Re: WireGuard for FreeBSD
On Fri, 25 May 2018 12:05:40 +0200 "Jan Bramkamp"said On 25.05.18 09:29, Bernhard Fröhlich wrote: > On Fri, May 25, 2018 at 12:24 AM, Chris H wrote: >> On Thu, 24 May 2018 22:16:42 +0200 "Bernhard Froehlich" >> said >> >>> Am 24.05.2018 21:06 schrieb Chris H : On Thu, 24 May 2018 19:39:22 +0200 "Jason A. Donenfeld" said > > Hi Chris, > > > > On Thu, May 24, 2018 at 3:38 PM, Chris H > wrote: > > > I should have no trouble > introducing > Wireguard to the ports system today. I'm not a native fluent speaker of FreeBSDese, but my understanding is: > > a) Bernhard committed the two new packages to > ports today. > > b) If you update ports with portsnap, you can build them > locally. >> c) If you run `pkg install wireguard`, it fails because the build > > > servers haven't gotten to them and won't for several days. > > > > > Does your statement about "introducing WireGuard to the ports system" > > mean > that you intend to rectify (c) immediately, so we don't have to > > wait > several days for the build snapshot scripts to tick in cron? Or > > is it > mostly just related to not realizing (a)? > Sigh... > It was my understanding > that when I stepped up to adopt WireGuard, > and your ack to that. That *I* > would be adding the port. I wasn't able > to produce the port that same, or > next day, as I am already Maintainer > for nearly 150 ports. I have no > trouble with that list, except that > clang/llvm v5, and shortly after v6 > became the default versions in $BASE. > Which introduced a few pr(1)'s I needed > to deal with. > Now all the time I have spent researching, and staging to > build the port > have been laid to waste. Apparently you rescinded, and gave it > to Bernhard. > This project doesn't feel like a good match to me. > No > hard feelings, Bernhard. Have fun with the port. >>> Hi Chris, >>> >>> I'm sorry that I was confusing people which was really not my intention. I >>> have also seen your ACK to create the ports and replied to you in private >>> to >>> offer my help. Then I joined in IRC and just wanted to get an idea how far >>> the FreeBSD support was. I ended up creating two very rough ports which >>> did >>> build but not pass poudriere and called it a day. I also did send you and >>> the >>> list a mail to avoid duplicate work - and hoped you take it as a base. >>> >>> But I did not get any reply on the next day so I kept going and finished >>> the >>> ports yesterday with some good help from upstream. >>> >>> Sorry for how that developed but I hoped you get in contact with either me >>> or >>> upstream which neither happened. We usually do not have the problem that >>> too >>> many people want to help out so I did not expect that this will be a >>> problem >>> for anyone. >> >> Ahem. OK thank you for the kind words, and intentions, Bernhard. Like I >> said; >> no hard feelings. If you've already gotten that far. You might as well >> finish. >> FWIW while you *did* indeed shoot me, and the list a couple of notes. I was >> never under the impression you were going to take it so far. Which >> *ultimately* >> left everyone concerned believing *you* were going to maintain it. >> I only mention it, in hopes all of us might use the --verbose switch in the >> future, in hopes of avoiding this sort of nonsense. :-) :-) >> >> Thanks again, Bernhard! >> >> --Chris >> >> P.S. just in case it wasn't clear; feel free to finish, and submit your >> work. >> P.P.S. Just so you (and everyone else) knows; I'm already working on the >> kernel module. Please keep in touch, should you also be interested, and > have >> any work of your own. > > Hi chris, > > to be crystal clear about that. My motivation is not to be maintainer > of any specific > port or anything like that but only to have technology available on > FreeBSD that I > personally need and/or want. > > Usually for more complex ports this did lead to team efforts on our porting > work > which was also what I did expect to happen for wireguard. Well it > turned out to be > easier than thought and upstream was also very helpful so in the end > that was more > like a one day of work effort to get the basic ports. > > Nevertheless I would still be very happy to increase the bus factor > and team up with > multiple people to maintain wireguard. I think there will be more work > to be done in the > near future for wireguard on FreeBSD where a team effort would speed > up things for > sure: > > - we need to support FreeNAS and pfsense to get it into their package > systems > - documentation is still needed because it differs a bit from upstream > documentation (Handbook page?) > - wireguard kernel module (can that work already
