Re: IS-IS routing protocol

2019-08-12 Thread Lucian Cristian 

On 12.08.2019 22:01, Rouven Czerwinski wrote:

Hi,

Lucian Cristian  writes:


Has anyone managed to configure IS-IS routing with wireguard interfaces ?

I've added multicast address to AllowedIPs (AllowedIPs=224.0.0.0/24) but
when I activate ip router isis on the wireguard interface, tcpdump only
shows: unknown ip 8

expecting to see something like L1 Lan IIH, hlen: 27, v: 1, pdu-v: 1,
sys-id-len: 6 (0), max-area: 3 (0)

or

L2 Lan IIH, hlen: 27, v: 1, pdu-v: 1, sys-id-len: 6 (0), max-area: 3 (0)

IS-IS uses layer 2 while wireguard only provides layer 3 connectivity.
IS-IS will not work over wireguard.

Regards,
Emantor
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


Is what I feared, thank you !

Lucian

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

IS-IS routing protocol

2019-08-12 Thread Lucian Cristian 

Has anyone managed to configure IS-IS routing with wireguard interfaces ?

I've added multicast address to AllowedIPs (AllowedIPs=224.0.0.0/24) but 
when I activate ip router isis on the wireguard interface, tcpdump only 
shows: unknown ip 8


expecting to see something like L1 Lan IIH, hlen: 27, v: 1, pdu-v: 1, 
sys-id-len: 6 (0), max-area: 3 (0)


or

L2 Lan IIH, hlen: 27, v: 1, pdu-v: 1, sys-id-len: 6 (0), max-area: 3 (0)


OSPF, RIP, EIGRP are working fine

Thanks!

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: WireGuard Bug?

2019-05-18 Thread Lucian Cristian 

On 17.05.2019 09:34, . . wrote:

Hi,

I am using WireGuard on a Raspberry Pi 3 B+ with Raspbian Stretch and 
4.14.98-v7+ kernel.
Now this works great for me and is very efficient, however I tried to 
add a lot of routes on one of the "spoke/client" nodes, 517 routes to 
be exact.
If I do this, WireGuard stops working, tcpdump shows the traffic being 
sent out the wg0 interface but never actually being processed by 
wireguard, meaning the encapsulated packet to the "hub" never leaves.


So I tried doing this with wg instead of wg-quick and this works fine 
until I actually add a lot of the routes to the routing table, the 
sweet spot seems to be 384. If 383 routes are present in the routing 
table, wg will still work but if I add one more, all previously 
working ones dont anymore, if I reduce it again to <=383 then it 
starts working again. wg itself doesnt mind having all those routes 
(wg show) but I wonder if it tries to read the routing table as well 
for some reason?


Appreciate any insight/help on this, thanks.
Chris



___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


did you tried using dynamic routing ? or it can't be applied ? I have 
262 routes available so can't confirm if dynamic routing will work



Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Load Balancing and policy routing with Wireguard

2019-02-17 Thread Lucian Cristian 

On 09.02.2019 11:20, Alexago wrote:

Hi,

actually I use on my router (OpenWRT) two OpenVPN connections and one 
Wireguard connection (all VPN connections are client) over my WAN 
connection (1Gbps/500Mbps) with 2 different VPN providers (Mullvad and 
IVPN): for policy routing and load balancing, with these connections, 
I use MWAN3 package.


MWAN3 is useful to choose

  * VPN connection based on source or destination address, port, for
example
  * load balancing two or more VPN connections, based on source,
destination and port, for example

Now I would like to switch my two OpenVPN connections to Wireguard, so 
I would like to have three simultaneous Wireguard connections 
(obviously with 3 different Wireguard servers).


My problem is how to use simultaneous Wireguard connections (with 
allowed ips =0.0.0.0/0) and to leave to external package (like MWAN3) 
to choose routing policy and also load balancing.


I tried to configure two Wireguard connections but only one of these 
goes online, the other one is always offline: I think problem is 
multiple "0.0.0.0/0" allowed IPs.


Can you help me?

Thanks






___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


use another "server" port for the second vpn

Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wireguard dkms systemd

2018-10-21 Thread Lucian Cristian 

On 21.10.2018 15:12, Jordan Glover wrote:

‐‐‐ Original Message ‐‐‐
On Saturday, October 20, 2018 10:59 PM, Lucian Cristian  
wrote:


updating the wireguard module on systemd based linux gives

Warning: The unit file, source configuration file or drop-ins of
wg-quick@wg0.service changed on disk. Run 'systemctl daemon-reload' to
reload units.
Sleeping 3 seconds...


