Good morning, First of all, I would like to thank you kindly for creating WireGuard. It is a wonderful piece of software. My thanks go to Jason, but also to the whole community involved in that project. People tend to forget this kind of work is mostly done during our spare time, it is really important to be reminded.
In the last past weeks, I had to connect to various untrusted networks, some in my neighbourhood, some at work. By default, I'm in paranoid mode, that's why I installed WireGuard. Even if I do most of my work on Linux, my primary peer (which can be called the server here) is running on OpenBSD 6.8. I like to see WireGuard directly in default system, so I can use it without installing anything else. It's the same with Unbound. If some OpenBSD folks are also reading this email, thanks a lot ! According to my needs, I decided to write another wg-quick(8) script using ksh. Most of the work was done with mksh(1), but I'm pretty sure it could work with pdksh(1) or even ksh88(1). I did it for three reasons : - I would like to use WireGuard on my own Linux distribution[1]. bash(1) is not included in the base system. - wg-quick(8) needs "up" and "down" to setup and close the connection. wg-kyc initiates the connection and waits for SIGINT or SIGTERM. When it is triggered, the connection is closed. It mimics OpenVPN. - My systems do not rely on bash(1), therefore I would like to also avoid it for my VPN. However, my tool has less features than wg-quick(8). It doesn't support specific routing table (fwmark) or all *Up and *Down hooks. Those settings are directly hard coded inside. It was also specifically written for Linux. Thankfully, most of the OS commands can be easily modified. Of course, I fully encourage people to modify it. The sources are available online[2]. In any case, take care of yourself especially now, in these difficult times. Kind regards. Ypnose [1] https://framagit.org/Ypnose/solyste [2] https://framagit.org/Ypnose/wg-kyc PS: Donate to WireGuard !
