On Mon, Aug 26, 2019 at 5:09 AM Jason A. Donenfeld <[email protected]> wrote: > > Usage of fwmark is my current workaround. If the same user id of an > > outer packets is not a bug then ignore it. > > I can see arguments both ways. Do you recall off hand the last kernel > version that had the prior behavior? I'd like to try to find the > commit and read the rationale upstream.
I see the difference now between 4.18.0 and 5.0.0 kernels, the closest I can get with readily compiled kernels on my distro. According to `iptables -t mangle -A OUTPUT -j LOG --log-uid` on kernel 4.18 outer packets have UID=0 if original packets were sent from system processes and do not have associated UID at all if original packets were sent by the user. On kernel 5.0 they always inherit UID. _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
