| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Reported-by: Unit 193 <unit193@unit193.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
|
|
|
|
|
|
| |
We also add a wg_if.h in the fallback include path.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
If DNS= has an IP in it, treat it as a DNS server. If DNS= has a non-IP
in it, treat it as a DNS search domain.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
| |
Add file wg-quick.target, which allows starting and stopping all
wg-quick@.service instances at once.
Signed-off-by: Martin Hauke <mardnh@gmx.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
By specializing this to stdout, we can cache the isatty result.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
| |
Prior we only supported a blacklist, but actually a whitelist is an
easier algorithm because that's internally how netd considers it, so we
don't need to find range spans. This commit adds an IncludedApplications
key.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
Signed-off-by: Luis Ressel <aranea@aixah.de>
[zx2c4: slightly adjusted wording]
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
This fixes a few grammatical errors.
Signed-off-by: Kai Haberzettl <khaberz@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
These are generic helper functions we don't want to move into the actual
implementations, so that it's easy to keep parity with the kernel code.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
We can cache the value of this instead of evaluating every time.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
| |
It turns out that the binary actually gets smaller if we simply inline
the very small parts of libmnl that we need. Since we wind up needing
the mnlg bits anyway, there's little benefit in linking to libmnl.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
| |
This ports 1d2d6200b8ff517db0f7530645180df3cc4afa74.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
Now that WireGuard has been upstreamed and the repos split, we have to
look elsewhere for these headers.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
| |
This comes up occasionally, so it may be useful to mention its
possibility in the man page. At least the Arch Linux and Ubuntu kernels
support dynamic debugging, so this advise will at least help somebody.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
| |
Different versions of netd have different limits on how many can be
passed at once.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Alexey <zaranecc@bk.ru>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
Otherwise this runs in an infinite loop if at some point a dump was
interrupted.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Bruno Wolff III <bruno@wolff.to>
|
|
|
|
|
|
|
|
|
|
| |
We previously included $(pwd) in the compile output pretty printer,
because it matched our parent out-of-tree module build. Since we're no
longer coupled to the module, we can return to a prettier scheme of just
using the object name.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Fixes: eb68ad07 ("Makefile: even prettier output")
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
| |
Otherwise nft(8) has strange ideas of what a string is.
Suggested-by: RistiCore <RistiCore@mail.ee>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Joe Doss <joe@solidadmin.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
| |
Signed-off-by: Devin Smith <thundza@gmail.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
| |
Reported-by: Joe Doss <joe@solidadmin.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
| |
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|