wireguard-tools - Required tools for WireGuard, such as wg(8) and wg-quick(8)

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	man: update wg-quick(8) to show Debian resolvconf braindamage	Jason A. Donenfeld	2017-05-30	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	While OpenResolv supports explicit ordering directives such as `-m` and exclusivity directives such as `-x`, Debian's own resolvconf supports none of this, instead using a hard coded list of interface name templates for determining ordering. While trying to emulate `-x` is difficult [], we can at least try to mostly emulate `-m 0` by masquerading as a `tun` interface to resolvconf. Ugly, but it works. [*] One heavy handed way of emulating `-x` would be something like: # echo nameserver 8.8.8.8 > /etc/resolv.conf.wg0-exclusive # mount --bind -o ro /etc/resolv.conf.wg0-exclusive /etc/resolv.conf # rm -f /etc/resolv.conf.wg0-exclusive This in practice works quite well, but is a bit heavy to put in a man page. It also doesn't "stack" well. For example, if we simply run `umount /etc/resolv.conf`, how do we know which resolv.conf entry we're unmounting? Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: use src routing for default routes in v6	Jason A. Donenfeld	2017-05-18	1	-3/+11
\| \| \| \| \| \| \|	Otherwise, traffic is sent with the IP address of a different interface, and then packets don't actually get delivered. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	man: fix psk mention in wg-quick man page	Jason A. Donenfeld	2017-05-18	1	-2/+2
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: opt-in globally to GNU-isms to keep the BSDs happy	Jason A. Donenfeld	2017-05-17	2	-2/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: support text-based ipc	Jason A. Donenfeld	2017-05-17	8	-131/+321
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: check for proto error on set too	Jason A. Donenfeld	2017-05-17	1	-3/+4
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: stricter key file reading	Jason A. Donenfeld	2017-05-17	1	-31/+40
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	noise: redesign preshared key mode	Jason A. Donenfeld	2017-05-17	6	-49/+52
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: auto MTU discovery	Jason A. Donenfeld	2017-05-17	2	-1/+28
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: retry name resolution on temporary failure	Jason A. Donenfeld	2017-05-17	1	-1/+10
\| \| \| \| \| \|	This should solve many problems at init time. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: no hyphen in preshared, to keep uniformity	Jason A. Donenfeld	2017-04-20	3	-3/+3
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: argc is always 1	Jason A. Donenfeld	2017-04-19	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: check for malloc failure	Jason A. Donenfeld	2017-04-19	1	-0/+4
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: side channel resistant base64	Jason A. Donenfeld	2017-04-19	9	-259/+86
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: do not use addrconfig with port in gai	Jason A. Donenfeld	2017-03-28	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	uapi: add version magic	Jason A. Donenfeld	2017-03-24	2	-8/+27
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: various cleanups	Jason A. Donenfeld	2017-03-24	1	-5/+6
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: document # comments in wg(8) man page	Jason A. Donenfeld	2017-03-24	1	-1/+3
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: support old ip(8)	Pim van Pelt	2017-03-19	1	-4/+8
\| \| \| \| \| \| \|	Old versions of ip(8) do not accept arguments to `ip rule show.` This patch works around that limitation. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: fix bash completion spaces	Jason A. Donenfeld	2017-02-23	2	-5/+13
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: add wg show [interface] dump	Jason A. Donenfeld	2017-02-23	3	-5/+51
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: give "off" value for fwmark	Jason A. Donenfeld	2017-02-23	4	-5/+19
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: allow config files without trailing newline	Jason A. Donenfeld	2017-02-23	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: unquote fwmark for bash 4.3	Jason A. Donenfeld	2017-02-14	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: set LC_ALL for consistent regex	Jason A. Donenfeld	2017-02-13	1	-0/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	socket: enable setting of fwmark	Jason A. Donenfeld	2017-02-13	7	-22/+67
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	socket: general ephemeral ports instead of name-based ports	Jason A. Donenfeld	2017-02-13	1	-3/+3
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: support v6 dual stack	Jason A. Donenfeld	2017-02-13	1	-7/+18
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: remove key for any empty file	Jason A. Donenfeld	2017-02-07	2	-25/+18
\| \| \| \| \| \| \|	Rather than just using /dev/null to mean key removal, match on any empty file, so that this interface is cross platform. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: setconf should remove existing psk	Jason A. Donenfeld	2017-02-07	1	-0/+3
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: recommend using resolvconf in exclusive mode	Jason A. Donenfeld	2017-01-19	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: man: recommend correct port	Jason A. Donenfeld	2017-01-15	2	-2/+2
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: parse IPv6 endpoints correctly	Jason A. Donenfeld	2017-01-15	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: better removal of suppress_prefix rule	Jason A. Donenfeld	2017-01-11	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	Update copyright	Jason A. Donenfeld	2017-01-10	18	-18/+18
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	uapi: use sockaddr union instead of sockaddr_storage	Jason A. Donenfeld	2017-01-10	3	-17/+17
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	uapi: use flag instead of C bitfield for portability	Jason A. Donenfeld	2017-01-10	1	-8/+9
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: ipc: read from socket incrementally	Jason A. Donenfeld	2017-01-10	2	-43/+49
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: error on short ret reads	Jason A. Donenfeld	2017-01-10	1	-0/+4
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg-quick: enforce good permissions	Jason A. Donenfeld	2017-01-09	2	-1/+3
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: add installation note for distros	Jason A. Donenfeld	2017-01-05	1	-0/+5
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: remove DESTDIR for autodetection	Christian Hesse	2017-01-05	1	-3/+3
\| \| \| \| \| \| \| \|	DESTDIR is always empty, no need to check anything there. Check the main system instead. Signed-off-by: Christian Hesse <mail@eworm.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: add systemd unit and auto-detection	Jason A. Donenfeld	2017-01-05	3	-11/+66
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: add makefile instructions	Jason A. Donenfeld	2017-01-05	2	-1/+38
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: add wg-quick	Jason A. Donenfeld	2017-01-05	5	-3/+430
\| \| \| \| \| \| \|	This is based on wg-config, but is even easier to use, and now makes our full tools suite. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: add bash completion for wg(8)	Jason A. Donenfeld	2017-01-04	2	-2/+96
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: syscall.h should actually be sys/syscall.h	Jason A. Donenfeld	2016-12-30	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: rename 'bandwidth' to 'transfer' in output	Tomasz Torcz	2016-12-23	2	-4/+4
\| \| \| \| \| \| \|	'bandwidth' is a measure of speed, but wg's output shows only the number of bytes transferred. Thus 'transfer' is a better label. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: do not use AI_ADDRCONFIG	Jason A. Donenfeld	2016-12-23	1	-2/+1
\| \| \| \| \| \| \| \| \| \| \|	Some people run wg(8) using hard coded v6 addresses before interfaces have v6 addresses, causing getaddrinfo to fail. Since AI_ADDRCONFIG doesn't actualy change the sorting, but just the queries made, we don't really need AI_ADDRCONFIG anyway, since we're always only taking the first result. Reported-by: Benedikt Morbach <benedikt.morbach@googlemail.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
*	wg: allowed-ips is easier to parse with spaces instead of ", "	Jason A. Donenfeld	2016-12-23	1	-1/+1
\| \| \| \|	Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>