This has nothing to do with dkms. Systemd units are part of
wireguard-tools package.


can this be fixed int the restart script ?


There isn't a "restart script" in any wireguard package.


the tunnel won't come up if the unit is not reloaded


Then reload it. You have exact command printed.


Thank you !

Jordan


ubuntu,

is an annoyance to restart it manually, if you are inside the vpn, you 
can't do it, I thought that there is a restart script at package update..



Regards
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

wireguard dkms systemd

2018-10-20 Thread Lucian Cristian 

updating the wireguard module on systemd based linux gives

Warning: The unit file, source configuration file or drop-ins of 
wg-quick@wg0.service changed on disk. Run 'systemctl daemon-reload' to 
reload units.

Sleeping 3 seconds...

can this be fixed int the restart script ?

the tunnel won't come up if the unit is not reloaded

Thank you !

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: src/crypto/curve25519-x86_64.h:1319: Error: no such instruction while compiling in centos 6

2018-07-03 Thread Lucian Cristian 

On 03.07.2018 11:59, Vbook A1 wrote:

WARNING: if you want to use ELrepo kernel - make sure your server does
not have the Matrox G200 series video card! CentOS 6.x with kernel 4.x
will not boot on Matrox GPU.

On Tue, Jun 26, 2018 at 1:10 PM, Lucian Cristian  wrote:

On 26.06.2018 05:57, karthik kumar wrote:

Hi,
   I did see the yum repo already being there RPMs available. But we use only
centos 6 and are desperately looking for alternate of strongswan :(
Is there any other suggestion for me, other than Centos 7 ? Is it worth
trying to rebuild the kernel with 8.1 gcc ? Is there an option like
--without-elliptic-curve that I can use ?

Thanks

On Tue, Jun 26, 2018 at 5:58 AM Jason A. Donenfeld  wrote:

Hello,

Please use CentOS 7.

Jason



___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

search the mailing list, I proposed a patch for centos 6, see if it's
working, but you have to use elrepo kernels
http://elrepo.org/linux/kernel/el6/x86_64/RPMS/


Regards


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


I don't remember having trouble on a fujitsu rx300 with

10:05.0 VGA compatible controller: Matrox Electronics Systems Ltd. MGA 
G200e [Pilot] ServerEngines (SEP1) (rev 02)


but I've updated since then

Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

some mips iperf3 tests

2018-06-28 Thread Lucian Cristian 
If someone needs an image about the speed of wireguard on mips 4.14.52 
kernel these are some values made with iperf3 (but the "server" is the 
infamous version 0.0.20180620)



[    0.00] SoC: Qualcomm Atheros QCA9533 ver 1 rev 1
[    0.00] CPU clock: 550.000 MHz

Max down 37.4 Mbits/sec
Max up   53.7 Mbits/sec

[    0.00] SoC: Qualcomm Atheros QCA956X ver 1 rev 0
[    0.00] CPU clock: 775.000 MHz

Max down  82.8 Mbits/sec
Max up    73.6 Mbits/sec

Regards


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: On redhat 7.4 wireguard not working

2018-04-19 Thread Lucian Cristian 

On 19.04.2018 16:19, Lucian Cristian wrote:

On 19.04.2018 01:01, Vikas wrote:

Just when I thought it worked here are more problems:

The steps I followed were:

1. wget 
https://rpmfind.net/linux/fedora/linux/releases/25/Everything/x86_64/os/Packages/i/iproute-4.6.0-1.fc25.x86_64.rpm


2. yum install iproute-4.6.0-1.fc25.x86_64.rpm

I installed from fc25 since rhel7 does not have an upgraded iproute 
package.


3. After installing the iproute 4.6 I do NOT get the error message:

"Error: argument "suppress_prefixlength" is wrong: Failed to parse 
rule type"


4. ifconfig shows the wg0 interface.

5. After approx 2 minutes my ssh connection to the machine over the 
LAN (eth0) gets disconnected.


6. When I ssh back in to the machine, ifconfig does not show the wg0 
interface.



Please help :(



--
VK

On Wed, Apr 18, 2018 at 2:33 PM, Vikas <kedia.vi...@gmail.com 
<mailto:kedia.vi...@gmail.com>> wrote:

>
> Thank you Jason. Your response is very appreciated along with your 
work on the wireguard project.

