On 14.10.2022. 23:57, Mikolaj Kucharski wrote: > Kind reminder. Below there is a comment with an OK from sthen@ > > Diff at the end of this email. > >
Hi all, can this diff be committed? Less verbose output of ifconfig wg interface is quite nice when handling wg vpn server Thank you > On Wed, Sep 07, 2022 at 05:29:38PM +0100, Stuart Henderson wrote: >> On 2022/09/07 15:25, Mikolaj Kucharski wrote: >>> Hi. >>> >>> I didn't get a lof of feedback on this on the code level, however >>> got some intput on manual page changes. At the end of the email is >>> ifconfig.8 change from jmc@ and ifconfig.c from me. >>> >>> >>> On Sat, Sep 03, 2022 at 04:51:03PM +0100, Jason McIntyre wrote: >>>> On Sat, Sep 03, 2022 at 08:55:51AM +0000, Mikolaj Kucharski wrote: >>>>> Hi, >>>>> >>>>> I tried to address what jmc@ mentioned below. I don't really know >>>>> mdoc(7) and English is not my native language, so I imagine there is >>>>> place for improvement in the wg(4) diff. >>>>> >>>> >>>> hi. >>>> >>>> after looking again, i think maybe ifconfig.8 is the better place, but >>>> just not where it was originally proposed. by way of a peace offering, >>>> how about the diff below? >>>> >>>> jmc >>>> >>> [...] >> >> It's all in ifndef SMALL so there are no ramdisk space concerns. >> Works as expected, I think it's a good idea. It's OK with me. >> >> >>> >>> Index: ifconfig.c >>> =================================================================== >>> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v >>> retrieving revision 1.456 >>> diff -u -p -u -r1.456 ifconfig.c >>> --- ifconfig.c 8 Jul 2022 07:04:54 -0000 1.456 >>> +++ ifconfig.c 7 Sep 2022 15:18:50 -0000 >>> @@ -363,7 +363,7 @@ void unsetwgpeer(const char *, int); >>> void unsetwgpeerpsk(const char *, int); >>> void unsetwgpeerall(const char *, int); >>> >>> -void wg_status(); >>> +void wg_status(int); >>> #else >>> void setignore(const char *, int); >>> #endif >>> @@ -679,7 +679,7 @@ void printgroupattribs(char *); >>> void printif(char *, int); >>> void printb_status(unsigned short, unsigned char *); >>> const char *get_linkstate(int, int); >>> -void status(int, struct sockaddr_dl *, int); >>> +void status(int, struct sockaddr_dl *, int, int); >>> __dead void usage(void); >>> const char *get_string(const char *, const char *, u_int8_t *, int *); >>> int len_string(const u_int8_t *, int); >>> @@ -1195,7 +1195,7 @@ printif(char *name, int ifaliases) >>> continue; >>> ifdata = ifa->ifa_data; >>> status(1, (struct sockaddr_dl *)ifa->ifa_addr, >>> - ifdata->ifi_link_state); >>> + ifdata->ifi_link_state, ifaliases); >>> count++; >>> noinet = 1; >>> continue; >>> @@ -3316,7 +3316,7 @@ get_linkstate(int mt, int link_state) >>> * specified, show it and it only; otherwise, show them all. >>> */ >>> void >>> -status(int link, struct sockaddr_dl *sdl, int ls) >>> +status(int link, struct sockaddr_dl *sdl, int ls, int ifaliases) >>> { >>> const struct afswtch *p = afp; >>> struct ifmediareq ifmr; >>> @@ -3391,7 +3391,7 @@ status(int link, struct sockaddr_dl *sdl >>> mpls_status(); >>> pflow_status(); >>> umb_status(); >>> - wg_status(); >>> + wg_status(ifaliases); >>> #endif >>> trunk_status(); >>> getifgroups(); >>> @@ -5907,7 +5907,7 @@ process_wg_commands(void) >>> } >>> >>> void >>> -wg_status(void) >>> +wg_status(int ifaliases) >>> { >>> size_t i, j, last_size; >>> struct timespec now; >>> @@ -5942,45 +5942,47 @@ wg_status(void) >>> printf("\twgpubkey %s\n", key); >>> } >>> >>> - wg_peer = &wg_interface->i_peers[0]; >>> - for (i = 0; i < wg_interface->i_peers_count; i++) { >>> - b64_ntop(wg_peer->p_public, WG_KEY_LEN, >>> - key, sizeof(key)); >>> - printf("\twgpeer %s\n", key); >>> - >>> - if (wg_peer->p_flags & WG_PEER_HAS_PSK) >>> - printf("\t\twgpsk (present)\n"); >>> - >>> - if (wg_peer->p_flags & WG_PEER_HAS_PKA && wg_peer->p_pka) >>> - printf("\t\twgpka %u (sec)\n", wg_peer->p_pka); >>> - >>> - if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) { >>> - if (getnameinfo(&wg_peer->p_sa, wg_peer->p_sa.sa_len, >>> - hbuf, sizeof(hbuf), sbuf, sizeof(sbuf), >>> - NI_NUMERICHOST | NI_NUMERICSERV) == 0) >>> - printf("\t\twgendpoint %s %s\n", hbuf, sbuf); >>> - else >>> - printf("\t\twgendpoint unable to print\n"); >>> - } >>> + if (ifaliases) { >>> + wg_peer = &wg_interface->i_peers[0]; >>> + for (i = 0; i < wg_interface->i_peers_count; i++) { >>> + b64_ntop(wg_peer->p_public, WG_KEY_LEN, >>> + key, sizeof(key)); >>> + printf("\twgpeer %s\n", key); >>> + >>> + if (wg_peer->p_flags & WG_PEER_HAS_PSK) >>> + printf("\t\twgpsk (present)\n"); >>> + >>> + if (wg_peer->p_flags & WG_PEER_HAS_PKA && >>> wg_peer->p_pka) >>> + printf("\t\twgpka %u (sec)\n", wg_peer->p_pka); >>> + >>> + if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) { >>> + if (getnameinfo(&wg_peer->p_sa, >>> wg_peer->p_sa.sa_len, >>> + hbuf, sizeof(hbuf), sbuf, sizeof(sbuf), >>> + NI_NUMERICHOST | NI_NUMERICSERV) == 0) >>> + printf("\t\twgendpoint %s %s\n", hbuf, >>> sbuf); >>> + else >>> + printf("\t\twgendpoint unable to >>> print\n"); >>> + } >>> >>> - printf("\t\ttx: %llu, rx: %llu\n", >>> - wg_peer->p_txbytes, wg_peer->p_rxbytes); >>> + printf("\t\ttx: %llu, rx: %llu\n", >>> + wg_peer->p_txbytes, wg_peer->p_rxbytes); >>> >>> - if (wg_peer->p_last_handshake.tv_sec != 0) { >>> - timespec_get(&now, TIME_UTC); >>> - printf("\t\tlast handshake: %lld seconds ago\n", >>> - now.tv_sec - wg_peer->p_last_handshake.tv_sec); >>> - } >>> + if (wg_peer->p_last_handshake.tv_sec != 0) { >>> + timespec_get(&now, TIME_UTC); >>> + printf("\t\tlast handshake: %lld seconds ago\n", >>> + now.tv_sec - >>> wg_peer->p_last_handshake.tv_sec); >>> + } >>> >>> >>> - wg_aip = &wg_peer->p_aips[0]; >>> - for (j = 0; j < wg_peer->p_aips_count; j++) { >>> - inet_ntop(wg_aip->a_af, &wg_aip->a_addr, >>> - hbuf, sizeof(hbuf)); >>> - printf("\t\twgaip %s/%d\n", hbuf, wg_aip->a_cidr); >>> - wg_aip++; >>> + wg_aip = &wg_peer->p_aips[0]; >>> + for (j = 0; j < wg_peer->p_aips_count; j++) { >>> + inet_ntop(wg_aip->a_af, &wg_aip->a_addr, >>> + hbuf, sizeof(hbuf)); >>> + printf("\t\twgaip %s/%d\n", hbuf, >>> wg_aip->a_cidr); >>> + wg_aip++; >>> + } >>> + wg_peer = (struct wg_peer_io *)wg_aip; >>> } >>> - wg_peer = (struct wg_peer_io *)wg_aip; >>> } >>> out: >>> free(wgdata.wgd_interface); >>> Index: ifconfig.8 >>> =================================================================== >>> RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v >>> retrieving revision 1.384 >>> diff -u -p -u -r1.384 ifconfig.8 >>> --- ifconfig.8 27 Jun 2022 16:27:03 -0000 1.384 >>> +++ ifconfig.8 7 Sep 2022 15:18:50 -0000 >>> @@ -2195,6 +2195,14 @@ Packets on a VLAN interface without a ta >>> .Ek >>> .nr nS 0 >>> .Pp >>> +Detailed peer information is available to the superuser when >>> +.Nm >>> +is run with the >>> +.Fl A >>> +flag or when passed specific >>> +.Ar wg-interface >>> +names. >>> +.Pp >>> The following options are available for >>> .Xr wg 4 >>> interfaces: >>> > > > Index: ifconfig.8 > =================================================================== > RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v > retrieving revision 1.384 > diff -u -p -u -r1.384 ifconfig.8 > --- ifconfig.8 27 Jun 2022 16:27:03 -0000 1.384 > +++ ifconfig.8 14 Oct 2022 21:53:47 -0000 > @@ -2195,6 +2195,14 @@ Packets on a VLAN interface without a ta > .Ek > .nr nS 0 > .Pp > +Detailed peer information is available to the superuser when > +.Nm > +is run with the > +.Fl A > +flag or when passed specific > +.Ar wg-interface > +names. > +.Pp > The following options are available for > .Xr wg 4 > interfaces: > Index: ifconfig.c > =================================================================== > RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v > retrieving revision 1.456 > diff -u -p -u -r1.456 ifconfig.c > --- ifconfig.c 8 Jul 2022 07:04:54 -0000 1.456 > +++ ifconfig.c 14 Oct 2022 21:53:47 -0000 > @@ -363,7 +363,7 @@ void unsetwgpeer(const char *, int); > void unsetwgpeerpsk(const char *, int); > void unsetwgpeerall(const char *, int); > > -void wg_status(); > +void wg_status(int); > #else > void setignore(const char *, int); > #endif > @@ -679,7 +679,7 @@ void printgroupattribs(char *); > void printif(char *, int); > void printb_status(unsigned short, unsigned char *); > const char *get_linkstate(int, int); > -void status(int, struct sockaddr_dl *, int); > +void status(int, struct sockaddr_dl *, int, int); > __dead void usage(void); > const char *get_string(const char *, const char *, u_int8_t *, int *); > int len_string(const u_int8_t *, int); > @@ -1195,7 +1195,7 @@ printif(char *name, int ifaliases) > continue; > ifdata = ifa->ifa_data; > status(1, (struct sockaddr_dl *)ifa->ifa_addr, > - ifdata->ifi_link_state); > + ifdata->ifi_link_state, ifaliases); > count++; > noinet = 1; > continue; > @@ -3316,7 +3316,7 @@ get_linkstate(int mt, int link_state) > * specified, show it and it only; otherwise, show them all. > */ > void > -status(int link, struct sockaddr_dl *sdl, int ls) > +status(int link, struct sockaddr_dl *sdl, int ls, int ifaliases) > { > const struct afswtch *p = afp; > struct ifmediareq ifmr; > @@ -3391,7 +3391,7 @@ status(int link, struct sockaddr_dl *sdl > mpls_status(); > pflow_status(); > umb_status(); > - wg_status(); > + wg_status(ifaliases); > #endif > trunk_status(); > getifgroups(); > @@ -5907,7 +5907,7 @@ process_wg_commands(void) > } > > void > -wg_status(void) > +wg_status(int ifaliases) > { > size_t i, j, last_size; > struct timespec now; > @@ -5942,45 +5942,47 @@ wg_status(void) > printf("\twgpubkey %s\n", key); > } > > - wg_peer = &wg_interface->i_peers[0]; > - for (i = 0; i < wg_interface->i_peers_count; i++) { > - b64_ntop(wg_peer->p_public, WG_KEY_LEN, > - key, sizeof(key)); > - printf("\twgpeer %s\n", key); > - > - if (wg_peer->p_flags & WG_PEER_HAS_PSK) > - printf("\t\twgpsk (present)\n"); > - > - if (wg_peer->p_flags & WG_PEER_HAS_PKA && wg_peer->p_pka) > - printf("\t\twgpka %u (sec)\n", wg_peer->p_pka); > - > - if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) { > - if (getnameinfo(&wg_peer->p_sa, wg_peer->p_sa.sa_len, > - hbuf, sizeof(hbuf), sbuf, sizeof(sbuf), > - NI_NUMERICHOST | NI_NUMERICSERV) == 0) > - printf("\t\twgendpoint %s %s\n", hbuf, sbuf); > - else > - printf("\t\twgendpoint unable to print\n"); > - } > + if (ifaliases) { > + wg_peer = &wg_interface->i_peers[0]; > + for (i = 0; i < wg_interface->i_peers_count; i++) { > + b64_ntop(wg_peer->p_public, WG_KEY_LEN, > + key, sizeof(key)); > + printf("\twgpeer %s\n", key); > + > + if (wg_peer->p_flags & WG_PEER_HAS_PSK) > + printf("\t\twgpsk (present)\n"); > + > + if (wg_peer->p_flags & WG_PEER_HAS_PKA && > wg_peer->p_pka) > + printf("\t\twgpka %u (sec)\n", wg_peer->p_pka); > + > + if (wg_peer->p_flags & WG_PEER_HAS_ENDPOINT) { > + if (getnameinfo(&wg_peer->p_sa, > wg_peer->p_sa.sa_len, > + hbuf, sizeof(hbuf), sbuf, sizeof(sbuf), > + NI_NUMERICHOST | NI_NUMERICSERV) == 0) > + printf("\t\twgendpoint %s %s\n", hbuf, > sbuf); > + else > + printf("\t\twgendpoint unable to > print\n"); > + } > > - printf("\t\ttx: %llu, rx: %llu\n", > - wg_peer->p_txbytes, wg_peer->p_rxbytes); > + printf("\t\ttx: %llu, rx: %llu\n", > + wg_peer->p_txbytes, wg_peer->p_rxbytes); > > - if (wg_peer->p_last_handshake.tv_sec != 0) { > - timespec_get(&now, TIME_UTC); > - printf("\t\tlast handshake: %lld seconds ago\n", > - now.tv_sec - wg_peer->p_last_handshake.tv_sec); > - } > + if (wg_peer->p_last_handshake.tv_sec != 0) { > + timespec_get(&now, TIME_UTC); > + printf("\t\tlast handshake: %lld seconds ago\n", > + now.tv_sec - > wg_peer->p_last_handshake.tv_sec); > + } > > > - wg_aip = &wg_peer->p_aips[0]; > - for (j = 0; j < wg_peer->p_aips_count; j++) { > - inet_ntop(wg_aip->a_af, &wg_aip->a_addr, > - hbuf, sizeof(hbuf)); > - printf("\t\twgaip %s/%d\n", hbuf, wg_aip->a_cidr); > - wg_aip++; > + wg_aip = &wg_peer->p_aips[0]; > + for (j = 0; j < wg_peer->p_aips_count; j++) { > + inet_ntop(wg_aip->a_af, &wg_aip->a_addr, > + hbuf, sizeof(hbuf)); > + printf("\t\twgaip %s/%d\n", hbuf, > wg_aip->a_cidr); > + wg_aip++; > + } > + wg_peer = (struct wg_peer_io *)wg_aip; > } > - wg_peer = (struct wg_peer_io *)wg_aip; > } > out: > free(wgdata.wgd_interface); > >