In-kernel WireGuard is ready on DragonFly

Antonio Huete Jimenez tuxillo at quantumachine.net
Wed Feb 21 00:12:28 PST 2024 

Hi Aly,

Many many thanks, great job! :D

Regards,
Antonio Huete

On 2/21/24 06:25, Aaron LI wrote:
> Hi all,
> 
> I'm pleased to announce that in-kernel WireGuard is ready on DragonFly 
> (master branch) now :D
> 
> The work mainly includes the followings:
> - the 'if_wg.ko' kernel module code in sys/net/wg [0]
> - required crypto code, including blake2s, chachapoly, siphash, curve25519
> - the ifconfig(8) support to manage the wg interfaces [1]
> - the wg rc script [2] to easily setup wg
> 
> The wg code is ported from FreeBSD [3] but has many significant changes. 
>   The major changes are:
> - replaced the nvlist-based ioctl code with OpenBSD's, and thus ported 
> OpenBSD's ifconfig(8) support as well
> - used taskqueue(9) API directly instead of gtaskqueue(9)
> - used locks instead of epoch(9)
> - made the code much more readable and understandable: added many useful 
> comments, renamed some confusing functions, refactored some logic flows, 
> simplify the return values, etc...
> - add selftest code from the upstream wireguard-freebsd repo [4]
> - unified the code style, and performed various code cleanups
> - fixed a few bugs
> 
> The wg rc script [2] is written from scratch as a replacement for 
> wg-quick.  Please read the following wg.conf(5) man page for the 
> configuration file format and examples:
> https://www.dragonflybsd.org/cgi/web-man?command=wg.conf&section=5
> 
> For example, write a wg configuration file and place it at 
> '/etc/wireguard/wg0.conf', and then put the following lines in 
> '/etc/rc.conf':
> 
> wg_enable="YES"
> wg_interfaces="wg0"
> 
> Now the wg0 interface will be auto configured from next startup.
> 
> To get it running immediately, do: service wg start wg0
> 
> 
> Cheers,
> Aaron
> 
> 
> [0] sys/net/wg: 
> https://gitweb.dragonflybsd.org/dragonfly.git/tree/HEAD:/sys/net/wg
> [1] sbin/ifconfig/ifwg.c: 
> https://gitweb.dragonflybsd.org/dragonfly.git/blob/HEAD:/sbin/ifconfig/ifwg.c
> [2] etc/rc.d/wg: 
> https://gitweb.dragonflybsd.org/dragonfly.git/blob/HEAD:/etc/rc.d/wg
> [3] FreeBSD wireguard code: https://cgit.freebsd.org/src/tree/sys/dev/wg
> [4] wireguard-freebsd selftest: 
> https://git.zx2c4.com/wireguard-freebsd/tree/src/selftest

More information about the Users mailing list