Re: WireGuard for FreeBSD
On 25.05.18 15:11, Bernhard Fröhlich wrote: On Fri, May 25, 2018 at 12:05 PM, Jan Bramkampwrote: On 25.05.18 09:29, Bernhard Fröhlich wrote: On Fri, May 25, 2018 at 12:24 AM, Chris H wrote: On Thu, 24 May 2018 22:16:42 +0200 "Bernhard Froehlich" said Am 24.05.2018 21:06 schrieb Chris H : On Thu, 24 May 2018 19:39:22 +0200 "Jason A. Donenfeld" said > Hi Chris, > > > > On Thu, May 24, 2018 at 3:38 PM, Chris H wrote: > > > I should have no trouble introducing Wireguard to the ports system today. I'm not a native fluent speaker of FreeBSDese, but my understanding is: > > a) Bernhard committed the two new packages to ports today. > > b) If you update ports with portsnap, you can build them locally. c) If you run `pkg install wireguard`, it fails because the build servers haven't gotten to them and won't for several days. > > > > Does your statement about "introducing WireGuard to the ports system" > > mean that you intend to rectify (c) immediately, so we don't have to > > wait several days for the build snapshot scripts to tick in cron? Or > > is it mostly just related to not realizing (a)? > Sigh... > It was my understanding that when I stepped up to adopt WireGuard, > and your ack to that. That *I* would be adding the port. I wasn't able > to produce the port that same, or next day, as I am already Maintainer > for nearly 150 ports. I have no trouble with that list, except that > clang/llvm v5, and shortly after v6 became the default versions in $BASE. > Which introduced a few pr(1)'s I needed to deal with. > Now all the time I have spent researching, and staging to build the port > have been laid to waste. Apparently you rescinded, and gave it to Bernhard. > This project doesn't feel like a good match to me. > No hard feelings, Bernhard. Have fun with the port. Hi Chris, I'm sorry that I was confusing people which was really not my intention. I have also seen your ACK to create the ports and replied to you in private to offer my help. Then I joined in IRC and just wanted to get an idea how far the FreeBSD support was. I ended up creating two very rough ports which did build but not pass poudriere and called it a day. I also did send you and the list a mail to avoid duplicate work - and hoped you take it as a base. But I did not get any reply on the next day so I kept going and finished the ports yesterday with some good help from upstream. Sorry for how that developed but I hoped you get in contact with either me or upstream which neither happened. We usually do not have the problem that too many people want to help out so I did not expect that this will be a problem for anyone. Ahem. OK thank you for the kind words, and intentions, Bernhard. Like I said; no hard feelings. If you've already gotten that far. You might as well finish. FWIW while you *did* indeed shoot me, and the list a couple of notes. I was never under the impression you were going to take it so far. Which *ultimately* left everyone concerned believing *you* were going to maintain it. I only mention it, in hopes all of us might use the --verbose switch in the future, in hopes of avoiding this sort of nonsense. :-) :-) Thanks again, Bernhard! --Chris P.S. just in case it wasn't clear; feel free to finish, and submit your work. P.P.S. Just so you (and everyone else) knows; I'm already working on the kernel module. Please keep in touch, should you also be interested, and have any work of your own. Hi chris, to be crystal clear about that. My motivation is not to be maintainer of any specific port or anything like that but only to have technology available on FreeBSD that I personally need and/or want. Usually for more complex ports this did lead to team efforts on our porting work which was also what I did expect to happen for wireguard. Well it turned out to be easier than thought and upstream was also very helpful so in the end that was more like a one day of work effort to get the basic ports. Nevertheless I would still be very happy to increase the bus factor and team up with multiple people to maintain wireguard. I think there will