WireGuard Digest, Vol 38, Issue 5
Thomas Dickomeit
thomas.dickomeit at gmail.com
Tue May 7 05:42:40 CEST 2019
Hello Wireguard,
Im using on myMacPro 2013 Wireguard since more then a half year, via MacPorts, my WireguardServer is my Router with OpenWRT on it, made me a Shellscript.sh that fires wireguard up or down so u can launch it without opening the Terminal simply over my ShellScript.sh inder MacOS Finder …its working wonderfull under OSX Sierra,
Now my question, I just say, in the AppStore, that there is a Wirguard client now AVAIABLE, Thanks for that!!! I Love Wireguard!
sadly, the damn AppleStore doesnt allow me to dl it, as I am still under OSX Sierra, is there a link I can dl it from another source then the damn AppleStore?
I dont want upgrade to what the AppleStore says, that it requieres OSX Majoave for many reasons, anyway, I have all a cool setup, so if it is so, that is requires OSX Mojave, I will stick with my solution, but I think, it would world also under OSX Sierra, would like to give it a try, but as I said, the Damn AppleStore says it requires Mojave sadly…
Thank you!
Mit freundlichen Grüßen
Thomas Dickomeit
thomas.dickomeit at gmail.com
——————————————————
Falls Sie PGP Verschlüssellungstechnolgie Benutzen, fügen Sie diesen, meinigen Öffentlichen Schlüssel zu Ihrem Schlüsselbund hinzu, somit können Wir verschlüsselt per eMail Kommunizieren :
> Am 06.05.2019 um 22:39 schrieb wireguard-request at lists.zx2c4.com:
>
> Send WireGuard mailing list submissions to
> wireguard at lists.zx2c4.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.zx2c4.com/mailman/listinfo/wireguard
> or, via email, send a message with subject or body 'help' to
> wireguard-request at lists.zx2c4.com
>
> You can reach the person managing the list at
> wireguard-owner at lists.zx2c4.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of WireGuard digest..."
>
>
> Today's Topics:
>
> 1. MacOS client with local DNS resolver (Peter Baumgartner)
> 2. Request to change IPv4 preference - mobile apps (Will Tisdale)
> 3. WireGuard Android kernel module+gnirehtet? (steamport)
> 4. DNS on macos (Illule)
> 5. Deploy a wireguard on 2 raspberry pi to connect 2 remote lan
> - Lan2Lan (Paulo Lopes)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 12 Apr 2019 12:07:28 -0600
> From: Peter Baumgartner <pete at lincolnloop.com>
> To: wireguard at lists.zx2c4.com
> Subject: MacOS client with local DNS resolver
> Message-ID:
> <CAC6K9z=3D=xMwTBRf3sA_5=OKR2R8o6aRa3JedGxzxVEzn-+Bw at mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> I'm using the official Mac GUI client (version 0.0.20190409) and am
> having troubles with DNS after connection. I use a local DNS resolver,
> so I have my DNS manually set to 127.0.0.1 on the network interface:
>
> $ scutil --dns | grep scoped -A50
> DNS configuration (for scoped queries)
>
> resolver #1
> nameserver[0] : 127.0.0.1
> if_index : 8 (en0)
> flags : Scoped, Request A records, Request AAAA records
> reach : 0x00030002 (Reachable,Local Address,Directly Reachable Address)
>
> Once I activate a Wireguard tunnel, the resolvers are updated to the
> IP of my Wireguard server:
>
> $ scutil --dns | grep scoped -A50
> DNS configuration (for scoped queries)
>
> resolver #1
> nameserver[0] : 10.0.77.1
> if_index : 8 (en0)
> flags : Scoped, Request A records
> reach : 0x00000002 (Reachable)
>
> resolver #2
> nameserver[0] : 10.0.77.1
> if_index : 19 (utun2)
> flags : Scoped, Request A records
> reach : 0x00000003 (Reachable,Transient Connection)
>
> Setting `DNS = 127.0.0.1` on the [Interface] section for my client has
> no effect.
>
> How can I activate the tunnel, but keep my DNS resolver as 127.0.0.1?
>
>
> ------------------------------
>
> Message: 2
> Date: Sun, 14 Apr 2019 18:17:04 +0100
> From: Will Tisdale <will at z3n.uk>
> To: wireguard at lists.zx2c4.com
> Subject: Request to change IPv4 preference - mobile apps
> Message-ID:
> <CAFWLA-XbDKtYHib8G2ujk7E+fsuPco9uX9NvPsu35Dd_HxVGyA at mail.gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> Hello,
>
> I sent a message to the list about weirdness with IPv4 being preferred
> over IPv6 in the iOS app a few days ago, but it didn't get there for
> whatever reason.
>
> I've since done a bit of digging through the code and found that
> preferring IPv4 is intentional, and it's also implemented that way on
> the Android app too.
>
> It seems a shame to hobble native IPv6 support for everyone just to
> work around some peoples misconfigured setups.
