On May 6, 2018 6:33 PM, ѽ҉ᶬḳ℠ wrote:
> Depends perhaps a bit of what the (long term) aim/goal of the WG is -
>
> whether to be a niche product for enthusiasts (only guessing here that
>
> this is the current state) or to make it into the
>
> mainstream/corporate/commercial
On May 7, 2018 10:24 AM, ѽ҉ᶬḳ℠ wrote:
> > SSH is different for two reasons: It runs over TCP, and it runs in
> >
> > userspace.
> >
> > Secondly, because SSH runs in userspace, a lot of the processing (such
> >
> > as the TCP handshake) is done by the kernel on the application's
On May 6, 2018 10:58 AM, ѽ҉ᶬḳ℠ wrote:
> > Why? Can you outline the threat model?
> >
> > As I mentioned earlier, to disable v6 socket creation, pass
> >
> > ipv6.disable=1 on the kernel command line, or just unload the v6
> >
> > module. If you're worried about the Linux v6
On June 22, 2018 9:26 PM, Lonnie Abelbeck wrote:
> How about not supporting direct execution of commands in the config
> [Interface] section but rather support an optional path to where a fixed
> command (ex. wireguard.script) is found...
>
>
>
Hi,
I can't make wireguard work with linux 4.18-rc1 and mainline from
06.22.2018.
sudo wg-quick up abc
[#] ip link add abc type wireguard
[#] wg setconf abc /dev/fd/xx
[#] ip address add xx.xx.xx.xxx/xx dev abc
[#] ip link set mtu 1420 dev abc
[#] ip link set abc up
[#] resolvconf -a abc -m 0 -x
On June 23, 2018 3:35 PM, Bruno Wolff III wrote:
> On Sat, Jun 23, 2018 at 08:23:08 -0400,
>
> Jordan Glover golden_mille...@protonmail.ch wrote:
>
> > Hi,
> >
> > I can't make wireguard work with linux 4.18-rc1 and mainline from
> >
> > 06.22.20
On June 23, 2018 6:01 PM, Jason A. Donenfeld wrote:
> Working on it:
>
> https://marc.info/?l=linux-netdev=152976958325076=2
I can confirm that your patch fixes this issue. Thank you for help.
Jordan
___
WireGuard mailing list
On June 22, 2018 3:56 AM, Antonio Quartulli wrote:
>
> In case this might be useful: in OpenVPN there is an additional
>
> parameter called "--script-security" that requires to be set to a
>
> certain level before allowing configured scripts to be executed.
>
> Unfortunately there is no real
‐‐‐ Original Message ‐‐‐
On August 25, 2018 5:50 PM, Jorge AC wrote:
> Thank you for checking my regex with the kernel code lines :-)
>
> Definetly is insanity what drives me, I enjoy naming interfaces with
> unicodes like ☢.
>
> Nevertheless, thinking about a legit use, it could be a
‐‐‐ Original Message ‐‐‐
On Saturday, October 20, 2018 10:59 PM, Lucian Cristian
wrote:
> updating the wireguard module on systemd based linux gives
>
> Warning: The unit file, source configuration file or drop-ins of
> wg-quick@wg0.service changed on disk. Run 'systemctl daemon-reload'
‐‐‐ Original Message ‐‐‐
On Sunday, October 7, 2018 5:20 PM, Jason A. Donenfeld wrote:
> Hello,
>
> A new snapshot, `0.0.20181007`, has been tagged in the git repository.
>
> Please note that this snapshot is, like the rest of the project at this point
> in time, experimental, and does
On Monday, December 31, 2018 5:11 PM, John wrote:
> My recommendation is to change the wording under the command on your
> install page to something like: "Users of the distro provided kernels
> (linux and linux-lts) may download the requisite corresponding
> precompiled wireguard module. Users
On Wednesday, January 16, 2019 5:37 PM, Sam Cater wrote:
> Hi Wireguard Mailing List,
>
> Probably going to be showing a lot of ignorance here!
>
> Wireguard has run fine on this system in the past, but today I tried to
> build 20181218 on self-built 5.0 kernel (which in and of itself seems
>
On Sunday, December 2, 2018 12:38 AM, Laszlo KERTESZ
wrote:
> On Sun, Dec 2, 2018 at 1:26 AM Tushar Pankaj
> wrote:
>
>> Does it have to do with macros.S having a capital S extension?
>>
>> Thanks,
>> Tushar Pankaj
>
> Probably not. I don't have any "arch/x86/kernel/macros.s" file (actually
On Monday, November 19, 2018 6:27 PM, Jason A. Donenfeld
wrote:
> Hello,
>
> A new snapshot, `0.0.20181119`, has been tagged in the git repository.