>
> 1. Is there a minimum version of iproute2 that is needed?
>
> 2. Can that be mention in the dependency.
>
> 3. I installed from source and from the suggested rpm method at 
https://www.wireguard.com/install/ would it be possible to check for 
version for iproute2 and fail with a error message,

>
> Regards,
>
> Vikas
>
>
>
> --
> VK
>
> On Wed, Apr 18, 2018 at 2:10 PM, Jason A. Donenfeld 
<ja...@zx2c4.com <mailto:ja...@zx2c4.com>> wrote:

>>
>> You need a newer version of iproute2.
>
>


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


get the src.rpm and build it on rhel, the rpm binary from fedora 
should not work and probably is not working


Regards



___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


more info https://wiki.centos.org/HowTos/RebuildSRPM

Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: On redhat 7.4 wireguard not working

2018-04-19 Thread Lucian Cristian 

On 19.04.2018 01:01, Vikas wrote:

Just when I thought it worked here are more problems:

The steps I followed were:

1. wget 
https://rpmfind.net/linux/fedora/linux/releases/25/Everything/x86_64/os/Packages/i/iproute-4.6.0-1.fc25.x86_64.rpm


2. yum install iproute-4.6.0-1.fc25.x86_64.rpm

I installed from fc25 since rhel7 does not have an upgraded iproute 
package.


3. After installing the iproute 4.6 I do NOT get the error message:

"Error: argument "suppress_prefixlength" is wrong: Failed to parse 
rule type"


4. ifconfig shows the wg0 interface.

5. After approx 2 minutes my ssh connection to the machine over the 
LAN (eth0) gets disconnected.


6. When I ssh back in to the machine, ifconfig does not show the wg0 
interface.



Please help :(



--
VK

On Wed, Apr 18, 2018 at 2:33 PM, Vikas > wrote:

>
> Thank you Jason. Your response is very appreciated along with your 
work on the wireguard project.

>
> 1. Is there a minimum version of iproute2 that is needed?
>
> 2. Can that be mention in the dependency.
>
> 3. I installed from source and from the suggested rpm method at 
https://www.wireguard.com/install/ would it be possible to check for 
version for iproute2 and fail with a error message,

>
> Regards,
>
> Vikas
>
>
>
> --
> VK
>
> On Wed, Apr 18, 2018 at 2:10 PM, Jason A. Donenfeld > wrote:

>>
>> You need a newer version of iproute2.
>
>


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


get the src.rpm and build it on rhel, the rpm binary from fedora should 
not work and probably is not working


Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Bird OSPF Problems

2018-04-16 Thread Lucian Cristian 

On 16.04.2018 13:31, Zsolt Hegyi wrote:

Hi Cedric,

As far as I know, wireguard doesn't support multicasts yet, which OSPF 
uses for neighbor discovery. The reason why BGP works is because it 
uses unicast TCP packets as means of communication.


To get around this, try telling BIRD that your wireguard interface is 
an NBMA network (or a point-to-point link).


vista

On Mon, 16 Apr 2018, 11:27 cedric Kienzler, > wrote:


Hey List,

i'm currently facing issues with OSPF over the wireguard tunnel.

I use both, IPv4 and IPv6 and everything works fine. I can ping
through the tunnel, traffic flows perfectly, but when i try to
configure OSPF using the Bird routing daemon, i didn't even see a
HELLO message. Also when trying to list the interface using 'show
ospf interfaces' i didn't even see the Interface.

For IPv6 i use 2a03 as prefix.
Should i configure multicast IPv6 (fe80::) on the interface too to
get OSPF working?

Interesting fact: BGB using Bird works just fine.

Anyone here that could help me?


Thanks a lot.

Best regards,
Cedi
___
WireGuard mailing list
WireGuard@lists.zx2c4.com 
https://lists.zx2c4.com/mailman/listinfo/wireguard



___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


I have something like this (but with frr/quagga)


router ospf
ospf router-id 172.16.223.2
network 192.168.123.0/24 area 1
network 172.16.223.0/24 area 1

172.16.223.2 being the wg0 local interface

Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: ssh console hang

2018-04-05 Thread Lucian Cristian 

On 05.04.2018 09:44, Lucian Cristian wrote:
Starting some time ago I get ssh console hangs when the screen is 
displaying lots of data (cat large file, compile something with lots 
of verbosity) I tried lowering the MTU of wg interface to 1380 or the 
MTU of the host but it's not helping. What can I try to do ?
I observed that the hang started to happen after I changed the routing 
protocol on the interface from RIP to OSPF, can this affect it because 
I don't see why it should ?

