Kind reminder.
Below diff at https://marc.info/?l=openbsd-tech&m=166256415030704&w=2
On Wed, Sep 07, 2022 at 03:25:58PM +0000, Mikolaj Kucharski wrote:
> Hi.
>
> I didn't get a lof of feedback on this on the code level, however
> got some intput on manual page changes. At the end of the email is
> ifconfig.8 change from jmc@ and ifconfig.c from me.
>
>
> On Sat, Sep 03, 2022 at 04:51:03PM +0100, Jason McIntyre wrote:
> > On Sat, Sep 03, 2022 at 08:55:51AM +0000, Mikolaj Kucharski wrote:
> > > Hi,
> > >
> > > I tried to address what jmc@ mentioned below. I don't really know
> > > mdoc(7) and English is not my native language, so I imagine there is
> > > place for improvement in the wg(4) diff.
> > >
> >
> > hi.
> >
> > after looking again, i think maybe ifconfig.8 is the better place, but
> > just not where it was originally proposed. by way of a peace offering,
> > how about the diff below?
> >
> > jmc
> >
> [...]
>
>
> Index: ifconfig.c
> ===================================================================
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
> retrieving revision 1.456
> diff -u -p -u -r1.456 ifconfig.c
> --- ifconfig.c 8 Jul 2022 07:04:54 -0000 1.456
> +++ ifconfig.c 7 Sep 2022 15:18:50 -0000
> @@ -363,7 +363,7 @@ void unsetwgpeer(const char *, int);
> void unsetwgpeerpsk(const char *, int);
> void unsetwgpeerall(const char *, int);
>
> -void wg_status();
> +void wg_status(int);
> #else
> void setignore(const char *, int);
> #endif
> @@ -679,7 +679,7 @@ void printgroupattribs(char *);
> void printif(char *, int);
> void printb_status(unsigned short, unsigned char *);
> const char *get_linkstate(int, int);
> -void status(int, struct sockaddr_dl *, int);
> +void status(int, struct sockaddr_dl *, int, int);
> __dead void usage(void);
> const char *get_string(const char *, const char *, u_int8_t *, int *);
> int len_string(const u_int8_t *, int);
> @@ -1195,7 +1195,7 @@ printif(char *name, int ifaliases)
> continue;
> ifdata = ifa->ifa_data;
> status(1, (struct sockaddr_dl *)ifa->ifa_addr,
> - ifdata->ifi_link_state);
> + ifdata->ifi_link_state, ifaliases);
> count++;
> noinet = 1;
> continue;
> @@ -3316,7 +3316,7 @@ get_linkstate(int mt, int link_state)
> * specified, show it and it only; otherwise, show them all.
> */
> void
> -status(int link, struct sockaddr_dl *sdl, int ls)
> +status(int link, struct sockaddr_dl *sdl, int ls, int ifaliases)
> {
> const struct afswtch *p = afp;
> struct ifmediareq ifmr;
> @@ -3391,7 +3391,7 @@ status(int link, struct sockaddr_dl *sdl
> mpls_status();
> pflow_status();
> umb_status();
> - wg_status();
> + wg_status(ifaliases);
> #endif
> trunk_status();
> getifgroups();
> @@ -5907,7 +5907,7 @@ process_wg_commands(void)
> }
>
> void
> -wg_status(void)
> +wg_status(int ifaliases)
> {
> size_t i, j, last_size;
> struct timespec now;
> @@ -5942,45 +5942,47 @@ wg_status(void)
> printf("\twgpubkey %s\n", key);
> }
>
> - wg_peer = &wg_interface->i_peers[0];
> - for (i = 0; i < wg_interface->i_peers_count; i++) {
> - b64_ntop(wg_peer->p_public, WG_KEY_LEN,
> - key, sizeof(key));
> - printf("\twgpeer %s\n", key);
