Commit Graph

14 Commits

Author SHA1 Message Date
Luis Ressel 31d8ebcd2a wg-quick: add the "Table" config option
* Table=auto (default) selects the current behaviour
* Table=off disables creation of routes altogether
* All other values are passed through to "ip route add"'s table option

Signed-off-by: Luis Ressel <aranea@aixah.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-12-13 16:28:39 +01:00
Jason A. Donenfeld be4597e10f wg-quick: document localhost exception and v6 rule
Reported-by: Hermann Lienstromberg <nurtic-vibe@grmml.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-11-12 00:57:44 +09:00
Jason A. Donenfeld eb181e811c wg-quick: allow for saving existing interface
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:51:38 +01:00
Jason A. Donenfeld 17f9548182 wg-quick: allow specifiying multiple hooks
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-31 17:25:23 +01:00
Jason A. Donenfeld 6f9b135966 wg: add pass example to wg-quick man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-17 19:26:07 +02:00
Jason A. Donenfeld d7b3f0fcaf wg: man: include kill-switch documentation using fwmark
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-10-11 15:50:29 +02:00
Jason A. Donenfeld 6b27d0d0f0 wg-quick: add explicit support for common DNS usage
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-26 03:38:09 +02:00
Jason A. Donenfeld aad91ae679 global: wireguard.io --> wireguard.com
Due to concerns with the .io TLD, we are switching to using
wireguard.com instead.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-20 03:37:39 +02:00
Jason A. Donenfeld f65fba7dd8 man: update wg-quick(8) to show Debian resolvconf braindamage
While OpenResolv supports explicit ordering directives such as `-m` and
exclusivity directives such as `-x`, Debian's own resolvconf supports
none of this, instead using a hard coded list of interface name
templates for determining ordering. While trying to emulate `-x` is
difficult [*], we can at least try to mostly emulate `-m 0` by
masquerading as a `tun*` interface to resolvconf. Ugly, but it works.

[*] One heavy handed way of emulating `-x` would be something like:

   # echo nameserver 8.8.8.8 > /etc/resolv.conf.wg0-exclusive
   # mount --bind -o ro /etc/resolv.conf.wg0-exclusive /etc/resolv.conf
   # rm -f /etc/resolv.conf.wg0-exclusive

This in practice works quite well, but is a bit heavy to put in a man
page. It also doesn't "stack" well. For example, if we simply run
`umount /etc/resolv.conf`, how do we know which resolv.conf entry we're
unmounting?

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30 18:07:28 +02:00
Jason A. Donenfeld 641b479b44 man: fix psk mention in wg-quick man page
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-18 14:41:24 +02:00
Jason A. Donenfeld 13db708a0f wg-quick: auto MTU discovery
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-17 18:07:42 +02:00
Jason A. Donenfeld 4586e14749 wg-quick: recommend using resolvconf in exclusive mode
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-19 00:07:31 +01:00
Jason A. Donenfeld db4f06d118 wg: man: recommend correct port
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-15 22:22:45 +01:00
Jason A. Donenfeld e975597e72 wg: add wg-quick
This is based on wg-config, but is even easier to use, and now makes
our full tools suite.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-01-05 02:30:20 +01:00