[PATCH] wg-quick: Linux and FreeBSD: Add support to search domain in wg-quick
Ricardo Fraile
rfraile at rfraile.eu
Fri Jan 24 19:37:23 CET 2020
Hello,
This patch allows wg-quick to pass the search domain to resolvconf with
the option 'DNSSearch=' as it already does with the 'DNS=' option. As an
example:
[Interface]
...
DNSSearch = lan1.example.com, lan2.example.com
...
This was discussed previously a few times:
https://lists.zx2c4.com/pipermail/wireguard/2019-January/003811.html
https://lists.zx2c4.com/pipermail/wireguard/2018-May/002882.html
https://lists.zx2c4.com/pipermail/wireguard/2019-September/004578.html
Thanks,
Ricardo F.
diff --git a/src/man/wg-quick.8 b/src/man/wg-quick.8
index 6250adc..2094c30 100644
--- a/src/man/wg-quick.8
+++ b/src/man/wg-quick.8
@@ -1,4 +1,4 @@
-.TH WG-QUICK 8 "2016 January 1" ZX2C4 "WireGuard"
+.TH WG-QUICK 8 "2020 January 1" ZX2C4 "WireGuard"
.SH NAME
wg-quick - set up a WireGuard interface simply
@@ -82,6 +82,10 @@ DNS servers. May be specified multiple times. Upon
bringing the interface up, th
.BR resolvconf (8)
are undesirable, the PostUp and PostDown keys below may be used
instead.
.IP \(bu
+DNSSearch \(em a comma-separated list of domain names to be set as the
interface's
+search for hostname lookups. This options runs in conjunction with DNS
and only if that is
+already set. Only available on Linux and FreeBSD.
+.IP \(bu
MTU \(em if not specified, the MTU is automatically determined from the
endpoint addresses
or the system default route, which is usually a sane choice. However,
to manually specify
an MTU to override this automatic discovery, this value may be
specified explicitly.
@@ -124,6 +128,8 @@ traffic:
.br
\fBDNS = 10.200.100.1\fP
.br
+ \fBDNSSearch = loc1.example.com, loc2.example.com\fP
+.br
PrivateKey = oK56DE9Ue9zK76rAc8pBl6opph+1v36lm7cXXsQKrQM=
.br
@@ -141,7 +147,7 @@ traffic:
The `Address` field is added here in order to set up the address for
the interface. The `DNS` field
indicates that a DNS server for the interface should be configured via
-.BR resolvconf (8).
+.BR resolvconf (8), the `DNSSerach` field set the search domains with
it too.
The peer's allowed IPs entry implies that this interface should be
configured as the default gateway,
which this script does.
diff --git a/src/wg-quick/freebsd.bash b/src/wg-quick/freebsd.bash
index c390dcc..a108323 100755
--- a/src/wg-quick/freebsd.bash
+++ b/src/wg-quick/freebsd.bash
@@ -16,6 +16,7 @@ INTERFACE=""
ADDRESSES=( )
MTU=""
DNS=( )
+DNS_SEARCH=( )
TABLE=""
PRE_UP=( )
POST_UP=( )
@@ -85,6 +86,7 @@ parse_options() {
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
MTU) MTU="$value"; continue ;;
DNS) DNS+=( ${value//,/ } ); continue ;;
+ DNSSearch) DNS_SEARCH+=( ${value//,/ } ); continue ;;
Table) TABLE="$value"; continue ;;
PreUp) PRE_UP+=( "$value" ); continue ;;
PreDown) PRE_DOWN+=( "$value" ); continue ;;
@@ -297,7 +299,11 @@ monitor_daemon() {
HAVE_SET_DNS=0
set_dns() {
[[ ${#DNS[@]} -gt 0 ]] || return 0
- printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a "$INTERFACE"
-x
+ if [[ -n $DNS_SEARCH ]]; then
+ (printf 'nameserver %s\n' "${DNS[@]}" && printf 'search %s\n'
"$DNS_SEARCH") | cmd resolvconf -a "$INTERFACE" -x
+ else
+ printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a "$INTERFACE"
-x
+ fi
HAVE_SET_DNS=1
}
@@ -342,8 +348,9 @@ save_config() {
{ read -r _; while read -r _ _ _ address _; do
new_config+="Address = $address"$'\n'
done } < <(netstat -I "$INTERFACE" -n -W -f inet6)
- while read -r address; do
- [[ $address =~ ^nameserver\ ([a-zA-Z0-9_=+:%.-]+)$ ]] &&
new_config+="DNS = ${BASH_REMATCH[1]}"$'\n'
+ while read -r line; do
+ [[ $line =~ ^nameserver\ ([a-zA-Z0-9_=+:%.-]+)$ ]] &&
new_config+="DNS = ${BASH_REMATCH[1]}"$'\n'
+ [[ $line =~ ^search\ (.+)$ ]] && new_config+="DNSSearch =
${BASH_REMATCH[1]/ /, }"$'\n'
done < <(resolvconf -l "$INTERFACE" 2>/dev/null)
[[ -n $MTU ]] && new_config+="MTU = $MTU"$'\n'
[[ -n $TABLE ]] && new_config+="Table = $TABLE"$'\n'
@@ -395,6 +402,7 @@ cmd_usage() {
- Address: may be specified one or more times and contains one or
more
IP addresses (with an optional CIDR mask) to be set for the
interface.
