Re: [PATCH] Fix formatting in wg-quick(8)

Re: [PATCH] Fix formatting in wg-quick(8)

[Jason A. Donenfeld]

Hi Stephen,

Thanks for the patch! I really appreciate it. A few comments in-line
below. Could you CC v2 of this to wireguard@lists.zx2c4.com?

Also, how would you feel about doing the same to wg.8 (in the same
repo)? It has basically the same set of issues.

Jason

On Thu, Feb 13, 2020 at 5:50 AM Stephen Gregoratto <dev@sgregoratto.me> wrote:
>
> - Wrap all text at 80 chars.
> - Put all config examples/code in their blocks and eliminate the use
>   of explicit breaks (.br).
> - Replace all empty lines with explicit paragraph breaks.
> - Simplify synopsis formatting. Command modifiers are now emboldened,
>   based on output from mandoc's mdoc -> man conversion.
> ---

This commit needs your `Signed-off-by: Stephen Gregoratto
<dev@sgregoratto.me>` line at the bottom for it to be accepted.

>  src/man/wg-quick.8 | 394 +++++++++++++++++++++------------------------
>  1 file changed, 186 insertions(+), 208 deletions(-)
>
> diff --git a/src/man/wg-quick.8 b/src/man/wg-quick.8
> index c38c7d9..215e789 100644
> --- a/src/man/wg-quick.8
> +++ b/src/man/wg-quick.8
> @@ -1,46 +1,35 @@
> -.TH WG-QUICK 8 "2016 January 1" ZX2C4 "WireGuard"
> -
> +.TH WG-QUICK 8 "2019-02-13" ZX2C4 "WireGuard"

It's 2020 now, but what would you think of retaining the original
date? Or do you usually bump it on every change? I'm not sure what the
convention is.

>  .SH NAME
> -wg-quick - set up a WireGuard interface simply
> -
> +\fBwg-quick\fR
> +\- set up a WireGuard interface simply

Similar change needed for wg(8) too of course.

>  .SH SYNOPSIS
> -.B wg-quick
> -[
> -.I up
> -|
> -.I down
> -|
> -.I save
> -|
> -.I strip
> -] [
> -.I CONFIG_FILE
> -|
> -.I INTERFACE
> -]
> -
> +\fBwg-quick\fR
> +[\fBup\fR\ |\ \fBdown\fR\ |\ \fBsave\fR\ |\ \fBstrip\fR]
> +[\fICONFIG-FILE\fR]
> +[\fIINTERFACE\fR]
>  .SH DESCRIPTION

Doing it like this is a lot more readable. Thanks.

> -
>  This is an extremely simple script for easily bringing up a WireGuard interface,
>  suitable for a few common use cases.
> -
> -Use \fIup\fP to add and set up an interface, and use \fIdown\fP to tear down and remove
> -an interface. Running \fIup\fP adds a WireGuard interface, brings up the interface with the
> -supplied IP addresses, sets up mtu and routes, and optionally runs pre/post up scripts. Running \fIdown\fP
> -optionally saves the current configuration, removes the WireGuard interface, and optionally
> -runs pre/post down scripts. Running \fIsave\fP saves the configuration of an existing
> -interface without bringing the interface down. Use \fIstrip\fP to output a configuration file
> -with all
> -.BR wg-quick (8)-specific
> +.PP
> +Use \fBup\fP to add and set up an interface, and use \fBdown\fP to tear down and
> +remove an interface. Running \fBup\fP adds a WireGuard interface, brings up the
> +interface with the supplied IP addresses, sets up mtu and routes, and optionally
> +runs pre/post up scripts. Running \fBdown\fP optionally saves the current
> +configuration, removes the WireGuard interface, and optionally runs pre/post
> +down scripts. Running \fBsave\fP saves the configuration of an existing
> +interface without bringing the interface down. Use \fBstrip\fP to output a
> +configuration file with all
> +.BR wg-quick \-specific
>  options removed, suitable for use with
>  .BR wg (8).

