Patched wg-quick for FreeBSD
Find a file
Jason A. Donenfeld f65fba7dd8 man: update wg-quick(8) to show Debian resolvconf braindamage
While OpenResolv supports explicit ordering directives such as `-m` and
exclusivity directives such as `-x`, Debian's own resolvconf supports
none of this, instead using a hard coded list of interface name
templates for determining ordering. While trying to emulate `-x` is
difficult [*], we can at least try to mostly emulate `-m 0` by
masquerading as a `tun*` interface to resolvconf. Ugly, but it works.

[*] One heavy handed way of emulating `-x` would be something like:

   # echo nameserver 8.8.8.8 > /etc/resolv.conf.wg0-exclusive
   # mount --bind -o ro /etc/resolv.conf.wg0-exclusive /etc/resolv.conf
   # rm -f /etc/resolv.conf.wg0-exclusive

This in practice works quite well, but is a bit heavy to put in a man
page. It also doesn't "stack" well. For example, if we simply run
`umount /etc/resolv.conf`, how do we know which resolv.conf entry we're
unmounting?

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-05-30 18:07:28 +02:00
contrib noise: redesign preshared key mode 2017-05-17 18:07:42 +02:00
src man: update wg-quick(8) to show Debian resolvconf braindamage 2017-05-30 18:07:28 +02:00
.gitignore
COPYING
README.md

WireGuard — fast, modern, secure kernel VPN tunnel

by Jason A. Donenfeld of Edge Security

WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. It runs over UDP.

More information may be found at WireGuard.io.

License

This project is released under the GPLv2.