openwrt route_allowed_ips is inprecise

Jason A. Donenfeld Jason at zx2c4.com
Tue Dec 20 19:27:55 CET 2016


Hi Dan,

On Tue, Dec 20, 2016 at 3:51 PM, Dan Lüdtke <mail at danrl.com> wrote:
> I see what you mean now. Don't see a real problem there despite ugliness, but let me think of a solution. May not be my highest priority right now, though.

Solutions:

0) Do nothing.
1) Make netifd deal with it.
2) Sort the endpoints allowed IPs by cidr, and call `ip route get`
before each `ip route add`.
3) Compute the set difference in bash between the addresses of the
interface and the allowed-ips of the interface, and only `ip route
add` the difference.
4) Compute the set difference using sipcalc or ipcalc between the
addresses of the interface and the allowed-ips of the interface, and
only `ip route add` the difference.
5) Bug me to add this functionality to wg(8), and receive frustrating
responses like "wg(8) isn't supposed to touch any of the info that
ip(8) has due to future tool merging plans."

Jason


More information about the WireGuard mailing list