Looks like you removed the (8) on wg-quick there by accident.

> -
> +.PP
>  \fICONFIG_FILE\fP is a configuration file, whose filename is the interface name
> -followed by `.conf'. Otherwise, \fIINTERFACE\fP is an interface name, with configuration
> -found at `/etc/wireguard/\fIINTERFACE\fP.conf', searched first, followed by distro-specific
> -search paths.
> -
> -Generally speaking, this utility is just a simple script that wraps invocations to
> +followed by `.conf'. Otherwise, \fIINTERFACE\fP is an interface name, with
> +configuration found at `/etc/wireguard/\fIINTERFACE\fP.conf', searched first,
> +followed by distro-specific search paths.
> +.PP
> +Generally speaking, this utility is just a simple script that wraps invocations
> +to
>  .BR wg (8)
>  and
>  .BR ip (8)
> @@ -51,40 +40,40 @@ specific tool, a more complete network manager, or otherwise just use
>  and
>  .BR ip (8),
>  as usual.
> -
>  .SH CONFIGURATION
> -
> -The configuration file adds a few extra configuration values to the format understood by
> +The configuration file adds a few extra configuration values to the format
> +understood by
>  .BR wg (8)
>  in order to configure additional attributes of an interface. It handles the
>  values that it understands, and then it passes the remaining ones directly to
>  .BR wg (8)
>  for further processing.
> -
> +.PP
>  It infers all routes from the list of peers' allowed IPs, and automatically adds
>  them to the system routing table. If one of those routes is the default route
>  (0.0.0.0/0 or ::/0), then it uses
>  .BR ip-rule (8)
>  to handle overriding of the default gateway.
> -
> +.PP
>  The configuration file will be passed directly to \fBwg\fP(8)'s `setconf'
> -sub-command, with the exception of the following additions to the \fIInterface\fP section,
> -which are handled by this tool:
> -
> +sub-command, with the exception of the following additions to the
> +\fBInterface\fP section, which are handled by this tool:
>  .IP \(bu
> -Address \(em a comma-separated list of IP (v4 or v6) addresses (optionally with CIDR masks)
> -to be assigned to the interface. May be specified multiple times.
> +Address \(em a comma-separated list of IP (v4 or v6) addresses (optionally with
> +CIDR masks) to be assigned to the interface. May be specified multiple times.
>  .IP \(bu
> -DNS \(em a comma-separated list of IP (v4 or v6) addresses to be set as the interface's
> -DNS servers. May be specified multiple times. Upon bringing the interface up, this runs
> -`resolvconf -a tun.\fIINTERFACE\fP -m 0 -x` and upon bringing it down, this runs
> -`resolvconf -d tun.\fIINTERFACE\fP`. If these particular invocations of
> +DNS \(em a comma-separated list of IP (v4 or v6) addresses to be set as the
> +interface's DNS servers. May be specified multiple times. Upon bringing the
> +interface up, this runs `resolvconf -a tun.\fIINTERFACE\fP -m 0 -x` and upon
> +bringing it down, this runs `resolvconf -d tun.\fIINTERFACE\fP`. If these
> +particular invocations of
>  .BR resolvconf (8)
>  are undesirable, the PostUp and PostDown keys below may be used instead.
>  .IP \(bu
> -MTU \(em if not specified, the MTU is automatically determined from the endpoint addresses
> -or the system default route, which is usually a sane choice. However, to manually specify
> -an MTU to override this automatic discovery, this value may be specified explicitly.
