Error with wg-quick down when IPv6 not present

Brassy Panache brassy.panache at gmail.com
Wed Sep 25 11:30:26 CEST 2019 

I've just tested your patch and that works!  I no longer see the errors.  I
don't have a IPv6 environment to test with at the moment, so I cannot
verify that case.

On Wed, Sep 25, 2019 at 7:25 PM Jason A. Donenfeld <Jason at zx2c4.com> wrote:

> On Wed, Sep 25, 2019 at 11:06:18AM +1000, Brassy Panache wrote:
> > I have a kernel without IPv6 support.  I've noticed when running:
> >
> > $ wg-quick down vpn
> >
> >
> > I receive the following errors:
> >
> > [#] ip -4 rule delete table 51820
> > [#] ip -4 rule delete table main suppress_prefixlength 0
> > RTNETLINK answers: Address family not supported by protocol
> > Dump terminated
> > RTNETLINK answers: Address family not supported by protocol
> > Dump terminated
> > [#] ip link delete dev vpn
> > [#] resolvconf -d vpn -f
> >
> >
> > This is caused by the assumption that the command:
> >
> > $ ip -6 rule show
> >
> >
> > will run on the system.  I have made a change to my local wg-quick script
> > which first tests if the command runs successfully before it clears the
> > rules.  The same should probably also be done prior to running the IPv4
> > version of the command.
>
> Would this work?
>
> diff --git a/src/tools/wg-quick/linux.bash b/src/tools/wg-quick/linux.bash
> index e690944d..612ecd77 100755
> --- a/src/tools/wg-quick/linux.bash
> +++ b/src/tools/wg-quick/linux.bash
> @@ -102,10 +102,10 @@ del_if() {
>                 while [[ $(ip -4 rule show) == *"from all lookup main
> suppress_prefixlength 0"* ]]; do
>                         cmd ip -4 rule delete table main
> suppress_prefixlength 0
>                 done
> -               while [[ $(ip -6 rule show) == *"lookup $table"* ]]; do
> +               while [[ $(ip -6 rule show 2>/dev/null) == *"lookup
> $table"* ]]; do
>                         cmd ip -6 rule delete table $table
>                 done
> -               while [[ $(ip -6 rule show) == *"from all lookup main
> suppress_prefixlength 0"* ]]; do
> +               while [[ $(ip -6 rule show 2>/dev/null) == *"from all
> lookup main suppress_prefixlength 0"* ]]; do
>                         cmd ip -6 rule delete table main
> suppress_prefixlength 0
>                 done
>         fi
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190925/852cbdb8/attachment.html>

More information about the WireGuard mailing list