[WireGuard] Debugging AllowedIps

John Huttley john at mib-infotech.co.nz
Mon Nov 14 03:28:10 CET 2016 

Thanks Jason,


I'm using gentoo x64. debug USE is enabled

==============

emerge -p -v wireguard

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild   R   *] net-misc/wireguard-9999::gentoo  USE="debug -kmod-src" 
0 KiB

==============


there is nothing much in /var/log/messages

2016-11-14T15:04:26+13:00 Listen normally on 14 wg0 192.168.94.254:123

Which is when I set up wg.


================

Nothing but the module startup in /var/log/dmesg

wireguard: routing table self-tests: pass
[    7.628264] wireguard: nonce counter self-tests: pass
[    7.629233] wireguard: curve25519 self-tests: pass
[    7.629241] wireguard: chacha20poly1305 self-tests: pass
[    7.629761] wireguard: blake2s self-tests: pass
[    7.629766] wireguard: siphash24 self-tests: pass
[    7.629778] wireguard: WireGuard loaded. See www.wireguard.io for 
information.
[    7.629778] wireguard: (C) Copyright 2015-2016 Jason A. Donenfeld 
<Jason at zx2c4.com>. All Rights Reserved

===================

I start the server like this


#/bin/bash

ip link add dev wg0 type wireguard

ip address add    dev wg0 192.168.94.254/24

wg setconf wg0 /root/wg.conf
ip link set up dev wg0


========

wg.conf is


[Interface]
     PrivateKey = XXXX
     Listenport = 6678

[Peer]
     Publickey=8+7eyTWCQZ7Eqw8tDv6KMTiwaK+WXhRVhal6sANJnmc=
     AllowedIps = 0.0.0.0/0

#[Peer]
#    Publickey=vaw7Z2fZnKLlYwyPUUqvCZbdJN7S78C57nYpQfqZRg8=
#    AllowedIps=  0.0.0.0/0

The commented out peer has its wg0 set to 192.168.94.12/24 and other ips 
on other interfaces in the 10.128.0.0/16 network.


However   AllowedIps = 192.168.94.0/24, 10.128.0.0/16     doesn't work, 
(confirmed with "wg showconf wg0" that it loaded)

0.0.0.0/0 does work

I would have thought to see some debug messages, but there is nothing.

The server has been rebooted after updating wireguard.


RFE: when the module loads and prints its test at startup, please print 
its version and compile flags as well.

Regards,


John

More information about the WireGuard mailing list