> +MTU \(em if not specified, the MTU is automatically determined from the endpoint
> +addresses or the system default route, which is usually a sane choice. However,
> +to manually specify an MTU to override this automatic discovery, this value may
> +be specified explicitly.
>  .IP \(bu
>  Table \(em Controls the routing table to which routes are added. There are two
>  special values: `off' disables the creation of routes altogether, and `auto'
> @@ -93,178 +82,167 @@ default routes.
>  .IP \(bu
>  PreUp, PostUp, PreDown, PostDown \(em script snippets which will be executed by
>  .BR bash (1)
> -before/after setting up/tearing down the interface, most commonly used
> -to configure custom DNS options or firewall rules. The special string `%i'
> -is expanded to \fIINTERFACE\fP. Each one may be specified multiple times, in which case
> -the commands are executed in order.
> +before/after setting up/tearing down the interface, most commonly used to
> +configure custom DNS options or firewall rules. The special string `%i' is
> +expanded to \fIINTERFACE\fP. Each one may be specified multiple times, in which
> +case the commands are executed in order.
>  .IP \(bu
> -SaveConfig \(em if set to `true', the configuration is saved from the current state of the
> -interface upon shutdown.
> -
> -.P
> -Recommended \fIINTERFACE\fP names include `wg0' or `wgvpn0' or even `wgmgmtlan0'.
> -However, the number at the end is in fact optional, and really
> -any free-form string [a-zA-Z0-9_=+.-]{1,15} will work. So even interface names corresponding
> -to geographic locations would suffice, such as `cincinnati', `nyc', or `paris', if that's
> -somehow desirable.
> -
> +SaveConfig \(em if set to `true', the configuration is saved from the current
> +state of the interface upon shutdown.
> +.PP
> +Recommended \fIINTERFACE\fP names include `wg0' or `wgvpn0' or even
> +`wgmgmtlan0'.  However, the number at the end is in fact optional, and really
> +any free-form string [a-zA-Z0-9_=+.-]{1,15} will work. So even interface names
> +corresponding to geographic locations would suffice, such as `cincinnati',
> +`nyc', or `paris', if that's somehow desirable.
>  .SH EXAMPLES
> -
>  These examples draw on the same syntax found for
>  .BR wg (8),
> -and a more complete description may be found there. Bold lines below are for options that extend
> +and a more complete description may be found there. Bold lines below are for
> +options that extend
>  .BR wg (8).
> -
> -The following might be used for connecting as a client to a VPN gateway for tunneling all
> -traffic:
> -
> -    [Interface]
> -.br
> -    \fBAddress = 10.200.100.8/24\fP
> -.br
> -    \fBDNS = 10.200.100.1\fP
> -.br
> -    PrivateKey = oK56DE9Ue9zK76rAc8pBl6opph+1v36lm7cXXsQKrQM=
> -.br
> -
> -.br
> -    [Peer]
> -.br
> -    PublicKey = GtL7fZc/bLnqZldpVofMCD6hDjrK28SsdLxevJ+qtKU=
> -.br
> -    PresharedKey = /UwcSPg38hW/D9Y3tcS1FOV0K1wuURMbS0sesJEP5ak=
> -.br
> -    AllowedIPs = 0.0.0.0/0
> -.br
> -    Endpoint = demo.wireguard.com:51820
> -.br
> -
> -The `Address` field is added here in order to set up the address for the interface. The `DNS` field
> -indicates that a DNS server for the interface should be configured via
> +.PP
> +The following might be used for connecting as a client to a VPN gateway for
> +tunneling all traffic:
> +.nf
> +.sp
> +.RS 6n

Never seen these three modifiers. They set spacing somehow?

> +[Interface]
> +\fBAddress = 10.200.100.8/24\fP
> +\fBDNS = 10.200.100.1\fP
> +PrivateKey = oK56DE9Ue9zK76rAc8pBl6opph+1v36lm7cXXsQKrQM=
> +
> +[Peer]
> +PublicKey = GtL7fZc/bLnqZldpVofMCD6hDjrK28SsdLxevJ+qtKU=
> +PresharedKey = /UwcSPg38hW/D9Y3tcS1FOV0K1wuURMbS0sesJEP5ak=
> +AllowedIPs = 0.0.0.0/0
> +Endpoint = demo.wireguard.com:51820
> +.RE
> +.fi
> +.PP
> +The `Address` field is added here in order to set up the address for the
> +interface. The `DNS` field indicates that a DNS server for the interface should
> +be configured via
>  .BR resolvconf (8).
> -The peer's allowed IPs entry implies that this interface should be configured as the default gateway,
> -which this script does.
> -
> -Building on the last example, one might attempt the so-called ``kill-switch'', in order
> -to prevent the flow of unencrypted packets through the non-WireGuard interfaces, by adding the following
> -two lines `PostUp` and `PreDown` lines to the `[Interface]` section:
> -
> -    \fBPostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT\fP
> -.br
> -    \fBPreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT\fP
> -.br
> -
> +The peer's allowed IPs entry implies that this interface should be configured as
> +the default gateway, which this script does.
> +.PP
> +Building on the last example, one might attempt the so-called ``kill-switch'',
> +in order to prevent the flow of unencrypted packets through the non-WireGuard
> +interfaces, by adding the following two lines `PostUp' and `PreDown' lines to
> +the `[Interface]' section:
> +.nf
> +.sp
> +.RS 6n
> +\fBPostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT\fP
> +\fBPreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT\fP
> +.RE
> +.fi
> +.PP
>  The `PostUp' and `PreDown' fields have been added to specify an
>  .BR iptables (8)
> -command which, when used with interfaces that have a peer that specifies 0.0.0.0/0 as part of the
> -`AllowedIPs', works together with wg-quick's fwmark usage in order to drop all packets that
> -are either not coming out of the tunnel encrypted or not going through the tunnel itself. (Note
> -that this continues to allow most DHCP traffic through, since most DHCP clients make use of PF_PACKET
> -sockets, which bypass Netfilter.) When IPv6 is in use, additional similar lines could be added using
> +command which, when used with interfaces that have a peer that specifies
> +0.0.0.0/0 as part of the `AllowedIPs', works together with wg-quick's fwmark
> +usage in order to drop all packets that are either not coming out of the tunnel
> +encrypted or not going through the tunnel itself. (Note that this continues to
> +allow most DHCP traffic through, since most DHCP clients make use of PF_PACKET
> +sockets, which bypass Netfilter.) When IPv6 is in use, additional similar lines
> +could be added using
>  .BR ip6tables (8).
> -
> -Or, perhaps it is desirable to store private keys in encrypted form, such as through use of
> +.PP
> +Or, perhaps it is desirable to store private keys in encrypted form, such as
> +through use of
>  .BR pass (1):
> -
> -    \fBPostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)\fP
> -.br
> -
> -For use on a server, the following is a more complicated example involving multiple peers:
> -
> -    [Interface]
> -.br
> -    \fBAddress = 10.192.122.1/24\fP
> -.br
> -    \fBAddress = 10.10.0.1/16\fP
> -.br
> -    \fBSaveConfig = true\fP
> -.br
> -    PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
> -.br
> -    ListenPort = 51820
> -.br
> -
> -.br
> -    [Peer]
> -.br
> -    PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
> -.br
> -    AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
> -.br
> -
> -.br
> -    [Peer]
> -.br
> -    PublicKey = TrMvSoP4jYQlY6RIzBgbssQqY3vxI2Pi+y71lOWWXX0=
> -.br