the topology is like this:
windows client - openwrt wg "client" (OSPF) - ubuntu wg "server" 
(OSPF) - cisco switch - VM linux host


Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


For the moment seems that moving to OSPF was the problem, the ubuntu 
server has multiple vlans and OSPF was listening on all of them and the 
routes were going randomly by the wrong path


Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

ssh console hang

2018-04-05 Thread Lucian Cristian 
Starting some time ago I get ssh console hangs when the screen is 
displaying lots of data (cat large file, compile something with lots of 
verbosity) I tried lowering the MTU of wg interface to 1380 or the MTU 
of the host but it's not helping. What can I try to do ?
I observed that the hang started to happen after I changed the routing 
protocol on the interface from RIP to OSPF, can this affect it because I 
don't see why it should ?

the topology is like this:
windows client - openwrt wg "client" (OSPF) - ubuntu wg "server" (OSPF) 
- cisco switch - VM linux host


Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Qualcomm Shortcut Forwarding Engine

2017-11-29 Thread Lucian Cristian 

Hi

Not sure if you can do something about this, I started to test this 
option for accelerated speed on NAT module (fast path) and I don't 
understand why is bothering the wireguard VPN, it should be active only 
on NAT connections.


The problem is strange, the iperf3 speed test will do about ~300 mb/s on 
WRT3200ACM router in bot direction (I think is my ISP limit for the two 
peers) but if I want to make an SCCP/SIP phone call it will not always 
connect or there will be some delay in doing it, also remote desktop 
will disconnect and reconnect every ~5 seconds.


There is no NAT in the VPN, everything is routed by zebra deamon.

this is the forum discussion: 
https://forum.lede-project.org/t/qualcomm-fast-path-for-lede/4582


this is the PR for LEDE : https://github.com/lede-project/source/pull/1269

Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: LibreCMC Wireguard Issue

2017-11-25 Thread Lucian Cristian 

On 25.11.2017 13:38, xx xxx wrote:

I have a Thinkpenguin TPE R1100 Router with a Librecmc snapshot dated 13 Nov 
2017 installed.
I've run "opkg update" and then unsuccessfully tried to install Wireguard 
[Luci-proto-wireguard} via both the cli and wui. In both cases I get the following errors:
root@libreCMC:~# opkg install luci-proto-wireguard
Installing luci-proto-wireguard (git-17.290.15350-38115e8-1) to root...
Downloading 
https://librecmc.org/librecmc/downloads/snapshots/v1.4.1/packages/mips_24kc/base/luci-proto-wireguard_git-17.290.15350-38115e8-1_all.ipk
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies for 
luci-proto-wireguard:
* kernel (= 4.4.87-1-4da53cbca65b7f25a04fcf5e4f6404a0) * kernel (= 
4.4.87-1-4da53cbca65b7f25a04fcf5e4f6404a0) * kernel (= 
4.4.87-1-4da53cbca65b7f25a04fcf5e4f6404a0) * kernel (= 
4.4.87-1-4da53cbca65b7f25a04fcf5e4f6404a0) *
* opkg_install_cmd: Cannot install package luci-proto-wireguard.

Any ideas how to resolve?
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


try to use  opkg install luci-proto-wireguard --force-reinstall 
--force-depends


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick add_route

2017-10-27 Thread Lucian Cristian 

On 27.10.2017 22:48, Jason A. Donenfeld wrote:

Hey Lucian,

If you're using WireGuard for real purposes and not just for a quick
"turn it on turn it off" situation with a remote endpoint, then
wg-quick probably isn't the right tool for you. Instead, I think
you'll be better off just calling wg(8) and ip(8) normally.

The usage of WireGuard in general is supposed to be trivial enough
that you can script this without too much fuss. After all, wg-quick
itself is just a silly little bash script trivially wrapping some
common functionality.

I think if we go down the road of adding a nob for every possible
configuration, you'll wind up having to spend time learning about
which nobs map to which sequence of commands, which will be more
complex than just doing it yourself.

So, I think probably I wouldn't accept such a patch, and you'd be
better off just scripting 4 lines yourself:

ip link add wg0 type wireguard
wg setconf wg0 path/to/conf.conf
ip addr add 10.0.0.1/24 dev wg0
ip link set wg0 up

Especially if you're using rip+eigrp, you already know what you're
doing, and this shouldn't be too difficult for you.

