Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 10 Nov 2025 17:04:04 +0000
From:      bugzilla-noreply@freebsd.org
To:        net@FreeBSD.org
Subject:   [Bug 290768] if_wg(4): handshake response has src and dst reverse
Message-ID:  <bug-290768-7501-EYPf4HwA33@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-290768-7501@https.bugs.freebsd.org/bugzilla/>
References:  <bug-290768-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290768

--- Comment #7 from relvy <it@vineyard-sha.de> ---
(In reply to Kyle Evans from comment #4)

I tested the mentioned commit.
The tcpdump output:

tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on igc0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
17:55:41.268806 e0:28:6d:89:6b:02 > 00:00:5e:00:01:01, ethertype IPv4 (0x0800),
length 190: a.b.c.d.60586 > 192.168.178.2.51820: UDP, length 148
17:55:41.268880 00:90:27:e6:33:13 > e0:28:6d:89:6b:02, ethertype IPv4 (0x0800),
length 190: a.b.c.d.60586 > 192.168.178.2.51820: UDP, length 148
17:55:41.873931 00:90:27:e6:33:13 > e0:28:6d:89:6b:02, ethertype IPv4 (0x0800),
length 190: 192.168.178.10.51820 > a.b.c.d.51820: UDP, length 148
17:55:46.336997 e0:28:6d:89:6b:02 > 00:00:5e:00:01:01, ethertype IPv4 (0x0800),
length 190: a.b.c.d.60586 > 192.168.178.2.51820: UDP, length 148
17:55:46.337014 00:90:27:e6:33:13 > e0:28:6d:89:6b:02, ethertype IPv4 (0x0800),
length 190: a.b.c.d.60586 > 192.168.178.2.51820: UDP, length 148
17:55:47.062936 00:90:27:e6:33:13 > e0:28:6d:89:6b:02, ethertype IPv4 (0x0800),
length 190: 192.168.178.10.51820 > a.b.c.d.51820: UDP, length 148

And in dmesg I see:

[78] wg1: Handshake for peer 1 did not complete after 5 seconds, retrying (try
13)
[78] wg1: Sending handshake initiation to peer 1
[78] wg1: Unable to send packet: 47

So this indeed does fix the src / dst IP reversal.
There are two issues left:

First, the destination *port* in the reply is not correct
Second, in the message "Unable to send packet: 47" the 47 means unknown address
family.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-290768-7501-EYPf4HwA33>