be more work to be done in the near future for wireguard on FreeBSD where a team effort would speed up things for sure: - we need to support FreeNAS and pfsense to get it into their package systems - documentation is still needed because it differs a bit from upstream documentation (Handbook page?) - wireguard kernel module (can that work already be seen somewhere? upstream will be interested for sure) - rc script(s) - the regular maintenance for the port The wireguard userspace tooling isn't that simple to use reliably. You have to spawn the wireguard-go process before the config can be loaded and it can die in the meantime and to you want to terminate it and destroy the tun interface if the config contains errors. Doing this without
Re: WireGuard for FreeBSD
On 24.05.18 13:07, Jason A. Donenfeld wrote: On Thu, May 24, 2018 at 12:43 PM, Jan Bramkampwrote: Did I understand correctly that both these ports are userspace implementations and have a similar per packet overhead to OpenVPN and fastd? Indeed they're userspace ports. Maybe down the line this will be ported to the FreeBSD kernel like we have on Linux. However, performance wise, even the userspace implementation seems to have better performance than OpenVPN in my testing. I tried wireguard-go on OpenBSD and FreeBSD. I want to use WireGuard as replacement for OpenVPN point to point tunnels with dynamic routing (OSPF, iBGP). Especially this requires the right interface flags for the tun interface. So far wireguard-go on *BSD configures the tun interfaces as multicast incapable, broadcast interface which confuses the OpenBSD OSPF daemon completely and doesn't make any sense for a point to point tunnel. I get that wireguard-go tries to fake point to multipoint support that way. Is there a better solution than changing the hardwired argument ioctl() in tun/tun_*bsd.go? ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On 25.05.18 09:29, Bernhard Fröhlich wrote: On Fri, May 25, 2018 at 12:24 AM, Chris Hwrote: On Thu, 24 May 2018 22:16:42 +0200 "Bernhard Froehlich" said Am 24.05.2018 21:06 schrieb Chris H : On Thu, 24 May 2018 19:39:22 +0200 "Jason A. Donenfeld" said > Hi Chris, > > > > On Thu, May 24, 2018 at 3:38 PM, Chris H wrote: > > > I should have no trouble introducing Wireguard to the ports system today. I'm not a native fluent speaker of FreeBSDese, but my understanding is: > > a) Bernhard committed the two new packages to ports today. > > b) If you update ports with portsnap, you can build them locally. c) If you run `pkg install wireguard`, it fails because the build > > servers haven't gotten to them and won't for several days. > > > > Does your statement about "introducing WireGuard to the ports system" > > mean that you intend to rectify (c) immediately, so we don't have to > > wait several days for the build snapshot scripts to tick in cron? Or > > is it mostly just related to not realizing (a)? > Sigh... > It was my understanding that when I stepped up to adopt WireGuard, > and your ack to that. That *I* would be adding the port. I wasn't able > to produce the port that same, or next day, as I am already Maintainer > for nearly 150 ports. I have no trouble with that list, except that > clang/llvm v5, and shortly after v6 became the default versions in $BASE. > Which introduced a few pr(1)'s I needed to deal with. > Now all the time I have spent researching, and staging to build the port > have been laid to waste. Apparently you rescinded, and gave it to Bernhard. > This project doesn't feel like a good match to me. > No hard feelings, Bernhard. Have fun with the port. Hi Chris, I'm sorry that I was confusing people which was really not my intention. I have also seen your ACK to create the ports and replied to you in private to offer my help. Then I joined in IRC and just wanted to get an idea how far the FreeBSD support was. I ended up creating two very rough ports which did build but not pass poudriere and called it a day. I also did send you and the list a mail to avoid duplicate work - and hoped you take it as a base. But I did not get any reply on the next day so I kept going and finished the ports yesterday with some good help from upstream. Sorry for how that developed but I hoped you get in contact with either me or upstream which neither happened. We usually do not have the problem that too many people want to help out so I did not expect