On Wed 22 Jan 17:42, Kyle Evans wrote:
> On 1/22/25 17:41, Daniel Lovasko wrote:
> > Hello all,
> >
> > I noticed that OpenBSD has added the ability to control the WireGuard
> > interfaces through ifconfig. I am interested in implementing similar
> > support in FreeBSD - is there anyone already working on this or perhaps
> > the right mentor for adding this functionality? NetBSD has a similar
> > functionality exposed through the wgconfig tool.
> >
> > Short rationale: 1) not needing a package to do the setup, 2) procedural
> > configuration, 3) ability to include all config in rc.conf, 4)
> > consistency with other interface types (e.g. carp or gre).
> >
>
> re: #1, we do have wg(8) installed as part of base; one can do at least
> somewhat simple setups without a package.
>

I can resume this and finish it if really needed:
https://reviews.freebsd.org/D42880 but Kyle convinced me that it was not really
needed since wg is in base already.

The motivation for me to write D42880 was the same as yours and in fact it is
perfectly doable with the current integration.

In my case I have the following setup:

A script /etc/start_if.wg0

which contains:
---
#!/bin/sh

/usr/bin/wg setconf $1 /usr/local/etc/wireguard/$1.conf
---

Note that in this configuration one need to not have the Address in the
configuration unlike regular wireguard.

the rest is handled in rc.conf

cloned_interface=wg0
ifconfig_wg0="inet ..."
static_routes="zone0:wg0"
route_zone0="-inet ..... -interface wg0"

This gives me a wireguard interface pretty early in the boot process. and simple
configuration without the requirement of a single package.


Note that if I create a wg1 I just need a symlink:
/etc/start_if.wg0 -> /etc/start_if.wg0

Best regards,
Bapt


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de