64Jason A. Donenfeld2017-04-199-259/+86
|
* tools: do not use addrconfig with port in gaiJason A. Donenfeld2017-03-281-1/+1
|
* uapi: add version magicJason A. Donenfeld2017-03-242-8/+27
|
* wg-quick: various cleanupsJason A. Donenfeld2017-03-241-5/+6
|
* tools: document # comments in wg(8) man pageJason A. Donenfeld2017-03-241-1/+3
|
* tools: wg-quick: support old ip(8)Pim van Pelt2017-03-191-4/+8
| | | | | Old versions of ip(8) do not accept arguments to `ip rule show.` This patch works around that limitation.
* tools: fix bash completion spacesJason A. Donenfeld2017-02-232-5/+13
|
* tools: add wg show [interface] dumpJason A. Donenfeld2017-02-233-5/+51
|
* tools: give "off" value for fwmarkJason A. Donenfeld2017-02-234-5/+19
|
* wg-quick: allow config files without trailing newlineJason A. Donenfeld2017-02-231-1/+1
|
* wg-quick: unquote fwmark for bash 4.3Jason A. Donenfeld2017-02-141-1/+1
|
* tools: wg-quick: set LC_ALL for consistent regexJason A. Donenfeld2017-02-131-0/+1
|
* socket: enable setting of fwmarkJason A. Donenfeld2017-02-137-22/+67
|
* socket: general ephemeral ports instead of name-based portsJason A. Donenfeld2017-02-131-3/+3
|
* tools: wg-quick: support v6 dual stackJason A. Donenfeld2017-02-131-7/+18
|
* tools: remove key for any empty fileJason A. Donenfeld2017-02-072-25/+18
| | | | | Rather than just using /dev/null to mean key removal, match on any empty file, so that this interface is cross platform.
* tools: setconf should remove existing pskJason A. Donenfeld2017-02-071-0/+3
|
* tools: wg-quick: recommend using resolvconf in exclusive modeJason A. Donenfeld2017-01-191-1/+1
|
* tools: man: recommend correct portJason A. Donenfeld2017-01-152-2/+2
|
* tools: wg-quick: parse IPv6 endpoints correctlyJason A. Donenfeld2017-01-151-1/+1
|
* tools: wg-quick: better removal of suppress_prefix ruleJason A. Donenfeld2017-01-111-1/+1
|
* Update copyrightJason A. Donenfeld2017-01-1018-18/+18
|
* uapi: use sockaddr union instead of sockaddr_storageJason A. Donenfeld2017-01-103-17/+17
|
* uapi: use flag instead of C bitfield for portabilityJason A. Donenfeld2017-01-101-8/+9
|
* tools: ipc: read from socket incrementallyJason A. Donenfeld2017-01-102-43/+49
|
* tools: error on short ret readsJason A. Donenfeld2017-01-101-0/+4
|
* tools: wg-quick: enforce good permissionsJason A. Donenfeld2017-01-092-1/+3
|
* tools: add installation note for distrosJason A. Donenfeld2017-01-051-0/+5
|
* tools: remove DESTDIR for autodetectionChristian Hesse2017-01-051-3/+3
| | | | | | | DESTDIR is always empty, no need to check anything there. Check the main system instead. Signed-off-by: Christian Hesse <mail@eworm.de>
* tools: add systemd unit and auto-detectionJason A. Donenfeld2017-01-053-11/+66
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.