- DNS: an optional DNS server to use while the device is up.
+ - DNSSearch: Search list for host-name lookup to use while the
device is up.
- MTU: an optional MTU for the interface; if unspecified,
auto-calculated.
- Table: an optional routing table to which routes will be added; if
unspecified or \`auto', the default table is used. If \`off', no
routes
diff --git a/src/wg-quick/linux.bash b/src/wg-quick/linux.bash
index 7c2c002..1715354 100755
--- a/src/wg-quick/linux.bash
+++ b/src/wg-quick/linux.bash
@@ -16,6 +16,7 @@ INTERFACE=""
ADDRESSES=( )
MTU=""
DNS=( )
+DNS_SEARCH=( )
TABLE=""
PRE_UP=( )
POST_UP=( )
@@ -57,6 +58,7 @@ parse_options() {
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
MTU) MTU="$value"; continue ;;
DNS) DNS+=( ${value//,/ } ); continue ;;
+ DNSSearch) DNS_SEARCH=${value//,/}; continue ;;
Table) TABLE="$value"; continue ;;
PreUp) PRE_UP+=( "$value" ); continue ;;
PreDown) PRE_DOWN+=( "$value" ); continue ;;
@@ -150,7 +152,11 @@ resolvconf_iface_prefix() {
HAVE_SET_DNS=0
set_dns() {
[[ ${#DNS[@]} -gt 0 ]] || return 0
- printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a
"$(resolvconf_iface_prefix)$INTERFACE" -m 0 -x
+ if [[ -n $DNS_SEARCH ]]; then
+ (printf 'nameserver %s\n' "${DNS[@]}" && printf 'search %s\n'
"$DNS_SEARCH") | cmd resolvconf -a
"$(resolvconf_iface_prefix)$INTERFACE" -m 0 -x
+ else
+ printf 'nameserver %s\n' "${DNS[@]}" | cmd resolvconf -a
"$(resolvconf_iface_prefix)$INTERFACE" -m 0 -x
+ fi
HAVE_SET_DNS=1
}
@@ -253,8 +259,9 @@ save_config() {
for address in ${BASH_REMATCH[1]}; do
new_config+="Address = $address"$'\n'
done
- while read -r address; do
- [[ $address =~ ^nameserver\ ([a-zA-Z0-9_=+:%.-]+)$ ]] &&
new_config+="DNS = ${BASH_REMATCH[1]}"$'\n'
+ while read -r line; do
+ [[ $line =~ ^nameserver\ ([a-zA-Z0-9_=+:%.-]+)$ ]] &&
new_config+="DNS = ${BASH_REMATCH[1]}"$'\n'
+ [[ $line =~ ^search\ (.+)$ ]] && new_config+="DNSSearch =
${BASH_REMATCH[1]/ /, }"$'\n'
done < <(resolvconf -l "$(resolvconf_iface_prefix)$INTERFACE"
2>/dev/null || cat
"/etc/resolvconf/run/interface/$(resolvconf_iface_prefix)$INTERFACE"
2>/dev/null)
[[ -n $MTU && $(ip link show dev "$INTERFACE") =~ mtu\ ([0-9]+) ]] &&
new_config+="MTU = ${BASH_REMATCH[1]}"$'\n'
[[ -n $TABLE ]] && new_config+="Table = $TABLE"$'\n'
@@ -304,6 +311,7 @@ cmd_usage() {
- Address: may be specified one or more times and contains one or
more
IP addresses (with an optional CIDR mask) to be set for the
interface.
- DNS: an optional DNS server to use while the device is up.
+ - DNSSearch: Search list for host-name lookup to use while the
device is up.
- MTU: an optional MTU for the interface; if unspecified,
auto-calculated.
- Table: an optional routing table to which routes will be added; if
unspecified or \`auto', the default table is used. If \`off', no
routes
More information about the WireGuard
mailing list