MLD-5.x > x86 Systeme (PC)

<MLD-5.5 testing> WireGuard

(1/1)

gr4vity:
Hi,

I have noticed WireGuard VPN while using OpenWrt then decided to make it work under MLD as well.
I activated WireGuard module in MLD kernel config, build it, installed iptables and wireguard-tools and voilĂ  it worked  :)


--- Code: ---MLD> modinfo wireguard
filename:       /lib/modules/5.15.40.2+/kernel/drivers/net/wireguard/wireguard.ko
author:         Jason A. Donenfeld <Jason@zx2c4.com>
description:    WireGuard secure network tunnel
license:        GPL v2
version:        1.0.0
alias:          net-pf-16-proto-16-family-wireguard
alias:          rtnl-link-wireguard
srcversion:     DCB386D1C4DBE397FBCACDA
depends:        libblake2s,udp_tunnel,curve25519-x86_64,libchacha20poly1305,ip6_udp_tunnel,libcurve25519-generic
intree:         Y
vermagic:       5.15.40.2+ SMP mod_unload modversions

--- End code ---


--- Code: ---MLD user.info kernel: [  659.427769] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information.
MLD user.info kernel: [  659.427773] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
--- End code ---


--- Code: ---MLD>  wg-quick up wg0
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_GB.UTF-8)
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.66.66.4/32 dev wg0
[#] ip -6 address add fd42:42:42::4/128 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a tun.wg0 -m 0 -x
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link                                                                              to /etc/resolvconf/run/resolv.conf
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
--- End code ---


--- Code: ---MLD> wg show wg0
interface: wg0
  public key: juPGRJ7rgyhbCu6JIu7PLr6iBZ5kbOOdmvPPUvdOJwg=
  private key: (hidden)
  listening port: 49530
  fwmark: 0xca6c

peer: 6PVEWBaOqi5tN75+G4nHwzUqlPLIHzWXdeGTK7Jso0o=
  preshared key: (hidden)
  endpoint: ---.--.--.--:51820
  allowed ips: 0.0.0.0/0, ::/0
  latest handshake: 22 seconds ago
  transfer: 609.29 KiB received, 122.18 KiB sent
  persistent keepalive: every 25 seconds
--- End code ---

P.s. i only used it an a client, will try to figure out the server part later.

Best Regards.

gr4vity:
So i'm trying to figure out WireGuard server, i reached that point when adding rules to ufw firewall.
However, i'm getting the following error


--- Code: ---MLD>  ufw allow 51820/udp
ERROR: Couldn't determine iptables version
--- End code ---


--- Code: ---MLD>  iptables --version
iptables v1.8.2 (legacy)
--- End code ---


--- Code: ---MLD> update-alternatives --config iptables
update-alternatives: error: no alternatives for iptables
--- End code ---
Any idea?
Or should i remove ufw since noone will connect to that server but me?  :D

Navigation

[0] Message Index

Go to full version