Linux kernel 5 different behavior
Vasili Pupkin
diggest at gmail.com
Sun Aug 25 18:59:32 CEST 2019
In the newest kernel version, Wireguard encrypted packets are sent
from the same user credentials as the user that created original
packets. I have a firewall setup that limits programs run from a
particular user to wireguard tun interface, it worked in kernel 4.18
and is broken in kernel 5.0. In the new kernel encrypted packets are
also marked as owned by this user and routed to the tun interface
generating a recursion.
More information about the WireGuard
mailing list