>
> My suggestion/request would be to change the apps to prefer IPv6 as
> default, but add a switch to the apps to disable IPv6 or prefer IPv4
> for those with broken setups.
>
> Does that seem reasonable?
>
>
> Cheers,
>
>
> -Will
>
>
> ------------------------------
>
> Message: 3
> Date: Thu, 18 Apr 2019 09:47:23 +0000
> From: steamport <steamport at protonmail.com>
> To: "wireguard at lists.zx2c4.com" <wireguard at lists.zx2c4.com>
> Subject: WireGuard Android kernel module+gnirehtet?
> Message-ID:
> <EwYrrc-xpesfT0VwXUQnoXU-HHmFugo8Pj3MZu7o6nDNgazeJIegFKwyCNXABg4fBvsuTbTwAnEy52gaBLbzckHhOwUaFEFXOQggOQwGYPM=@protonmail.com>
>
> Content-Type: text/plain; charset="utf-8"
>
> Hey, it appears the WireGuard kernel module doesn't work on top of an Android VPN, even if it's a reverse tethering thing like?gnirehtet.
>
> Also sorry if this isn't the proper place to report/say this.
>
> Sent with ProtonMail Secure Email.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190418/edd46c99/attachment.html>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: publickey - steamport at protonmail.com - 0x170EF114.asc
> Type: application/pgp-keys
> Size: 678 bytes
> Desc: not available
> URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190418/edd46c99/attachment.key>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: signature.asc
> Type: application/pgp-signature
> Size: 249 bytes
> Desc: OpenPGP digital signature
> URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190418/edd46c99/attachment.asc>
>
> ------------------------------
>
> Message: 4
> Date: Tue, 30 Apr 2019 00:41:14 +0200
> From: Illule <illule at ubstee.fr>
> To: wireguard at lists.zx2c4.com
> Subject: DNS on macos
> Message-ID: <8D6A8B89-F86B-4899-92FB-BCA9D455D79C at ubstee.fr>
> Content-Type: text/plain; charset=utf-8
>
> Hi,
>
> On macos the DNS set by wireguard is used as secondary DNS :
> sudo scutil ?dns returns :
> ```
> DNS configuration (for scoped queries)
>
> resolver #1
> search domain[0] : home
> nameserver[0] : fe80::924d:4aff:feeb:2eb0%en0
> nameserver[1] : 192.168.137.1
> if_index : 8 (en0)
> flags : Scoped, Request A records, Request AAAA records
> reach : 0x00020002 (Reachable,Directly Reachable Address)
>
> resolver #2
> nameserver[0] : 10.137.3.3
> if_index : 17 (utun1)
> flags : Scoped, Request A records
> reach : 0x00000003 (Reachable,Transient Connection)
> ```
>
> Is it wanted ? I?d prefer use my personnal DNS as main resolver. Moreover safari seems to being able to use it when a domain is not public but not command like dig.
>
> Best regards,
>
> Illule
>
> ------------------------------
>
> Message: 5
> Date: Wed, 1 May 2019 15:19:08 +0000
> From: Paulo Lopes <plopes1960 at hotmail.com>
> To: "wireguard at lists.zx2c4.com" <wireguard at lists.zx2c4.com>
> Subject: Deploy a wireguard on 2 raspberry pi to connect 2 remote lan
> - Lan2Lan
> Message-ID:
> <AM0PR08MB3522DC4AA812C933D8285AFCD43B0 at AM0PR08MB3522.eurprd08.prod.outlook.com>
>
> Content-Type: text/plain; charset="utf-8"
>
> Hi all!!!
>
> First, let me thank for the amazing vpn protocol that Wireguard is!!!!
>
> I need your advise. As you can see on the picture attach, I have 2 raspberry pi. One as a vpn server and the other as a vpn client to connect 2 remote Lan.
>
> Can you point me what I need to do, if I want to replace the openvpn for the wireguard?
>
> I can connect 2 rpi with wireguard, but, the others ip machinies on the server and client side can?t see each other.
>
> With openvpn I needed to inser iroute and add a static route on both routers. What I need to with the wireguard?
>
> Once again many tahnks for all the help you can give me?
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190501/43336e96/attachment.html>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: 43065884_1892102284211888_2227626938879442944_n.jpg
> Type: image/jpeg
> Size: 46732 bytes
> Desc: 43065884_1892102284211888_2227626938879442944_n.jpg
> URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190501/43336e96/attachment.jpg>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> WireGuard mailing list
> WireGuard at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
> ------------------------------
>
> End of WireGuard Digest, Vol 38, Issue 5
> ****************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190507/8eae10e6/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Thomas Dickomeit ? O?ffentlicherPGPSchlu?ssel.asc
Type: application/x-apple-msg-attachment
Size: 3102 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190507/8eae10e6/attachment-0001.bin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190507/8eae10e6/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190507/8eae10e6/attachment-0001.asc>
More information about the WireGuard
mailing list