[PATCH v5 06/11] socket: allow modification of transit_net

--- src/device.c | 6 +++--- src/netlink.c | 2 +- src/socket.c | 18 ++ src/socket.h | 6 +++--- 4 files changed, 17 insertions(+), 15 deletions(-) diff --git a/src/device.c b/src/device.c index 0c0c17b..18b4587 100644 --- a/src/device.c +++ b/src/device.c @@ -53,7 +53,7

[PATCH v5 00/11] Allow changing the transit namespace

Hi, This is v5 of this series. This series makes the following changes: * wg(1) can now access devices in another network namespace. The syntax is wg --netns For example wg --netns 5363 show wg0 * wg(1) can now change the network namespace of the UDP socket of a device.

[PATCH v5 07/11] netlink: allow modification of transit net

This commit adds two new attributes of which at most one may be provided: * WGDEVICE_A_TRANSIT_NETNS_PID: NLA_U32 * WGDEVICE_A_TRANSIT_NETNS_FD: NLA_U32 The transit namespace is then set to this namespace. The caller must either be in this namespace or have CAP_NET_ADMIN in it. ---

[PATCH v5 04/11] device: rename creating_net to transit_net

--- src/device.c | 20 ++-- src/device.h | 4 ++-- src/netlink.c | 4 ++-- src/socket.c | 8 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/src/device.c b/src/device.c index 877000b..ae4b9ad 100644 --- a/src/device.c +++ b/src/device.c @@ -251,8

[PATCH v5 08/11] tools: add framework for shared options

--- src/tools/containers.h | 3 +++ src/tools/genkey.c | 3 ++- src/tools/pubkey.c | 3 ++- src/tools/set.c | 3 ++- src/tools/setconf.c | 3 ++- src/tools/show.c| 3 ++- src/tools/showconf.c| 3 ++- src/tools/subcommands.h | 14 ++-

[PATCH v5 09/11] tools: allow specifying the device namespace

The user can now use wg --netns to specify the network namespace in which wg should act. This sets the attribute WGDEVICE_A_DEV_NETNS_PID or WGDEVICE_A_DEV_NETNS_FD. In the case of wg --netns show all we have to try to enter the network namespace because the kernel interface does not allow

[PATCH v5 01/11] netlink: check for CAP_NET_ADMIN manually

--- src/netlink.c | 15 --- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/netlink.c b/src/netlink.c index 18bebb8..364d4d8 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -163,6 +163,7 @@ err: static int wg_get_device_start(struct netlink_callback *cb) {

[PATCH v5 02/11] netlink: allow specifying the device namespace

This commit adds two new attributes of which at most one may be provided: * WGDEVICE_A_DEV_NETNS_PID: NLA_U32 * WGDEVICE_A_DEV_NETNS_FD: NLA_U32 The Wireguard device is then looked up in this namespace instead of the namespace of the netlink socket. --- src/netlink.c| 82

[PATCH v5 11/11] tests: add test for transit-net

--- src/tests/netns.sh | 40 1 file changed, 40 insertions(+) diff --git a/src/tests/netns.sh b/src/tests/netns.sh index 568612c..4cc6b44 100755 --- a/src/tests/netns.sh +++ b/src/tests/netns.sh @@ -222,6 +222,46 @@ n1 wg set wg0 peer "$more_specific_key"