> -
> - if (wg_peer->p_flags & WG_PEER_HAS_PSK)
> - printf("\t\twgpsk (present)\n");
> -
> - if (wg_peer->p_flags & WG_PEER_HAS_PKA && wg_peer->p_pka)
> - printf("\t\twgpka %u (sec)\n", wg_peer->p_pka);
> -
> - if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) {
> - if (getnameinfo(&wg_peer->p_sa, wg_peer->p_sa.sa_len,
> - hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
> - NI_NUMERICHOST | NI_NUMERICSERV) == 0)
> - printf("\t\twgendpoint %s %s\n", hbuf, sbuf);
> - else
> - printf("\t\twgendpoint unable to print\n");
> - }
> + if (ifaliases) {
> + wg_peer = &wg_interface->i_peers[0];
> + for (i = 0; i < wg_interface->i_peers_count; i++) {
> + b64_ntop(wg_peer->p_public, WG_KEY_LEN,
> + key, sizeof(key));
> + printf("\twgpeer %s\n", key);
> +
> + if (wg_peer->p_flags & WG_PEER_HAS_PSK)
> + printf("\t\twgpsk (present)\n");
> +
> + if (wg_peer->p_flags & WG_PEER_HAS_PKA &&
> wg_peer->p_pka)
> + printf("\t\twgpka %u (sec)\n", wg_peer->p_pka);
> +
> + if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) {
> + if (getnameinfo(&wg_peer->p_sa,
> wg_peer->p_sa.sa_len,
> + hbuf, sizeof(hbuf), sbuf, sizeof(sbuf),
> + NI_NUMERICHOST | NI_NUMERICSERV) == 0)
> + printf("\t\twgendpoint %s %s\n", hbuf,
> sbuf);
> + else
> + printf("\t\twgendpoint unable to
> print\n");
> + }
>
> - printf("\t\ttx: %llu, rx: %llu\n",
> - wg_peer->p_txbytes, wg_peer->p_rxbytes);
> + printf("\t\ttx: %llu, rx: %llu\n",
> + wg_peer->p_txbytes, wg_peer->p_rxbytes);
>
> - if (wg_peer->p_last_handshake.tv_sec != 0) {
> - timespec_get(&now, TIME_UTC);
> - printf("\t\tlast handshake: %lld seconds ago\n",
> - now.tv_sec - wg_peer->p_last_handshake.tv_sec);
> - }
> + if (wg_peer->p_last_handshake.tv_sec != 0) {
> + timespec_get(&now, TIME_UTC);
> + printf("\t\tlast handshake: %lld seconds ago\n",
> + now.tv_sec -
> wg_peer->p_last_handshake.tv_sec);
> + }
>
>
> - wg_aip = &wg_peer->p_aips[0];
> - for (j = 0; j < wg_peer->p_aips_count; j++) {
> - inet_ntop(wg_aip->a_af, &wg_aip->a_addr,
> - hbuf, sizeof(hbuf));
> - printf("\t\twgaip %s/%d\n", hbuf, wg_aip->a_cidr);
> - wg_aip++;
> + wg_aip = &wg_peer->p_aips[0];
> + for (j = 0; j < wg_peer->p_aips_count; j++) {
> + inet_ntop(wg_aip->a_af, &wg_aip->a_addr,
> + hbuf, sizeof(hbuf));
> + printf("\t\twgaip %s/%d\n", hbuf,
> wg_aip->a_cidr);
> + wg_aip++;
> + }
> + wg_peer = (struct wg_peer_io *)wg_aip;
> }
> - wg_peer = (struct wg_peer_io *)wg_aip;
> }
> out:
> free(wgdata.wgd_interface);
> Index: ifconfig.8
> ===================================================================
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
> retrieving revision 1.384
> diff -u -p -u -r1.384 ifconfig.8
> --- ifconfig.8 27 Jun 2022 16:27:03 -0000 1.384
> +++ ifconfig.8 7 Sep 2022 15:18:50 -0000
> @@ -2195,6 +2195,14 @@ Packets on a VLAN interface without a ta
> .Ek
> .nr nS 0
> .Pp
> +Detailed peer information is available to the superuser when
> +.Nm
> +is run with the
> +.Fl A
> +flag or when passed specific
> +.Ar wg-interface
> +names.
> +.Pp
> The following options are available for
> .Xr wg 4
> interfaces:
>
--
Regards,
Mikolaj
