[1] MLD-5.x / Systems / x86 Systeme (PC) / <MLD-5.5 testing> WireGuard
 

Offline gr4vity

  • Expert Member
  • *****
  • Posts: 604
    • View Profile
<MLD-5.5 testing> WireGuard
« on: June 09, 2022, 21:02:26 »
Hi,

I have noticed WireGuard VPN while using OpenWrt then decided to make it work under MLD as well.
I activated WireGuard module in MLD kernel config, build it, installed iptables and wireguard-tools and voilĂ  it worked  :)

Code: [Select]
MLD> modinfo wireguard
filename:       /lib/modules/5.15.40.2+/kernel/drivers/net/wireguard/wireguard.ko
author:         Jason A. Donenfeld <Jason@zx2c4.com>
description:    WireGuard secure network tunnel
license:        GPL v2
version:        1.0.0
alias:          net-pf-16-proto-16-family-wireguard
alias:          rtnl-link-wireguard
srcversion:     DCB386D1C4DBE397FBCACDA
depends:        libblake2s,udp_tunnel,curve25519-x86_64,libchacha20poly1305,ip6_udp_tunnel,libcurve25519-generic
intree:         Y
vermagic:       5.15.40.2+ SMP mod_unload modversions

Code: [Select]
MLD user.info kernel: [  659.427769] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information.
MLD user.info kernel: [  659.427773] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.

Code: [Select]
MLD>  wg-quick up wg0
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_GB.UTF-8)
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.66.66.4/32 dev wg0
[#] ip -6 address add fd42:42:42::4/128 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a tun.wg0 -m 0 -x
/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a symbolic link                                                                              to /etc/resolvconf/run/resolv.conf
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n

Code: [Select]
MLD> wg show wg0
interface: wg0
  public key: juPGRJ7rgyhbCu6JIu7PLr6iBZ5kbOOdmvPPUvdOJwg=
  private key: (hidden)
  listening port: 49530
  fwmark: 0xca6c

peer: 6PVEWBaOqi5tN75+G4nHwzUqlPLIHzWXdeGTK7Jso0o=
  preshared key: (hidden)
  endpoint: ---.--.--.--:51820
  allowed ips: 0.0.0.0/0, ::/0
  latest handshake: 22 seconds ago
  transfer: 609.29 KiB received, 122.18 KiB sent
  persistent keepalive: every 25 seconds

P.s. i only used it an a client, will try to figure out the server part later.

Best Regards.

« Last Edit: June 16, 2022, 21:54:23 by gr4vity »

Offline gr4vity

  • Expert Member
  • *****
  • Posts: 604
    • View Profile
<MLD-5.5 testing> WireGuard
« Reply #1 on: June 16, 2022, 22:01:41 »
So i'm trying to figure out WireGuard server, i reached that point when adding rules to ufw firewall.
However, i'm getting the following error

Code: [Select]
MLD>  ufw allow 51820/udp
ERROR: Couldn't determine iptables version

Code: [Select]
MLD>  iptables --version
iptables v1.8.2 (legacy)

Code: [Select]
MLD> update-alternatives --config iptables
update-alternatives: error: no alternatives for iptables
Any idea?
Or should i remove ufw since noone will connect to that server but me?  :D
« Last Edit: June 16, 2022, 22:03:16 by gr4vity »

[1] MLD-5.x / Systems / x86 Systeme (PC) / <MLD-5.5 testing> WireGuard
 



Users Online Users Online

0 Members and 1 Guest are viewing this topic.