Date: Thu, 23 Jan 2025 09:19:37 +0100 From: Baptiste Daroussin <bapt@freebsd.org> To: Kyle Evans <kevans@freebsd.org> Cc: freebsd-hackers@freebsd.org Subject: Re: wg ifconfing control Message-ID: <576kh2lxuv5vflfeobcvbffutusr6cjtzssnfgigzhuk4l42kz@mjch6u3nlnpc> In-Reply-To: <afb3eb5f-7f0f-47bf-a6d2-6b06ef08051a@FreeBSD.org> References: <CA%2BcSnN1UYpecBV145FAkdySM9otr%2BOPTfaWL6PUfj14VEinGVQ@mail.gmail.com> <afb3eb5f-7f0f-47bf-a6d2-6b06ef08051a@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed 22 Jan 17:42, Kyle Evans wrote: > On 1/22/25 17:41, Daniel Lovasko wrote: > > Hello all, > > > > I noticed that OpenBSD has added the ability to control the WireGuard > > interfaces through ifconfig. I am interested in implementing similar > > support in FreeBSD - is there anyone already working on this or perhaps > > the right mentor for adding this functionality? NetBSD has a similar > > functionality exposed through the wgconfig tool. > > > > Short rationale: 1) not needing a package to do the setup, 2) procedural > > configuration, 3) ability to include all config in rc.conf, 4) > > consistency with other interface types (e.g. carp or gre). > > > > re: #1, we do have wg(8) installed as part of base; one can do at least > somewhat simple setups without a package. > I can resume this and finish it if really needed: https://reviews.freebsd.org/D42880 but Kyle convinced me that it was not really needed since wg is in base already. The motivation for me to write D42880 was the same as yours and in fact it is perfectly doable with the current integration. In my case I have the following setup: A script /etc/start_if.wg0 which contains: --- #!/bin/sh /usr/bin/wg setconf $1 /usr/local/etc/wireguard/$1.conf --- Note that in this configuration one need to not have the Address in the configuration unlike regular wireguard. the rest is handled in rc.conf cloned_interface=wg0 ifconfig_wg0="inet ..." static_routes="zone0:wg0" route_zone0="-inet ..... -interface wg0" This gives me a wireguard interface pretty early in the boot process. and simple configuration without the requirement of a single package. Note that if I create a wg1 I just need a symlink: /etc/start_if.wg0 -> /etc/start_if.wg0 Best regards, Bapt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?576kh2lxuv5vflfeobcvbffutusr6cjtzssnfgigzhuk4l42kz>