On 14.10.2022. 23:57, Mikolaj Kucharski wrote:
> Kind reminder. Below there is a comment with an OK from sthen@
>
> Diff at the end of this email.
>
>
Hi all,
can this diff be committed? Less verbose output of ifconfig wg interface
is quite nice when handling wg vpn server
Thank you
> On Wed, Sep 07, 2022 at 05:29:38PM +0100, Stuart Henderson wrote:
>> On 2022/09/07 15:25, Mikolaj Kucharski wrote:
>>> Hi.
>>>
>>> I didn't get a lof of feedback on this on the code level, however
>>> got some intput on manual page changes. At the end of the email is
>>> ifconfig.8 change from jmc@ and ifconfig.c from me.
>>>
>>>
>>> On Sat, Sep 03, 2022 at 04:51:03PM +0100, Jason McIntyre wrote:
>>>> On Sat, Sep 03, 2022 at 08:55:51AM +0000, Mikolaj Kucharski wrote:
>>>>> Hi,
>>>>>
>>>>> I tried to address what jmc@ mentioned below. I don't really know
>>>>> mdoc(7) and English is not my native language, so I imagine there is
>>>>> place for improvement in the wg(4) diff.
>>>>>
>>>>
>>>> hi.
>>>>
>>>> after looking again, i think maybe ifconfig.8 is the better place, but
>>>> just not where it was originally proposed. by way of a peace offering,
>>>> how about the diff below?
>>>>
>>>> jmc
>>>>
>>> [...]
>>
>> It's all in ifndef SMALL so there are no ramdisk space concerns.
>> Works as expected, I think it's a good idea. It's OK with me.
>>
>>
>>>
>>> Index: ifconfig.c
>>> ===================================================================
>>> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
>>> retrieving revision 1.456
>>> diff -u -p -u -r1.456 ifconfig.c
>>> --- ifconfig.c 8 Jul 2022 07:04:54 -0000 1.456
>>> +++ ifconfig.c 7 Sep 2022 15:18:50 -0000
>>> @@ -363,7 +363,7 @@ void unsetwgpeer(const char *, int);
>>> void unsetwgpeerpsk(const char *, int);
>>> void unsetwgpeerall(const char *, int);
>>>
>>> -void wg_status();
>>> +void wg_status(int);
>>> #else
>>> void setignore(const char *, int);
>>> #endif
>>> @@ -679,7 +679,7 @@ void printgroupattribs(char *);
>>> void printif(char *, int);
>>> void printb_status(unsigned short, unsigned char *);
>>> const char *get_linkstate(int, int);
>>> -void status(int, struct sockaddr_dl *, int);
>>> +void status(int, struct sockaddr_dl *, int, int);
>>> __dead void usage(void);
>>> const char *get_string(const char *, const char *, u_int8_t *, int *);
>>> int len_string(const u_int8_t *, int);
>>> @@ -1195,7 +1195,7 @@ printif(char *name, int ifaliases)
>>> continue;
>>> ifdata = ifa->ifa_data;
>>> status(1, (struct sockaddr_dl *)ifa->ifa_addr,
>>> - ifdata->ifi_link_state);
>>> + ifdata->ifi_link_state, ifaliases);
>>> count++;
>>> noinet = 1;
>>> continue;
>>> @@ -3316,7 +3316,7 @@ get_linkstate(int mt, int link_state)
>>> * specified, show it and it only; otherwise, show them all.
