4 files changed, 35 insertions, 12 deletions

diff --git a/src/wireguard/router/device.rs b/src/wireguard/router/device.rs
index b3f1787..04b2045 100644
--- a/src/wireguard/router/device.rs
+++ b/src/wireguard/router/device.rs
@@ -147,6 +147,12 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Device<E, C,
     /// - msg: IP packet to crypt-key route
     ///
     pub fn send(&self, msg: Vec<u8>) -> Result<(), RouterError> {
+        debug_assert!(msg.len() > SIZE_MESSAGE_PREFIX);
+        log::trace!(
+            "Router, outbound packet = {}",
+            hex::encode(&msg[SIZE_MESSAGE_PREFIX..])
+        );
+
         // ignore header prefix (for in-place transport message construction)
         let packet = &msg[SIZE_MESSAGE_PREFIX..];
 
@@ -182,12 +188,20 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Device<E, C,
                 return Err(RouterError::MalformedTransportMessage);
             }
         };
+
         let header: LayoutVerified<&[u8], TransportHeader> = header;
+
         debug_assert!(
             header.f_type.get() == TYPE_TRANSPORT as u32,
             "this should be checked by the message type multiplexer"
         );
 
+        log::trace!(
+            "Router, handle transport message: (receiver = {}, counter = {})",
+            header.f_receiver,
+            header.f_counter
+        );
+
         // lookup peer based on receiver id
         let dec = self.state.recv.read();
         let dec = dec
diff --git a/src/wireguard/router/peer.rs b/src/wireguard/router/peer.rs
index 0d9b435..21b596a 100644
--- a/src/wireguard/router/peer.rs
+++ b/src/wireguard/router/peer.rs
@@ -474,7 +474,7 @@ impl<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>> Peer<E, C, T
     /// since the only way to add additional keys to the peer is by using this method
     /// and a peer can have at most 3 keys allocated in the router at any time.
     pub fn add_keypair(&self, new: KeyPair) -> Vec<u32> {
-        debug!("peer.add_keypair");
+        log::trace!("Router, add_keypair: {:?}", new);
 
         let initiator = new.initiator;
         let release = {
diff --git a/src/wireguard/router/route.rs b/src/wireguard/router/route.rs
index 94c7e23..29e7635 100644
--- a/src/wireguard/router/route.rs
+++ b/src/wireguard/router/route.rs
@@ -18,12 +18,15 @@ pub fn get_route<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>>(
 ) -> Option<Arc<PeerInner<E, C, T, B>>> {
     match packet.get(0)? >> 4 {
         VERSION_IP4 => {
-            trace!("cryptokey router, get route for IPv4 packet");
-
             // check length and cast to IPv4 header
             let (header, _): (LayoutVerified<&[u8], IPv4Header>, _) =
                 LayoutVerified::new_from_prefix(packet)?;
 
+            log::trace!(
+                "Router, get route for IPv4 destination: {:?}",
+                Ipv4Addr::from(header.f_destination)
+            );
+
             // check IPv4 source address
             device
                 .ipv4
@@ -32,12 +35,15 @@ pub fn get_route<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>>(
                 .and_then(|(_, _, p)| Some(p.clone()))
         }
         VERSION_IP6 => {
-            trace!("cryptokey router, get route for IPv6 packet");
-
             // check length and cast to IPv6 header
             let (header, _): (LayoutVerified<&[u8], IPv6Header>, _) =
                 LayoutVerified::new_from_prefix(packet)?;
 
+            log::trace!(
+                "Router, get route for IPv6 destination: {:?}",
+                Ipv6Addr::from(header.f_destination)
+            );
+
             // check IPv6 source address
             device
                 .ipv6
@@ -57,12 +63,15 @@ pub fn check_route<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>
 ) -> Option<usize> {
     match packet.get(0)? >> 4 {
         VERSION_IP4 => {
-            trace!("cryptokey route, check route for IPv4 packet");
-
             // check length and cast to IPv4 header
             let (header, _): (LayoutVerified<&[u8], IPv4Header>, _) =
                 LayoutVerified::new_from_prefix(packet)?;
 
+            log::trace!(
+                "Router, check route for IPv4 source: {:?}",
+                Ipv4Addr::from(header.f_source)
+            );
+
             // check IPv4 source address
             device
                 .ipv4
@@ -77,12 +86,15 @@ pub fn check_route<E: Endpoint, C: Callbacks, T: tun::Writer, B: bind::Writer<E>
                 })
         }
         VERSION_IP6 => {
-            trace!("cryptokey route, check route for IPv6 packet");
-
             // check length and cast to IPv6 header
             let (header, _): (LayoutVerified<&[u8], IPv6Header>, _) =
                 LayoutVerified::new_from_prefix(packet)?;
 
+            log::trace!(
+                "Router, check route for IPv6 source: {:?}",
+                Ipv6Addr::from(header.f_source)
+            );
+
             // check IPv6 source address
             device
                 .ipv6
diff --git a/src/wireguard/router/workers.rs b/src/wireguard/router/workers.rs
index 5482cee..d87174f 100644
--- a/src/wireguard/router/workers.rs
+++ b/src/wireguard/router/workers.rs
@@ -24,20 +24,17 @@ use super::super::{bind, tun, Endpoint};
 
 pub const SIZE_TAG: usize = 16;
 
-#[derive(Debug)]
 pub struct JobEncryption {
     pub msg: Vec<u8>,
     pub keypair: Arc<KeyPair>,
     pub counter: u64,
 }
 
-#[derive(Debug)]
 pub struct JobDecryption {
     pub msg: Vec<u8>,
     pub keypair: Arc<KeyPair>,
 }
 
-#[derive(Debug)]
 pub enum JobParallel {
     Encryption(oneshot::Sender<JobEncryption>, JobEncryption),
     Decryption(oneshot::Sender<Option<JobDecryption>>, JobDecryption),