In-kernel WireGuard is ready on DragonFly

Michael Neumann mneumann at ntecs.de
Wed Feb 21 14:18:35 PST 2024 

Awesome! Thanks for doing all this. Your commits looked wonderful - it was a pleasure to follow your work!

Regards,

Michael 

Am 21. Februar 2024 16:25:36 GMT+11:00 schrieb Aaron LI <aly at aaronly.me>:
>Hi all,
>
>I'm pleased to announce that in-kernel WireGuard is ready on DragonFly (master branch) now :D
>
>The work mainly includes the followings:
>- the 'if_wg.ko' kernel module code in sys/net/wg [0]
>- required crypto code, including blake2s, chachapoly, siphash, curve25519
>- the ifconfig(8) support to manage the wg interfaces [1]
>- the wg rc script [2] to easily setup wg
>
>The wg code is ported from FreeBSD [3] but has many significant changes.  The major changes are:
>- replaced the nvlist-based ioctl code with OpenBSD's, and thus ported OpenBSD's ifconfig(8) support as well
>- used taskqueue(9) API directly instead of gtaskqueue(9)
>- used locks instead of epoch(9)
>- made the code much more readable and understandable: added many useful comments, renamed some confusing functions, refactored some logic flows, simplify the return values, etc...
>- add selftest code from the upstream wireguard-freebsd repo [4]
>- unified the code style, and performed various code cleanups
>- fixed a few bugs
>
>The wg rc script [2] is written from scratch as a replacement for wg-quick.  Please read the following wg.conf(5) man page for the configuration file format and examples:
>https://www.dragonflybsd.org/cgi/web-man?command=wg.conf&section=5
>
>For example, write a wg configuration file and place it at '/etc/wireguard/wg0.conf', and then put the following lines in '/etc/rc.conf':
>
>wg_enable="YES"
>wg_interfaces="wg0"
>
>Now the wg0 interface will be auto configured from next startup.
>
>To get it running immediately, do: service wg start wg0
>
>
>Cheers,
>Aaron
>
>
>[0] sys/net/wg: https://gitweb.dragonflybsd.org/dragonfly.git/tree/HEAD:/sys/net/wg
>[1] sbin/ifconfig/ifwg.c: https://gitweb.dragonflybsd.org/dragonfly.git/blob/HEAD:/sbin/ifconfig/ifwg.c
>[2] etc/rc.d/wg: https://gitweb.dragonflybsd.org/dragonfly.git/blob/HEAD:/etc/rc.d/wg
>[3] FreeBSD wireguard code: https://cgit.freebsd.org/src/tree/sys/dev/wg
>[4] wireguard-freebsd selftest: https://git.zx2c4.com/wireguard-freebsd/tree/src/selftest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20240222/56abcc1d/attachment.htm>

More information about the Users mailing list