>
> Please note that this snapshot is, like the rest of the project at this point
> in time, experimental, and does not consitute a real release
On Monday, November 19, 2018 8:02 PM, Jason A. Donenfeld
wrote:
> Hi Jordan,
> On Mon, Nov 19, 2018 at 7:04 PM Jordan Glover
> golden_mille...@protonmail.ch wrote:
>
> > It fails to build for me (doing in-kernel build with Linux 4.20rc3 and
> > WireGuard/contrib/ker
On Friday, May 10, 2019 11:54 AM, Sitaram Chamarty wrote:
> I am able to bypass the VPN by using firejail (which is a
> sandbox program to run untrusted applications).
>
> Below, the IP addresses and domain names are fake but that
> should not matter:
>
> # wg
> interface: wg0
> public key:
On Tuesday, July 16, 2019 12:21 PM, Jörg Thalheim wrote:
> While /usr/bin/env is more or less available on all POSIX systems
> /bin/bash might not be. This is particular the case on NixOS and the BSD
> family (/usr/local/bin/bash). Downstream packagers would often rewrite
> those shebangs back
On Tuesday, July 16, 2019 10:08 PM, Jörg Thalheim wrote:
> On 16/07/2019 18.32, Jordan Glover wrote:
>
> > On Tuesday, July 16, 2019 12:21 PM, Jörg Thalheim jo...@higgsboson.tk wrote:
> >
> > > While /usr/bin/env is more or less available on all POSIX sy
On Wednesday, July 17, 2019 6:39 PM, Jörg Thalheim wrote:
>
> It does not make anything worse. Your threat model is unreasonable and out of
> scope
> of what the scripts are intended to guarantee.
> There are tones of other environment variables like LD_PRELOAD or
> LD_LIBRARY_PATH
And how
On Friday, December 6, 2019 5:35 PM, Jason A. Donenfeld wrote:
> Looks like an arch problem or a libnftnl problem. I've made a minimal
> reproducer:
>
> printf 'filter\nCOMMIT\nraw\nCOMMIT\n*mangle\nCOMMIT\n' | sudo
> iptables-nft-restore -n
>
> I filed a bug report on Arch:
On Thursday, December 5, 2019 8:24 PM, Jason A. Donenfeld
wrote:
>
> If we can make nft coexistance work reliably, perhaps we can run the
> nft rule on systems where the nft binary simply exists.
>
Will this work correctly on systems where nft binary exist but only
iptables rules are used?
On Thursday, December 5, 2019 10:55 AM, Jason A. Donenfeld
wrote:
> Hello,
>
> A new snapshot, `0.0.20191205`, has been tagged in the git repository.
>
> Please note that this snapshot is a snapshot rather than a final
> release that is considered secure and bug-free. WireGuard is generally
>
On Friday, December 6, 2019 3:20 PM, Jason A. Donenfeld wrote:
> On Fri, Dec 6, 2019 at 4:11 PM Jordan Glover
> golden_mille...@protonmail.ch wrote:
>
> > Hi, this release cause coredump on wg-quick down action:
> > systemd[1]: Stopping WireGuard via wg-quick(8) for wg0
On Friday, December 6, 2019 4:03 PM, Vasili Pupkin wrote:
> On 06.12.2019 18:08, Jason A. Donenfeld wrote:
>
> > On Fri, Dec 6, 2019 at 4:06 PM Jordan Glover
> > golden_mille...@protonmail.ch wrote:
> >
> > > On Thursday, December 5, 2019 8:24 PM, Jason A. Donen
On Friday, December 6, 2019 3:52 PM, Jason A. Donenfeld wrote:
> On Fri, Dec 6, 2019 at 4:36 PM Jordan Glover
> golden_mille...@protonmail.ch wrote:
>
> > iptables is from Arch Linux iptables-nft package:
> > $ iptables --version
> > iptables v1.8.3 (nf_tables)
&
On Tuesday, December 10, 2019 3:48 PM, Jason A. Donenfeld
wrote:
> If nft(8) is installed, use it. These rules should be identical to the
> iptables-restore(8) ones, with the advantage that cleanup is easy
> because we use custom table names.
>
I wonder if nft should be used only if iptables
On Tuesday, December 10, 2019 4:54 PM, Jason A. Donenfeld
wrote:
> On Tue, Dec 10, 2019 at 5:52 PM Jordan Glover
> golden_mille...@protonmail.ch wrote:
>
> > On Tuesday, December 10, 2019 3:48 PM, Jason A. Donenfeld ja...@zx2c4.com
> > wrote:
> >
> &
On Tuesday, December 10, 2019 7:15 PM, Jason A. Donenfeld
wrote:
> On Tue, Dec 10, 2019 at 7:58 PM Jordan Glover
> golden_mille...@protonmail.ch wrote:
>
> > On Tuesday, December 10, 2019 5:36 PM, Jason A. Donenfeld ja...@zx2c4.com
> > wrote:
> >
> > >
29 matches
Mail list logo