Age | Commit message (Collapse) | Author |
|
This change allows to configure `nohostroute` option for wireguard to explicitely prevent creation
of host routes to endpoints.
By default without `option nohostroute '1'`, an explicite route to the peer's endpoint will be created in the main routing table with the next hop to the gateway. However, it causes issues with some setup. Enabling this option will inhibit this behavior. See discussions at http://lists.openwrt.org/pipermail/openwrt-devel/2019-March/016329.html.
Signed-off-by: Yuxiang Zhu <vfreex@gmail.com>
|
|
The unespaced slashes confuse xgettext and likely other source
scanners as well.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Ensure that the preshared key option remains optional.
Fixes: #3075
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
I tried to find a successor in the last months, but that failed.
Signed-off by Dan Luedtke <mail@danrl.com>
|
|
|
|
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
This allows sharing the translation string with other components.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Adds support for the fwmark option.
FwMark is a 32-bit fwmark for outgoing packets.
If set to 0 or "off", this option is disabled.
Signed-off-by: Dan Luedtke <mail@danrl.com>
|
|
Marks package luci-proto-wireguard as architecture independent.
Signed-off-by: Dan Luedtke <mail@danrl.com>
|
|
Signed-off-by: Dan Luedtke <mail@danrl.com>
|
|
Signed-off-by: Dan Luedtke <mail@danrl.com>
|
|
Enable static addresses on WireGuard tunnel interfaces without requiring
an static address interface.
This removes the requirement to use a static address interface on top of a
WireGuard tunnel interface in the majority of cases. In the past, users have
been confused by the current approach and asked for a simpler way to configure
WireGuard interfaces.
Signed-off-by: Dan Luedtke <mail@danrl.com>
|
|
Description was misleading, as the routes are not created automatically. We have
a flag to create routes. Added a hint what to fill into the AlledIPs field as
users repeatedly have struggled to use it correctly. Thanks to Stefan Agner for
providing feedback on this.
Signed-off-by: Dan Luedtke <mail@danrl.com>
|
|
Signed-off-by: Dan Luedtke <mail@danrl.com>
|
|
|
|
Signed-off-by: Dan Lüdtke <mail@danrl.com>
|
|
WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN. WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances.
It runs over UDP.
Signed-off-by: Dan Lüdtke mail@danrl.com
|