Re: can't ping remote side IP range from WG instance

2018-03-25 Thread Eric Light
Hi Adrián, Sounds like you're doing something similar to what I've been playing with. I chatted with Jason about it a bit, and he sorted me out with a better solution - perhaps it'll work for you too: Instead of spinning up a Masquerade rule in iptables, have you tried just making sure that

Re: can't ping remote side IP range from WG instance

2018-03-25 Thread Adrián Mihálko
Ah. The solution was trivial. On B side, Ubuntu server: post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE On my server eth0 doesn't exist it has another name: ens160. Now it's working. > On 25 Mar 2018, at 11:19, Adrián Mihálko wrote: > > A side

Re: CentOS 7 build warning, chacha20_avx512vl

2018-03-25 Thread Samuel Neves
I don't think this is a problem. This seems to be related to the toolchain not knowing about AVX-512 instructions yet, and therefore mistaking some instruction bytes for other instructions (i.e., the byte sequence 7d 28 at 0x263f looks like a jump to offset 0x2669, but it's part of an AVX-512

Re: can't ping remote side IP range from WG instance

2018-03-25 Thread Kalin KOZHUHAROV
I am really not sure, but let me have a stab: On Sun, Mar 25, 2018 at 11:19 AM, Adrián Mihálko wrote: > auto wg0 > iface wg0 inet static > pre-up ip link add dev wg0 type wireguard > post-up wg setconf wg0 /etc/wireguard/wireguard.conf > post-up ip link set dev wg0

Re: add/remove a peer

2018-03-25 Thread Roman Mamedov
On Sun, 25 Mar 2018 21:17:35 +0200 Kalin KOZHUHAROV wrote: > There is a reason, at least one, good one - it is called simplicity. > It is also hard to work when you are running out of disk space or > memory; do you expect WG to solve that for you? > Simply put, IP addressing

Re: add/remove a peer

2018-03-25 Thread Kalin KOZHUHAROV
On Sun, Mar 25, 2018 at 8:10 PM, ST wrote: > PS: if you have over 100 peers it is a bit a headache to find a free IP > when adding a new peer. There is no reason WG could not scan through IPs > it already knows and choose a free one, assign it in its own config file > and print

CentOS 7 build warning, chacha20_avx512vl

2018-03-25 Thread Vbook A1
Hello, this is the build log of the latest "stable" WireGuard on the latest CentOS 7: > -bash-4.2# make > CC [M] /dev/shm/WireGuard-0.0.20180304/src/main.o > CC [M] /dev/shm/WireGuard-0.0.20180304/src/noise.o > CC [M] /dev/shm/WireGuard-0.0.20180304/src/device.o > CC [M]

Re: add/remove a peer

2018-03-25 Thread ST
On Mon, 2018-03-26 at 00:43 +0800, Wang Jian wrote: > 2018-03-25 3:32 GMT+08:00 ST : > > Hello, > > > > I'm learning WireGuard and have a question regarding adding/removing a > > peer. > > > > Is there something like: > > > > 1) wg add peer ABCDEF... allowed-ips 192.168.88.0/24

Re: add/remove a peer

2018-03-25 Thread ST
On Mon, 2018-03-26 at 00:43 +0800, Wang Jian wrote: > 2018-03-25 3:32 GMT+08:00 ST : > > Hello, > > > > I'm learning WireGuard and have a question regarding adding/removing a > > peer. > > > > Is there something like: > > > > 1) wg add peer ABCDEF... allowed-ips 192.168.88.0/24

Re: add/remove a peer

2018-03-25 Thread Wang Jian
2018-03-25 3:32 GMT+08:00 ST : > Hello, > > I'm learning WireGuard and have a question regarding adding/removing a > peer. > > Is there something like: > > 1) wg add peer ABCDEF... allowed-ips 192.168.88.0/24 endpoint > 209.202.254.14:8172 > > 2) similar for removing clients: >

can't ping remote side IP range from WG instance

2018-03-25 Thread Adrián Mihálko
A side (192.168.2.0/24): LEDE router 192.168.2.1 (static route to access remote side 192.168.1.0/24 pointing to 192.168.2.100) Pi Zero with Wireguard (192.168.2.100, WG: 192.168.5.2) Config: auto wg0 iface wg0 inet static pre-up ip link add dev wg0 type wireguard post-up wg setconf wg0