>>> */
>>> void
>>> -status(int link, struct sockaddr_dl *sdl, int ls)
>>> +status(int link, struct sockaddr_dl *sdl, int ls, int ifaliases)
>>> {
>>> const struct afswtch *p = afp;
>>> struct ifmediareq ifmr;
>>> @@ -3391,7 +3391,7 @@ status(int link, struct sockaddr_dl *sdl
>>> mpls_status();
>>> pflow_status();
>>> umb_status();
>>> - wg_status();
>>> + wg_status(ifaliases);
>>> #endif
>>> trunk_status();
>>> getifgroups();
>>> @@ -5907,7 +5907,7 @@ process_wg_commands(void)
>>> }
>>>
>>> void
>>> -wg_status(void)
>>> +wg_status(int ifaliases)
>>> {
>>> size_t i, j, last_size;
>>> struct timespec now;
>>> @@ -5942,45 +5942,47 @@ wg_status(void)
>>> printf("\twgpubkey %s\n", key);
>>> }
>>>
>>> - wg_peer = &wg_interface->i_peers[0];
>>> - for (i = 0; i < wg_interface->i_peers_count; i++) {
>>> - b64_ntop(wg_peer->p_public, WG_KEY_LEN,
>>> - key, sizeof(key));
>>> - printf("\twgpeer %s\n", key);
>>> -
>>> - if (wg_peer->p_flags & WG_PEER_HAS_PSK)
>>> - printf("\t\twgpsk (present)\n");
>>> -
>>> - if (wg_peer->p_flags & WG_PEER_HAS_PKA && wg_peer->p_pka)
>>> - printf("\t\twgpka %u (sec)\n", wg_peer->p_pka);
>>> -
>>> - if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) {
>>> - if (getnameinfo(&wg_peer->p_sa, wg_peer->p_sa.sa_len,
>>> - hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
>>> - NI_NUMERICHOST | NI_NUMERICSERV) == 0)
>>> - printf("\t\twgendpoint %s %s\n", hbuf, sbuf);
>>> - else
>>> - printf("\t\twgendpoint unable to print\n");
>>> - }
>>> + if (ifaliases) {
>>> + wg_peer = &wg_interface->i_peers[0];
>>> + for (i = 0; i < wg_interface->i_peers_count; i++) {
>>> + b64_ntop(wg_peer->p_public, WG_KEY_LEN,
>>> + key, sizeof(key));
>>> + printf("\twgpeer %s\n", key);
>>> +
>>> + if (wg_peer->p_flags & WG_PEER_HAS_PSK)
>>> + printf("\t\twgpsk (present)\n");
>>> +
>>> + if (wg_peer->p_flags & WG_PEER_HAS_PKA &&
>>> wg_peer->p_pka)
>>> + printf("\t\twgpka %u (sec)\n", wg_peer->p_pka);
>>> +
>>> + if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) {
>>> + if (getnameinfo(&wg_peer->p_sa,
>>> wg_peer->p_sa.sa_len,
>>> + hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
>>> + NI_NUMERICHOST | NI_NUMERICSERV) == 0)
>>> + printf("\t\twgendpoint %s %s\n", hbuf,
>>> sbuf);
>>> + else
>>> + printf("\t\twgendpoint unable to
>>> print\n");
>>> + }
>>>
>>> - printf("\t\ttx: %llu, rx: %llu\n",
>>> - wg_peer->p_txbytes, wg_peer->p_rxbytes);
>>> + printf("\t\ttx: %llu, rx: %llu\n",
>>> + wg_peer->p_txbytes, wg_peer->p_rxbytes);
>>>
>>> - if (wg_peer->p_last_handshake.tv_sec != 0) {
>>> - timespec_get(&now, TIME_UTC);
>>> - printf("\t\tlast handshake: %lld seconds ago\n",
>>> - now.tv_sec - wg_peer->p_last_handshake.tv_sec);
>>> - }
>>> + if (wg_peer->p_last_handshake.tv_sec != 0) {
>>> + timespec_get(&now, TIME_UTC);
>>> + printf("\t\tlast handshake: %lld seconds ago\n",
>>> + now.tv_sec -
>>> wg_peer->p_last_handshake.tv_sec);
>>> + }
>>>
>>>
>>> - wg_aip = &wg_peer->p_aips[0];
>>> - for (j = 0; j < wg_peer->p_aips_count; j++) {
>>> - inet_ntop(wg_aip->a_af, &wg_aip->a_addr,
>>> - hbuf, sizeof(hbuf));
>>> - printf("\t\twgaip %s/%d\n", hbuf, wg_aip->a_cidr);
>>> - wg_aip++;
>>> + wg_aip = &wg_peer->p_aips[0];
>>> + for (j = 0; j < wg_peer->p_aips_count; j++) {
>>> + inet_ntop(wg_aip->a_af, &wg_aip->a_addr,
>>> + hbuf, sizeof(hbuf));
>>> + printf("\t\twgaip %s/%d\n", hbuf,
>>> wg_aip->a_cidr);
>>> + wg_aip++;
>>> + }
>>> + wg_peer = (struct wg_peer_io *)wg_aip;
>>> }
>>> - wg_peer = (struct wg_peer_io *)wg_aip;
>>> }
>>> out:
>>> free(wgdata.wgd_interface);
>>> Index: ifconfig.8
>>> ===================================================================
>>> RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
>>> retrieving revision 1.384
>>> diff -u -p -u -r1.384 ifconfig.8
>>> --- ifconfig.8 27 Jun 2022 16:27:03 -0000 1.384
>>> +++ ifconfig.8 7 Sep 2022 15:18:50 -0000
>>> @@ -2195,6 +2195,14 @@ Packets on a VLAN interface without a ta
>>> .Ek
>>> .nr nS 0
>>> .Pp
>>> +Detailed peer information is available to the superuser when
>>> +.Nm
>>> +is run with the
>>> +.Fl A
>>> +flag or when passed specific
>>> +.Ar wg-interface
>>> +names.
>>> +.Pp
>>> The following options are available for
>>> .Xr wg 4
>>> interfaces:
>>>
>
>
> Index: ifconfig.8
> ===================================================================
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
> retrieving revision 1.384
> diff -u -p -u -r1.384 ifconfig.8
> --- ifconfig.8 27 Jun 2022 16:27:03 -0000 1.384
> +++ ifconfig.8 14 Oct 2022 21:53:47 -0000
> @@ -2195,6 +2195,14 @@ Packets on a VLAN interface without a ta
> .Ek
> .nr nS 0
> .Pp
> +Detailed peer information is available to the superuser when
> +.Nm
> +is run with the
> +.Fl A
> +flag or when passed specific
> +.Ar wg-interface
> +names.
> +.Pp
> The following options are available for
> .Xr wg 4
> interfaces:
> Index: ifconfig.c
> ===================================================================
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
> retrieving revision 1.456
> diff -u -p -u -r1.456 ifconfig.c
> --- ifconfig.c 8 Jul 2022 07:04:54 -0000 1.456
> +++ ifconfig.c 14 Oct 2022 21:53:47 -0000
> @@ -363,7 +363,7 @@ void unsetwgpeer(const char *, int);
> void unsetwgpeerpsk(const char *, int);
> void unsetwgpeerall(const char *, int);
>
> -void wg_status();
> +void wg_status(int);
> #else
> void setignore(const char *, int);
> #endif
> @@ -679,7 +679,7 @@ void printgroupattribs(char *);
> void printif(char *, int);
> void printb_status(unsigned short, unsigned char *);
> const char *get_linkstate(int, int);
> -void status(int, struct sockaddr_dl *, int);
> +void status(int, struct sockaddr_dl *, int, int);
> __dead void usage(void);
> const char *get_string(const char *, const char *, u_int8_t *, int *);
> int len_string(const u_int8_t *, int);
> @@ -1195,7 +1195,7 @@ printif(char *name, int ifaliases)
> continue;
> ifdata = ifa->ifa_data;
> status(1, (struct sockaddr_dl *)ifa->ifa_addr,
> - ifdata->ifi_link_state);
> + ifdata->ifi_link_state, ifaliases);
> count++;
> noinet = 1;
> continue;
> @@ -3316,7 +3316,7 @@ get_linkstate(int mt, int link_state)
> * specified, show it and it only; otherwise, show them all.