that this will be a problem for anyone. Ahem. OK thank you for the kind words, and intentions, Bernhard. Like I said; no hard feelings. If you've already gotten that far. You might as well finish. FWIW while you *did* indeed shoot me, and the list a couple of notes. I was never under the impression you were going to take it so far. Which *ultimately* left everyone concerned believing *you* were going to maintain it. I only mention it, in hopes all of us might use the --verbose switch in the future, in hopes of avoiding this sort of nonsense. :-) :-) Thanks again, Bernhard! --Chris P.S. just in case it wasn't clear; feel free to finish, and submit your work. P.P.S. Just so you (and everyone else) knows; I'm already working on the kernel module. Please keep in touch, should you also be interested, and have any work of your own. Hi chris, to be crystal clear about that. My motivation is not to be maintainer of any specific port or anything like that but only to have technology available on FreeBSD that I personally need and/or want. Usually for more complex ports this did lead to team efforts on our porting work which was also what I did expect to happen for wireguard. Well it turned out to be easier than thought and upstream was also very helpful so in the end that was more like a one day of work effort to get the basic ports. Nevertheless I would still be very happy to increase the bus factor and team up with multiple people to maintain wireguard. I think there will be more work to be done in the near future for wireguard on FreeBSD where a team effort would speed up things for sure: - we need to support FreeNAS and pfsense to get it into their package systems - documentation is still needed because it differs a bit from upstream documentation (Handbook page?) - wireguard kernel module (can that work already be seen somewhere? upstream will be interested for sure) - rc script(s) - the regular maintenance for the port The wireguard userspace tooling isn't that simple to use reliably. You have to spawn the wireguard-go process before the config can be loaded and it can die in the meantime and to you want to terminate it and destroy the tun interface if the config contains errors. Doing this without ugly hacks isn't possible given the interfaces offered by wireguard-go. It would be really nice to be able to terminate
Re: WireGuard for FreeBSD
On Fri, May 25, 2018 at 12:24 AM, Chris Hwrote: > On Thu, 24 May 2018 22:16:42 +0200 "Bernhard Froehlich" > said > >> Am 24.05.2018 21:06 schrieb Chris H : >> > >> > On Thu, 24 May 2018 19:39:22 +0200 "Jason A. Donenfeld" >> > >> > said > >> > > Hi Chris, > > > > On Thu, May 24, 2018 at 3:38 PM, Chris H >> > > wrote: > > > I should have no trouble >> > > introducing >> > > Wireguard to the ports system today. >> > > > > > I'm not a native fluent speaker of FreeBSDese, but my >> > > > > > understanding is: > > a) Bernhard committed the two new packages >> > > > > > to ports >> > > > > > today. > > b) If you update ports with portsnap, you can build >> > > > > > them locally. >> > > > > > > > c) If you run `pkg install wireguard`, it fails because the >> > > > > > > > build > > >> > > > > > servers haven't gotten to them and won't for several days. > > > > >> > > > > > Does your >> > > > > > statement about "introducing WireGuard to the ports system" > > >> > > > > > mean that >> > > > > > you intend to rectify (c) immediately, so we don't have to > > >> > > > > > wait several >> > > > > > days for the build snapshot scripts to tick in cron? Or > > is it >> > > > > > mostly >> > > > > > just related to not realizing (a)? > Sigh... > It was my >> > > > > > understanding that >> > > > > > when I stepped up to adopt WireGuard, > and your ack to that. That >> > > > > > *I* would >> > > > > > be adding the port. I wasn't able > to produce the port that same, >> > > > > > or next >> > > > > > day, as I am already Maintainer > for nearly 150 ports. I have no >> > > > > > trouble >> > > > > > with that list, except that > clang/llvm v5, and shortly after v6 >> > > > > > became the >> > > > > > default versions in $BASE. > Which introduced a few pr(1)'s I >> > > > > > needed to deal >> > > > > > with. > Now all the time I have spent researching, and staging to >> > > > > > build the >> > > > > > port > have been laid to waste. Apparently you rescinded, and gave >> > > > > > it to >> > > > > > Bernhard. > This project doesn't feel like a good match to me. > >> > > > > > No hard >> > > > > > feelings, Bernhard. Have fun with the port. >> Hi Chris, >> >> I'm sorry that I was confusing people which was really not my intention. I >> have also seen your ACK to create the ports and replied to you in private >> to >> offer my help. Then I joined in IRC and just wanted to get an idea how far >> the FreeBSD support was. I ended up creating two very rough ports which >> did >> build but not pass poudriere and called it a day. I also did send you and >> the >> list a mail to avoid duplicate work - and hoped you take it as a base. >> >> But I did not get any reply on the next day so I kept going and finished >> the >> ports yesterday with some good help from upstream. >> >> Sorry for how that developed but I hoped you get in contact with either me >> or >> upstream which neither happened. We usually do not have the problem that >> too >> many people want to help out so I did not expect that this will be a >> problem >> for anyone. > > Ahem. OK thank you for the kind words, and intentions, Bernhard. Like I > said; > no hard feelings. If you've already gotten that far. You might as well > finish. > FWIW while you *did* indeed shoot me, and the list a couple of notes. I was > never under the impression you were going to take it so far. Which > *ultimately* > left everyone concerned believing *you* were going to maintain it. > I only mention it, in hopes all of us might use the --verbose switch in the > future, in hopes of avoiding this sort of nonsense. :-) :-) > > Thanks again, Bernhard! > > --Chris > > P.S. just in case it wasn't clear; feel free to finish, and submit your > work. > P.P.S. Just so you (and everyone else) knows; I'm already working on the > kernel module. Please keep in touch, should you also be interested, and have > any work of your own. Hi chris, to be crystal clear about that. My motivation is not to be maintainer of any specific port or anything like that but only to have technology available on FreeBSD that I personally need and/or want. Usually for more complex ports this did lead to team efforts on our porting work which was also what I did expect to happen for wireguard. Well it turned out to be easier than thought and upstream was also very helpful so in the end that was more like a one day of work effort to get the basic ports. Nevertheless I would still be very happy to increase the bus factor and team up with multiple people to maintain wireguard. I think there will be more work to be done in the near future for wireguard on FreeBSD where a team effort would speed up things for sure: - we need to support FreeNAS and pfsense to get it into their package systems - documentation is still needed because it differs a bit from upstream documentation (Handbook page?) -
Re: WireGuard for FreeBSD
On Thu, May 24, 2018 at 9:06 PM, Chris Hwrote: > On Thu, 24 May 2018 19:39:22 +0200 "Jason A. Donenfeld" > said > >> Hi Chris, >> >> On Thu, May 24, 2018 at 3:38 PM, Chris H wrote: >> > I should have no trouble introducing Wireguard to the ports system >> > today. >> >> I'm not a native fluent speaker of FreeBSDese, but my understanding is: >> a) Bernhard committed the two new packages to ports today. >> b) If you update ports with portsnap, you can build them locally. >> c) If you run `pkg install wireguard`, it fails because the build >> servers haven't gotten to them and won't for several days. >> >> Does your statement about "introducing WireGuard to the ports system" >> mean that you intend to rectify (c) immediately, so we don't have to >> wait several days for the build snapshot scripts to tick in cron? Or >> is it mostly just related to not realizing (a)? > > Sigh... > It was my understanding that when I stepped up to adopt WireGuard, > and your ack to that. That *I* would be adding the port. I wasn't able > to produce the port that same, or next day, as I am already Maintainer > for nearly 150 ports. I have no trouble with that list, except that > clang/llvm v5, and shortly after v6 became the default versions in $BASE. > Which introduced a few pr(1)'s I needed to deal with. > Now all the time I have spent researching, and staging to build the port > have been laid to waste. Apparently you rescinded, and gave it to Bernhard. > This project doesn't feel like a good match to me. > No hard feelings, Bernhard. Have fun with the port. (resend because the mailinglist blocked it) Hi Chris, I'm sorry that I was confusing people which was really not my intention. I have also seen your ACK to create the ports and replied to you in private to offer my help. Then I joined in IRC and just wanted to get an idea how far the FreeBSD support was. I ended up creating two very rough ports which did build but not pass poudriere and called it a day. I also did send you and the list a mail to avoid duplicate work - and hoped you take it as a base. But I did not get any reply on the next day so I kept going and finished the ports yesterday with some good help from upstream. Sorry for how that developed but I hoped you get in contact with either me or upstream which neither happened. We usually do not have the problem that too many people want to help out so I did not expect that this will be a problem for anyone. -- Bernhard Froehlich http://www.bluelife.at/ ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On Thu, 24 May 2018 19:39:22 +0200 "Jason A. Donenfeld"said Hi Chris, On Thu, May 24, 2018 at 3:38 PM, Chris H wrote: > I should have no trouble introducing Wireguard to the ports system today. I'm not a native fluent speaker of FreeBSDese, but my understanding is: a) Bernhard committed the two new packages to ports today. b) If you update ports with portsnap, you can build them locally. c) If you run `pkg install wireguard`, it fails because the build servers haven't gotten to them and won't for several days. Does your statement about "introducing WireGuard to the ports system" mean that you intend to rectify (c) immediately, so we don't have to wait several days for the build snapshot scripts to tick in cron? Or is it mostly just related to not realizing (a)? Sigh... It was my understanding that when I stepped up to adopt WireGuard, and your ack to that. That *I* would be adding the port. I wasn't able to produce the port that same, or next day, as I am already Maintainer for nearly 150 ports. I have no trouble with that list, except that clang/llvm v5, and shortly after v6 became the default versions in $BASE. Which introduced a few pr(1)'s I needed to deal with. Now all the time I have spent researching, and staging to build the port have been laid to waste. Apparently you rescinded, and gave it to Bernhard. This project doesn't feel like a good match to me. No hard feelings, Bernhard. Have fun with the port. All the best. --Chris Jason ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On Thu, 24 May 2018 09:15:28 +0200 "Bernhard Fröhlich"said On Thu, May 24, 2018 at 3:06 AM, Jason A. Donenfeld wrote: > We now have a release, so the full instructions for the packages are: > > 1. wireguard-tools, providing wg(8) and wg-quick(8) > Runtime dependencies: bash, wireguard-go > Buildtime dependencies: gmake, c compiler, libc > Build: gmake -C src/tools WITH_WGQUICK=yes > Install: gmake -C src/tools PREFIX=/usr/local install > URL: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20180524.tar.xz > > 2. wireguard-go > Runtime dependencies: libc > Buildtime dependencies: gmake, go, dep > Build: gmake > Install: gmake PREFIX=/usr/local install > URL: > https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-0.0.20180524.tar.xz > > I believe decke is already working on a port in his repository. Ports are already updated on github. I will do some final checks and expect to commit the wireguard ports to the official tree today. I should have no trouble introducing Wireguard to the ports system today. While I could have submitted it sooner. As the Maintainer of ~130 ports. It is not entirely unusual to have pr(1)'s to deal with. Especially with the introduction (updrade) of clang/llvm in $BASE to v.5, and now v.6. Thanks for your understanding. --Chris -- Bernhard Froehlich http://www.bluelife.at/ ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org" ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On Thu, May 24, 2018 at 12:43 PM, Jan Bramkampwrote: > Did I understand correctly that both these ports are userspace > implementations and have a similar per packet overhead to OpenVPN and fastd? Indeed they're userspace ports. Maybe down the line this will be ported to the FreeBSD kernel like we have on Linux. However, performance wise, even the userspace implementation seems to have better performance than OpenVPN in my testing. ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On 24.05.18 09:15, Bernhard Fröhlich wrote: On Thu, May 24, 2018 at 3:06 AM, Jason A. Donenfeldwrote: We now have a release, so the full instructions for the packages are: 1. wireguard-tools, providing wg(8) and wg-quick(8) Runtime dependencies: bash, wireguard-go Buildtime dependencies: gmake, c compiler, libc Build: gmake -C src/tools WITH_WGQUICK=yes Install: gmake -C src/tools PREFIX=/usr/local install URL: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20180524.tar.xz 2. wireguard-go Runtime dependencies: libc Buildtime dependencies: gmake, go, dep Build: gmake Install: gmake PREFIX=/usr/local install URL: https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-0.0.20180524.tar.xz I believe decke is already working on a port in his repository. Ports are already updated on github. I will do some final checks and expect to commit the wireguard ports to the official tree today. Did I understand correctly that both these ports are userspace implementations and have a similar per packet overhead to OpenVPN and fastd? ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On Thu, May 24, 2018 at 3:06 AM, Jason A. Donenfeldwrote: > We now have a release, so the full instructions for the packages are: > > 1. wireguard-tools, providing wg(8) and wg-quick(8) > Runtime dependencies: bash, wireguard-go > Buildtime dependencies: gmake, c compiler, libc > Build: gmake -C src/tools WITH_WGQUICK=yes > Install: gmake -C src/tools PREFIX=/usr/local install > URL: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20180524.tar.xz > > 2. wireguard-go > Runtime dependencies: libc > Buildtime dependencies: gmake, go, dep > Build: gmake > Install: gmake PREFIX=/usr/local install > URL: > https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-0.0.20180524.tar.xz > > I believe decke is already working on a port in his repository. Ports are already updated on github. I will do some final checks and expect to commit the wireguard ports to the official tree today. -- Bernhard Froehlich http://www.bluelife.at/ ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
We now have a release, so the full instructions for the packages are: 1. wireguard-tools, providing wg(8) and wg-quick(8) Runtime dependencies: bash, wireguard-go Buildtime dependencies: gmake, c compiler, libc Build: gmake -C src/tools WITH_WGQUICK=yes Install: gmake -C src/tools PREFIX=/usr/local install URL: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20180524.tar.xz 2. wireguard-go Runtime dependencies: libc Buildtime dependencies: gmake, go, dep Build: gmake Install: gmake PREFIX=/usr/local install URL: https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-0.0.20180524.tar.xz I believe decke is already working on a port in his repository. ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On Mon, May 21, 2018 at 11:35 PM, Jason A. Donenfeldwrote: > 2. wireguard-go > Runtime dependencies: none > Buildtime dependencies: gmake, go > Build: export GOPATH=$(pwd)/gopath; go get -d; gmake > Install: gmake PREFIX=/usr/local install > URL template: > https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-VERSION.tar.xz This has now been simplified slightly and uses proper vendoring of dependencies: Runtime dependencies: none Buildtime dependencies: gmake, go, dep Build: gmake Install: gmake PREFIX=/usr/local install URL template: https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-VERSION.tar.xz ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
Hi Bernhard, Thanks for this. Hopefully this will be good inspiration for Chris' research in making the official package. Chris -- one thing to note is that Bernhard used the "-master" tarballs, which aren't real tarballs and have changing unstable checksums, so you'll of course want to swap this out with real tarballs once released. Jason ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On Tue, May 22, 2018 at 2:33 AM, Outback Dingowrote: > to be honest, while it sounds nice, i for one would prefer to see a > kernel module ported to FreeBSD instead of userland > second to that, building a freebsd port of it is not all that hard, > however that being said, it also needs to be accepted > upstream and committed by a ports maintainer, while i can help with > creating it, i still feel a kernel module is a better fit I too would prefer this, and maybe at some point down the line I'll put some real time and effort into porting WireGuard from the Linux kernel to kFreeBSD. But it's not the case that it's "not that hard"; doing so will be a pretty serious undertaking. That's going to take a lot of time. Until that day arrives, what you speak of doesn't exist. What we have instead today is tons of hard work that's gone into bringing a userspace implementation. So please, don't derail the current efforts in favor of an effort that doesn't even exist at the moment. ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
