Linux kernel 5 different behavior

Vasili Pupkin diggest at
Mon Aug 26 11:29:53 CEST 2019

On Mon, Aug 26, 2019 at 5:09 AM Jason A. Donenfeld <Jason at> wrote:
> > Usage of fwmark is my current workaround. If the same user id of an
> > outer packets is not a bug then ignore it.
> I can see arguments both ways. Do you recall off hand the last kernel
> version that had the prior behavior? I'd like to try to find the
> commit and read the rationale upstream.

I see the difference now between 4.18.0 and 5.0.0 kernels, the closest
I can get with readily compiled kernels on my distro. According to
`iptables -t mangle -A OUTPUT -j LOG --log-uid` on kernel 4.18 outer
packets have UID=0 if original packets were sent from system processes
and do not have associated UID at all if original packets were sent by
the user. On kernel 5.0 they always inherit UID.

More information about the WireGuard mailing list