> */
> void
> -status(int link, struct sockaddr_dl *sdl, int ls)
> +status(int link, struct sockaddr_dl *sdl, int ls, int ifaliases)
> {
> const struct afswtch *p = afp;
> struct ifmediareq ifmr;
> @@ -3391,7 +3391,7 @@ status(int link, struct sockaddr_dl *sdl
> mpls_status();
> pflow_status();
> umb_status();
> - wg_status();
> + wg_status(ifaliases);
> #endif
> trunk_status();
> getifgroups();
> @@ -5907,7 +5907,7 @@ process_wg_commands(void)
> }
>
> void
> -wg_status(void)
> +wg_status(int ifaliases)
> {
> size_t i, j, last_size;
> struct timespec now;
> @@ -5942,45 +5942,47 @@ wg_status(void)
> printf("\twgpubkey %s\n", key);
> }
>
> - wg_peer = &wg_interface->i_peers[0];
> - for (i = 0; i < wg_interface->i_peers_count; i++) {
> - b64_ntop(wg_peer->p_public, WG_KEY_LEN,
> - key, sizeof(key));
> - printf("\twgpeer %s\n", key);
> -
> - if (wg_peer->p_flags & WG_PEER_HAS_PSK)
> - printf("\t\twgpsk (present)\n");
> -
> - if (wg_peer->p_flags & WG_PEER_HAS_PKA && wg_peer->p_pka)
> - printf("\t\twgpka %u (sec)\n", wg_peer->p_pka);
> -
> - if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) {
> - if (getnameinfo(&wg_peer->p_sa, wg_peer->p_sa.sa_len,
> - hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
> - NI_NUMERICHOST | NI_NUMERICSERV) == 0)
> - printf("\t\twgendpoint %s %s\n", hbuf, sbuf);
> - else
> - printf("\t\twgendpoint unable to print\n");
> - }
> + if (ifaliases) {
> + wg_peer = &wg_interface->i_peers[0];
> + for (i = 0; i < wg_interface->i_peers_count; i++) {
> + b64_ntop(wg_peer->p_public, WG_KEY_LEN,
> + key, sizeof(key));
> + printf("\twgpeer %s\n", key);
> +
> + if (wg_peer->p_flags & WG_PEER_HAS_PSK)
> + printf("\t\twgpsk (present)\n");
> +
> + if (wg_peer->p_flags & WG_PEER_HAS_PKA &&
> wg_peer->p_pka)
> + printf("\t\twgpka %u (sec)\n", wg_peer->p_pka);
> +
> + if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) {
> + if (getnameinfo(&wg_peer->p_sa,
> wg_peer->p_sa.sa_len,
> + hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
> + NI_NUMERICHOST | NI_NUMERICSERV) == 0)
> + printf("\t\twgendpoint %s %s\n", hbuf,
> sbuf);
> + else
> + printf("\t\twgendpoint unable to
> print\n");
> + }
>
> - printf("\t\ttx: %llu, rx: %llu\n",
> - wg_peer->p_txbytes, wg_peer->p_rxbytes);
> + printf("\t\ttx: %llu, rx: %llu\n",
> + wg_peer->p_txbytes, wg_peer->p_rxbytes);
>
> - if (wg_peer->p_last_handshake.tv_sec != 0) {
> - timespec_get(&now, TIME_UTC);
> - printf("\t\tlast handshake: %lld seconds ago\n",
> - now.tv_sec - wg_peer->p_last_handshake.tv_sec);
> - }
> + if (wg_peer->p_last_handshake.tv_sec != 0) {
> + timespec_get(&now, TIME_UTC);
> + printf("\t\tlast handshake: %lld seconds ago\n",
> + now.tv_sec -
> wg_peer->p_last_handshake.tv_sec);
> + }
>
>
> - wg_aip = &wg_peer->p_aips[0];
> - for (j = 0; j < wg_peer->p_aips_count; j++) {
> - inet_ntop(wg_aip->a_af, &wg_aip->a_addr,
> - hbuf, sizeof(hbuf));
> - printf("\t\twgaip %s/%d\n", hbuf, wg_aip->a_cidr);
> - wg_aip++;
> + wg_aip = &wg_peer->p_aips[0];
> + for (j = 0; j < wg_peer->p_aips_count; j++) {
> + inet_ntop(wg_aip->a_af, &wg_aip->a_addr,
> + hbuf, sizeof(hbuf));
> + printf("\t\twgaip %s/%d\n", hbuf,
> wg_aip->a_cidr);
> + wg_aip++;
> + }
> + wg_peer = (struct wg_peer_io *)wg_aip;
> }
> - wg_peer = (struct wg_peer_io *)wg_aip;
> }
> out:
> free(wgdata.wgd_interface);
>
>