I'm happy to bikeshed this if you'd like; other opinions are always
interesting. But my initial instinct is that needless complexity is
needless.

Jason


I Jason, I just liked how systemd integrated with wg-quick that's why I 
used it and if things are already this way in LEDE then why not have it 
in here too


if is not gonna happen is your call and I accept i but is just and if to 
the bash script, nothing in the core system


Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Fwd: wg-quick add_route

2017-10-27 Thread Lucian Cristian 

coming back with this

is ok if I make a patch to add an option for this situation ?

keep the default as it is and if the let's say NOT_DEFAULT=true, to skip 
the add_route or something like this


Regards!
 Forwarded Message 
Subject:wg-quick add_route
Date:   Wed, 12 Jul 2017 20:53:01 +0300
From:   Lucian Cristian <l...@createc.ro>
To: 	WireGuard mailing list <wireguard@lists.zx2c4.com>, jason A. 
Donenfeld <ja...@zx2c4.com>




Hi Jason,

I'm using wireguard in some mixed topology and until now I've had LEDE
routers as clients but now I would like to add some CENTOS(and other
distros) clients too.

On LEDE there is an option "Create routes for Allowed IPs for this peer"
that is off by default, but in wg-quick this thing is not optional and
the routes are created by default, so if I would like to allow
10.0.0.0/8 it would create default route for all 10.0.0.0/8 to wg
interface and I don't want that.

I would like to use dynamic routing (rip+eigrp) for routing, if you
could add an entry to peers not to add default route to allowed ip would
be great

until then I've disabled add_route rule in the script

Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Module verification failed

2017-09-04 Thread Lucian Cristian 

On 03.09.2017 05:52, DANG Fan wrote:
I built WireGuard from source, and I got "Module verification failed" 
message when I tried to run "wg-quick up".


Here is what I found in dmesg:

[   55.700967] wireguard: module verification failed: signature and/or 
required key missing - tainting kernel
[   55.701390] wireguard: WireGuard 0.0.20170810 loaded. See 
www.wireguard.com  for information.
[   55.701391] wireguard: Copyright (C) 2015-2017 Jason A. Donenfeld 
>. All Rights Reserved.


ffs@server:~$ uname -a
Linux server 4.4.0-93-generic #116-Ubuntu SMP Fri Aug 11 21:17:51 UTC 
2017 x86_64 x86_64 x86_64 GNU/Linux


Thanks!


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


you have to add the driver to kernel sources and build the whole kernel 
to not get this warning, is a new policy from kernel



Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: fix centos 6 compile

2017-06-27 Thread Lucian Cristian 

On 27.06.2017 23:59, Jason A. Donenfeld wrote:

Isn't EL6 still on 2.6.32, which is far away from the 3.10 that
WireGuard requires? In that case you'll be running with a custom
kernel. Why can't you just update your gcc from the same external
repo, at the same time?

I just backported to EL7.3 and felt nauseous the whole time. Not sure
I have the stomach for EL6...


the elrepo kernel for centos 6 is mainline or LT

the kernel is compiled with gcc 4.4.7 and won't run modules compiled 
with newer gcc, the patch is only for older gcc support, not for kernel, 
I don't think that  anyone will complain updating to kernel 4.4+ on el6


the old approach was to compile the module with gcc 4.4.7 commenting the 
two lines in socket.c and after that to build the wg tools with gcc 4.8 
but with this patch the compile is straightforward


regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: fix centos 6 compile

2017-06-26 Thread Lucian Cristian 

just reminding of this as I didn't see any input about it
REHL 6 is EOL in 2020 and this is a minor change

Regards

On 19.06.2017 20:44, Lucian Cristian wrote:

centos 6 has gcc 4.4.7

with some minor modification and the updated kernel from elrepo this 
is working as it should



Regards



___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard



___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

fix centos 6 compile

2017-06-19 Thread Lucian Cristian 

centos 6 has gcc 4.4.7

with some minor modification and the updated kernel from elrepo this is 
working as it should



