unable to set allowed-ips

Thomas Sattler sattler at med.uni-frankfurt.de
Thu Mar 23 23:39:54 CET 2017 

Hi there ...

I'm unable to set allowed-ips, I get

   "Unable to set device: Invalid argument"

when running

  # wg set wg0 peer 7KoA... allowed-ips 192.168.237.16/32


The last few line in strace are:

stat64("/var/run/wireguard/wg0.sock", 0xffc7a530) = -1 ENOENT (No such file 
or directory)
socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
ioctl(3, _IOC(0, 0x89, 0xf1, 0x00), 0xffc7a61c) = -1 EINVAL (Invalid argument)
dup(2)                                  = 4
fcntl64(4, F_GETFL)                     = 0x2 (flags O_RDWR)
fstat64(4, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 3), ...}) = 0
write(4, "Unable to set device: Invalid ar"..., 39Unable to set device: 
Invalid argument
) = 39
close(4)                                = 0
exit_group(1)                           = ?
+++ exited with 1 +++


I'm running a crosscompiled 64bit kernel on 32bit Gentoo
userland. (As I installed it more than 10 years ago.)

Kernel version is 4.10.5, WireGuard is 0.0.20170320.1

I'm neither using a Gentoo kernel nor Gentoo's WireGuard
package but compiled them on my own enabling all Kernel
Requirements mentioned at https://www.wireguard.io/install

Trying to connect an Arch Linux based system (where I can
set allowed-ips) both show that they did a handshake but
as the Gentoo box won't set allowed-ips for the Arch box,
the Gentoo box rejects its packages, complaining about
packets having unallowed src IPs. :-(

I tried several kernels and WireGuard snapshots within the
last weeks and also spend some time searching for "allowed-
ips" and "Invalid argument" but couldn't yet find anything.

Thomas


P.S.: In case it helps, here the output from 'wg' so far:

Gentoo:

   interface: wg0
     public key: 74DO...
     private key: (hidden)
     pre-shared key: (hidden)
     listening port: 22

   peer: 7KoA...
     endpoint: 192.168.2.16:22
     allowed ips: (none)
     latest handshake: 26 minutes, 32 seconds ago
     transfer: 890.99 KiB received, 240 B sent
     persistent keepalive: every 5 minutes, 36 seconds

Arch Linux:


   interface: wg0
     public key: 7KoA...
     private key: (hidden)
     pre-shared key: (hidden)
     listening port: 22

   peer: 74DO...
     endpoint: 192.168.2.17:22
     allowed ips: 192.168.237.17/32
     latest handshake: 29 minutes, 9 seconds ago
     transfer: 14.00 KiB received, 2.21 MiB sent

More information about the WireGuard mailing list