Hi Chris, Wonderful! Feel free to poke me on IRC -- I'm zx2c4 in #wireguard on Freenode -- if you need any pointers in real time. Some odds and ends that might help: to have a tarball of the latest git master, you can use these links: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-master.tar.xz https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-master.tar.xz In a few days these will be released: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.201805XX.tar.xz https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-0.0.201805XX.tar.xz If you want to try setting up a quick tunnel using `wg-quick(8)`, you can use the demo server -- for testing purposes only; please don't use this for anything real -- via this simple script: https://git.zx2c4.com/WireGuard/plain/contrib/examples/ncat-client-server/client-quick.sh After it's up, you can try pinging 192.168.4.1 or visiting that in your browser. Looking forward, Jason ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: WireGuard for FreeBSD
On Mon, 21 May 2018 23:35:45 +0200 "Jason A. Donenfeld"said [cross-posted to the WireGuard mailing list] Hello FreeBSD Ports List, I'm the author of WireGuard [1], a secure network tunnel protocol [2] and a set of implementations of it. It was originally designed for the Linux kernel, but we're now beginning to have implementations for other platforms. Recently, parts of the Internet got excited [3] when we put a Darwin version in Homebrew. The last few days Brian (CC'd) and I have been working on getting an implementation running on FreeBSD, and things are coming along pretty smoothly. I'm not entirely familiar with the ports/pkg adding process, and so I was hoping to find somebody who is part of the FreeBSD community to adopt WireGuard and help maintain packages for it. I'm in! I'll start the necessary research now. Any additional pointers, and such you think may be helpful are greatly appreciated. Thanks, Jason! --Chris We currently have packages for many Linux distros [4], but FreeBSD will be the first open source BSD project. There are two packages to add: 1. wireguard-tools, providing wg(8) and wg-quick(8) Runtime dependencies: bash, wireguard-go Buildtime dependencies: gmake, c compiler, libc Build: gmake -C src/tools WITH_WGQUICK=yes Install: gmake -C src/tools PREFIX=/usr/local install URL template: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-VERSION.tar.xz 2. wireguard-go Runtime dependencies: none Buildtime dependencies: gmake, go Build: export GOPATH=$(pwd)/gopath; go get -d; gmake Install: gmake PREFIX=/usr/local install URL template: https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-VERSION.tar.xz For reference, these two packages in Homebrew look like this: https://github.com/Homebrew/homebrew-core/blob/master/Formula/wireguard-tools.rb https://github.com/Homebrew/homebrew-core/blob/master/Formula/wireguard-go.rb And for your horror, I've made a please-dont-pipe-like-that copy-and-paste install script: # curl https://xn--4db.cc/0BwTeeYe | sh That script won't work as-is at the moment, since I haven't yet tagged tarballs with FreeBSD support, but in the coming days, I'll tag one that has this latest FreeBSD code in it. (In the meantime, you can run `# curl https://xn--4db.cc/0BwTeeYe | sh /dev/stdin --master` to get it from git master.) I was hoping that in the time between now and then, we might find somebody willing and interested in packaging this properly. Does this sound fun to anyone? Best regards, Jason [1] https://www.wireguard.com/ [2] https://www.wireguard.com/papers/wireguard.pdf [3] http://latacora.singles/2018/05/16/there-will-be.html [4] https://www.wireguard.com/install/ ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org" ___ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"