Regards

diff -aur WireGuard-0.0.20170613/src/socket.c 
WireGuard-0.0.20170613-cnt6/src/socket.c
--- WireGuard-0.0.20170613/src/socket.c 2017-06-13 01:18:14.0 +0300
+++ WireGuard-0.0.20170613/src/socket.c 2017-06-19 20:36:58.997018769 +0300
@@ -12,6 +12,9 @@
 #include 
 #include 
 #include 
+#define GCC_VERSION (__GNUC__ * 1 \
+   + __GNUC_MINOR__ * 100 \
+   + __GNUC_PATCHLEVEL__)
 
 static inline int send4(struct wireguard_device *wg, struct sk_buff *skb, 
struct endpoint *endpoint, u8 ds, struct dst_cache *cache)
 {
@@ -307,7 +310,10 @@
struct socket *new4 = NULL;
struct udp_port_cfg port4 = {
.family = AF_INET,
+/* Test for GCC > 4.4.7 */
+#if GCC_VERSION > 40407
.local_ip.s_addr = htonl(INADDR_ANY),
+#endif
.local_udp_port = htons(wg->incoming_port),
.use_udp_checksums = true
};
@@ -316,7 +322,10 @@
struct socket *new6 = NULL;
struct udp_port_cfg port6 = {
.family = AF_INET6,
+/* Test for GCC > 4.4.7 */
+#if GCC_VERSION > 40407
.local_ip6 = IN6ADDR_ANY_INIT,
+#endif
.local_udp_port = htons(wg->incoming_port),
.use_udp6_tx_checksums = true,
.use_udp6_rx_checksums = true,
diff -aur WireGuard-0.0.20170613/src/tools/Makefile 
WireGuard-0.0.20170613-cnt6/src/tools/Makefile
--- WireGuard-0.0.20170613/src/tools/Makefile   2017-06-13 01:18:14.0 
+0300
+++ WireGuard-0.0.20170613/src/tools/Makefile   2017-06-19 20:19:42.560467226 
+0300
@@ -11,6 +11,8 @@
 WITH_BASHCOMPLETION ?=
 WITH_WGQUICK ?=
 WITH_SYSTEMDUNITS ?=
+GCC_EQ_447 := $(shell expr `gcc -dumpversion | sed -e 
's/\.\([0-9][0-9]\)/\1/g' -e 's/\.\([0-9]\)/0\1/g' -e 's/^[0-9]\{3,4\}$$/&00/'` 
\= 40407)
+
 
 ifeq ($(WITH_BASHCOMPLETION),)
 ifneq ($(strip $(wildcard $(BASHCOMPDIR))),)
@@ -32,7 +34,11 @@
 endif
 
 CFLAGS ?= -O3
+ifeq "$(GCC_EQ_447)" "1"
+CFLAGS += -std=gnu99 -D_GNU_SOURCE
+else
 CFLAGS += -std=gnu11 -D_GNU_SOURCE
+endif
 CFLAGS += -Wall -Wextra
 CFLAGS += -MMD -MP
 CFLAGS += -DRUNSTATEDIR="\"$(RUNSTATEDIR)\""
___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Wireguard on Centos 7

2017-05-12 Thread Lucian Cristian 

On 12.05.2017 12:47, Christophe Vanlancker wrote:

I haven't done this kind of work but I'll try giving it a shot. :)


Christophe


On 12-05-17 11:38, Jason A. Donenfeld wrote:

Centos's 3.10 is not kernel.org's 3.10. They patch it heavily. If
you'd like to adjust compat.h to support centos's patched-up kernel,
without breaking support for other kernels, feel free to submit a
patch.

Jason



Or use the elrepo rpm repositorykernels


regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: RTNETLINK answers: Operation not supported

2017-02-28 Thread Lucian Cristian 

On 28.02.2017 18:08, William Clark wrote:

Hello,

So I wanted to try WireGuard but unfortunately I can't get pas this part:
ip link add dev wg0 type wireguard.

When ever I run the command "ip link add dev wg0 type wireguard"
I get the output:
RTNETLINK answers: Operation not supported

This both happens on CentOS 7 and Fedora 25 and Ubuntu 16.04.

CentOS 7 Kernel:
Linux hostname 3.10.0-514.6.2.el7.x86_64 #1 SMP Thu Feb 23 03:04:39 
UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Fedora 25 Kernel:
Linux hostname 4.9.7-x86_64-X #2 SMP Thu Feb 2 15:43:55 EST 2017 
x86_64 x86_64 x86_64 GNU/Linux


I've tried installing Linux headers too, but no luck and I've rebooted 
after the upgrade too, and still no luck.


Thanks a lot.


___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


I'm using centos 7 (even centos 6) with kernel-ml or kernel-lt from 
elrepo, 3.10 is not supported by wireguard



Regards

___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard