Re: [ANNOUNCE] WireGuard Snapshot `0.0.20181007` Available

2018-10-09 Thread Sebastian Gottschall 
i do not use the defined master. i just checkout the git revisions 
defined by your snapshots. but since you release snapshots  2 times per 
week sometimes its still ends up on a heavy changing module
but that should not be the topic here. the topic is what leads wireguard 
to fail on his system. so we need to track down first which hardware he 
is using since i do support alot of devices with alot of different cpu 
platforms. so please stay on topic and do not speculate too much



Am 09.10.2018 um 21:18 schrieb Jason A. Donenfeld:

On Tue, Oct 9, 2018 at 6:30 PM Sebastian Gottschall
 wrote:

just to make sure. since i'm updating wireguard in dd-wrt very often to the 
latest state of art code from git.

Do not do this. Rather, use snapshots. If you're distributing builds
based on git master, you're putting your users at unnecessary risk.
The only safe and acceptable distribution of WireGuard is using the
latest snapshot tarball. When you use git master, you're not getting
the "latest state of art code", you're getting "jason's 5am
force-pushes and wacky ideas pre-codereview." On the other hand, when
you use snapshots, you're getting code that I've spent some time
reviewing and double checking to make sure it won't murder kittens and
related atrocities.


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Wireguard not coming up on DD-wrt

2018-10-09 Thread Jason A. Donenfeld 
On Tue, Oct 9, 2018 at 6:30 PM Sebastian Gottschall
 wrote:
>
> just to make sure. since i'm updating wireguard in dd-wrt very often to the 
> latest state of art code from git.

Do not do this. Rather, use snapshots. If you're distributing builds
based on git master, you're putting your users at unnecessary risk.
The only safe and acceptable distribution of WireGuard is using the
latest snapshot tarball. When you use git master, you're not getting
the "latest state of art code", you're getting "jason's 5am
force-pushes and wacky ideas pre-codereview." On the other hand, when
you use snapshots, you're getting code that I've spent some time
reviewing and double checking to make sure it won't murder kittens and
related atrocities.
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Wireguard not coming up on DD-wrt

2018-10-09 Thread Sebastian Gottschall 
just to make sure. since i'm updating wireguard in dd-wrt very often to 
the latest state of art code from git. which dd-wrt version did you use 
for establishing the connection?


did you also take care about usual firewall problems? by default the the 
firewall is closed on wan, so no inbound connection is possible



Sebastian

Am 09.10.2018 um 17:06 schrieb Dennis van J.:


Hi all,

I have setup Wireguard on a Gentoo box, compiled it into the kernel 
using instructions on the wireguard website. Got my mobile to connect 
using 4G to this box fine, so I wanted to test further with a friend 
of mine who has a DD-wrt installation on his router. Wireguard is 
integrated into the DD-wrt build, we set it up, but the tunnel does 
not come up. On the server I only see this:


Oct  9 16:45:34 omega kernel: [178809.449718] wireguard: wg0: 
Receiving handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:34 omega kernel: [178809.449721] wireguard: wg0: Sending 
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:34 omega kernel: [178809.450130] wireguard: wg0: Keypair 
32179 destroyed for peer 10
Oct  9 16:45:34 omega kernel: [178809.450131] wireguard: wg0: Keypair 
32180 created for peer 10
Oct  9 16:45:39 omega kernel: [178814.519668] wireguard: wg0: 
Receiving handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:39 omega kernel: [178814.519671] wireguard: wg0: Sending 
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:39 omega kernel: [178814.520062] wireguard: wg0: Keypair 
32180 destroyed for peer 10
Oct  9 16:45:39 omega kernel: [178814.520063] wireguard: wg0: Keypair 
32181 created for peer 10
Oct  9 16:45:44 omega kernel: [178819.579701] wireguard: wg0: 
Receiving handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:44 omega kernel: [178819.579704] wireguard: wg0: Sending 
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:44 omega kernel: [178819.580094] wireguard: wg0: Keypair 
32181 destroyed for peer 10
Oct  9 16:45:44 omega kernel: [178819.580095] wireguard: wg0: Keypair 
32182 created for peer 10
Oct  9 16:45:50 omega kernel: [178824.910142] wireguard: wg0: 
Receiving handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:50 omega kernel: [178824.910145] wireguard: wg0: Sending 
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:50 omega kernel: [178824.910535] wireguard: wg0: Keypair 
32182 destroyed for peer 10
Oct  9 16:45:50 omega kernel: [178824.910536] wireguard: wg0: Keypair 
32183 created for peer 10
Oct  9 16:45:55 omega kernel: [178829.950001] wireguard: wg0: 
Receiving handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:55 omega kernel: [178829.950003] wireguard: wg0: Sending 
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:55 omega kernel: [178829.950406] wireguard: wg0: Keypair 
32183 destroyed for peer 10
Oct  9 16:45:55 omega kernel: [178829.950407] wireguard: wg0: Keypair 
32184 created for peer 10


Port on the server is open (since the 4G test works). We can reach the 
22300 port on his side. Checked the pub/private keys as well.


wg show on server:

interface: wg0
  public key: 
  private key: (hidden)
  listening port: 51820

peer: 
  endpoint: x.200.39.x:8971
  allowed ips: 0.0.0.0/0
  latest handshake: 8 hours, 1 minute, 43 seconds ago
  transfer: 384.24 KiB received, 2.74 MiB sent

peer: 
  endpoint: x.169.86.x:22300
  allowed ips: 192.168.1.0/24, 10.100.0.3/32
  transfer: 2.00 MiB received, 1.24 MiB sent

On DD-wrt router:

interface: oet1
  public key: 
  private key: (hidden)
  listening port: 22300

peer: 
  endpoint: x.197.199.x:51820
  allowed ips: 0.0.0.0/0
  transfer: 0 B received, 777.43 KiB sent
  persistent keepalive: every 25 seconds

We are trying to get logging to work on that DD-wrt box, that should 
contain some more clues but maybe any of you have an idea?


Cheers,

Dennis



___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Wireguard not coming up on DD-wrt

2018-10-09 Thread Dennis van J. 
Hi all,

I have setup Wireguard on a Gentoo box, compiled it into the kernel
using instructions on the wireguard website. Got my mobile to connect
using 4G to this box fine, so I wanted to test further with a friend of
mine who has a DD-wrt installation on his router. Wireguard is
integrated into the DD-wrt build, we set it up, but the tunnel does not
come up. On the server I only see this:

Oct  9 16:45:34 omega kernel: [178809.449718] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:34 omega kernel: [178809.449721] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:34 omega kernel: [178809.450130] wireguard: wg0: Keypair
32179 destroyed for peer 10
Oct  9 16:45:34 omega kernel: [178809.450131] wireguard: wg0: Keypair
32180 created for peer 10
Oct  9 16:45:39 omega kernel: [178814.519668] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:39 omega kernel: [178814.519671] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:39 omega kernel: [178814.520062] wireguard: wg0: Keypair
32180 destroyed for peer 10
Oct  9 16:45:39 omega kernel: [178814.520063] wireguard: wg0: Keypair
32181 created for peer 10
Oct  9 16:45:44 omega kernel: [178819.579701] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:44 omega kernel: [178819.579704] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:44 omega kernel: [178819.580094] wireguard: wg0: Keypair
32181 destroyed for peer 10
Oct  9 16:45:44 omega kernel: [178819.580095] wireguard: wg0: Keypair
32182 created for peer 10
Oct  9 16:45:50 omega kernel: [178824.910142] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:50 omega kernel: [178824.910145] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:50 omega kernel: [178824.910535] wireguard: wg0: Keypair
32182 destroyed for peer 10
Oct  9 16:45:50 omega kernel: [178824.910536] wireguard: wg0: Keypair
32183 created for peer 10
Oct  9 16:45:55 omega kernel: [178829.950001] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct  9 16:45:55 omega kernel: [178829.950003] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct  9 16:45:55 omega kernel: [178829.950406] wireguard: wg0: Keypair
32183 destroyed for peer 10
Oct  9 16:45:55 omega kernel: [178829.950407] wireguard: wg0: Keypair
32184 created for peer 10

Port on the server is open (since the 4G test works). We can reach the
22300 port on his side. Checked the pub/private keys as well.

wg show on server:

interface: wg0
  public key: 
  private key: (hidden)
  listening port: 51820

peer: 
  endpoint: x.200.39.x:8971
  allowed ips: 0.0.0.0/0
  latest handshake: 8 hours, 1 minute, 43 seconds ago
  transfer: 384.24 KiB received, 2.74 MiB sent

peer: 
  endpoint: x.169.86.x:22300
  allowed ips: 192.168.1.0/24, 10.100.0.3/32
  transfer: 2.00 MiB received, 1.24 MiB sent

On DD-wrt router:

interface: oet1
  public key: 
  private key: (hidden)
  listening port: 22300

peer: 
  endpoint: x.197.199.x:51820
  allowed ips: 0.0.0.0/0
  transfer: 0 B received, 777.43 KiB sent
  persistent keepalive: every 25 seconds

We are trying to get logging to work on that DD-wrt box, that should
contain some more clues but maybe any of you have an idea?

Cheers,

Dennis


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: about wireguard-go

2018-10-09 Thread Brian Candler 

On 09/10/2018 11:00, wireguard-requ...@lists.zx2c4.com wrote:

In fact :

[nicolas@linux wireguard-go-0.0.20180613]$ printf 'package main\nconst
UseTheKernelModuleInstead = 0xdeadbabe\n' > ireallywantobuildon_linux.go
[nicolas@linux wireguard-go-0.0.20180613]$ make
Makefile:7: *** Do not build this for Linux. Instead use the Linux kernel
module. See wireguard.com/install/ for more info..  Stop.


Look in the Makefile 
:


ifeq ($(shell go env GOOS),linux)
ifeq ($(wildcard .git),)
$(error Do not build this for Linux. Instead use the Linux kernel 
module. See wireguard.com/install/ for more info.)

else
$(shell printf 'package main\nconst UseTheKernelModuleInstead = 
0xdeadbabe\n' > ireallywantobuildon_linux.go)

endif
endif

Also see 
https://www.gnu.org/software/make/manual/html_node/Wildcard-Function.html


It looks like you need to move the .git directory out of the way before 
you build - or just modify the Makefile. And you shouldn't need to 
manually create ireallywantobuildon_linux.go, because the Makefile does 
it for you.


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: about wireguard-go

2018-10-09 Thread KeXianbin(http://diyism.com) 
Some hint here:
https://gist.github.com/diyism/60aa6ca24df772a4928f1aced65e72ee#file-bargeos-on-digitalocean-L40

On Tue, Oct 9, 2018 at 5:14 PM, nicolas prochazka <
prochazka.nico...@gmail.com> wrote:

> Hello,
> We need to compile wireguard-go on linux, because we are using a closed
> linux, under we cannot compile module,
> how can we do ? make on wireguard-go tells us that is not recommend on
> linux
>
> Regards,
> Nicolas Prochazka
>
> ___
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

about wireguard-go

2018-10-09 Thread nicolas prochazka 
Hello,
We need to compile wireguard-go on linux, because we are using a closed
linux, under we cannot compile module,
how can we do ? make on wireguard-go tells us that is not recommend on linux

Regards,
Nicolas Prochazka
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard