[WireGuard] Debugging AllowedIps
John Huttley
john at mib-infotech.co.nz
Mon Nov 14 04:10:06 CET 2016
Aha,
Yes the dmesg command has the debug output.
and the solution was to put the explicit /32 for the client on the host
not the /24
and 0.0.0.0/0 on the client.
Thanks,
John
On 14/11/16 15:59, Jason A. Donenfeld wrote:
> On Mon, Nov 14, 2016 at 3:28 AM, John Huttley <john at mib-infotech.co.nz> wrote:
>> I'm using gentoo x64. debug USE is enabled
> After recompiling with USE=debug, you'll need to remove and then
> insert the module:
>
> # rmmod wireguard
> # modprobe wireguard
>
> If that doesn't do it, then it means you have dynamic debugging
> enabled in your kernel, in which case you'll have to turn on debug
> messages via:
>
> # echo "module wireguard +p" >/sys/kernel/debug/dynamic_debug/control
>
>> Nothing but the module startup in /var/log/dmesg
> A better more up to date source is generally the output of the `dmesg` command.
>
>> I start the server like this
> I assume you're going for a classic client/server topology, in which
> the server routes internet traffic. Usually in this case you want
> something like:
>
> -- Server --
> # ip addr add 192.168.1.254/24 dev wg0
> wg0.conf:
> [Peer]
> PublicKey = ABCD
> AllowedIPs = 192.168.1.20/32
> [Peer]
> PublicKey = DCBA
> AllowedIPs = 192.168.1.21/32
> [Peer]
> PublicKey = ABAB
> AllowedIPs = 192.168.1.22/32
>
> -- Client --
> # ip addr add 192.168.1.20/24 dev wg0
> wg0.conf:
> [Peer]
> PublicKey = EEEG
> AllowedIPs = 0.0.0.0/0
More information about the WireGuard
mailing list