> -    AllowedIPs = 10.192.122.4/32, 192.168.0.0/16
> -.br
> -
> -.br
> -    [Peer]
> -.br
> -    PublicKey = gN65BkIKy1eCE9pP1wdc8ROUtkHLF2PfAqYdyYBz6EA=
> -.br
> -    AllowedIPs = 10.10.10.230/32
> -
> -Notice the two `Address' lines at the top, and that `SaveConfig' is set to `true', indicating
> -that the configuration file should be saved on shutdown using the current status of the
> -interface.
> -
> -A combination of the `Table', `PostUp', and `PreDown' fields may be used for policy routing
> -as well. For example, the following may be used to send SSH traffic (TCP port 22) traffic
> -through the tunnel:
> -
> -    [Interface]
> -.br
> -    Address = 10.192.122.1/24
> -.br
> -    PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
> -.br
> -    ListenPort = 51820
> -.br
> -    \fBTable = 1234\fP
> -.br
> -    \fBPostUp = ip rule add ipproto tcp dport 22 table 1234\fP
> -.br
> -    \fBPreDown = ip rule delete ipproto tcp dport 22 table 1234\fP
> -.br
> -
> -.br
> -    [Peer]
> -.br
> -    PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
> -.br
> -    AllowedIPs = 0.0.0.0/0
> -
> -These configuration files may be placed in any directory, putting the desired interface name
> -in the filename:
> -
> -\fB    # wg-quick up /path/to/wgnet0.conf\fP
> -
> -For convenience, if only an interface name is supplied, it automatically chooses a path in
> -`/etc/wireguard/':
> -
> -\fB    # wg-quick up wgnet0\fP
> -
> +.PP
> +.RS 6n
> +\fBPostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)\fP
> +.RE
> +.PP
> +For use on a server, the following is a more complicated example involving
> +multiple peers:
> +.nf
> +.sp
> +.RS 6n
> +[Interface]
> +\fBAddress = 10.192.122.1/24\fP
> +\fBAddress = 10.10.0.1/16\fP
> +\fBSaveConfig = true\fP
> +PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
> +ListenPort = 51820
> +
> +[Peer]
> +PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
> +AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
> +
> +[Peer]
> +PublicKey = TrMvSoP4jYQlY6RIzBgbssQqY3vxI2Pi+y71lOWWXX0=
> +AllowedIPs = 10.192.122.4/32, 192.168.0.0/16
> +
> +[Peer]
> +PublicKey = gN65BkIKy1eCE9pP1wdc8ROUtkHLF2PfAqYdyYBz6EA=
> +AllowedIPs = 10.10.10.230/32
> +.RE
> +.fi
> +.PP
> +Notice the two `Address' lines at the top, and that `SaveConfig' is set to
> +`true', indicating that the configuration file should be saved on shutdown using
> +the current status of the interface.
> +.PP
> +A combination of the `Table', `PostUp', and `PreDown' fields may be used for
> +policy routing as well. For example, the following may be used to send SSH
> +traffic (TCP port 22) traffic through the tunnel:
> +.nf
> +.sp
> +.RS 6n
> +[Interface]
> +Address = 10.192.122.1/24
> +PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
> +ListenPort = 51820
> +\fBTable = 1234\fP
> +\fBPostUp = ip rule add ipproto tcp dport 22 table 1234\fP
> +\fBPreDown = ip rule delete ipproto tcp dport 22 table 1234\fP
> +
> +[Peer]
> +PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
> +AllowedIPs = 0.0.0.0/0
> +.RE
> +.fi
> +.PP
> +These configuration files may be placed in any directory, putting the desired
> +interface name in the filename:
> +.PP
> +.RS 6n
> +# wg-quick up /path/to/wgnet0.conf
> +.RE
> +.PP
> +For convenience, if only an interface name is supplied, it automatically chooses
> +a path in `/etc/wireguard/':
> +.PP
> +.RS 6n
> +# wg-quick up wgnet0
> +.RE
> +.PP
>  This will load the configuration file `/etc/wireguard/wgnet0.conf'.
> -
> -The \fIstrip\fP command is useful for reloading configuration files without disrupting active
> -sessions:
> -
> -\fB    # wg addconf wgnet0 <(wg-quick strip wgnet0)\fP
> -
> -(Note that the above command will add and update peers but will not remove peers.)
> -
> +.PP
> +The \fBstrip\fP command is useful for reloading configuration files without
> +disrupting active sessions:
> +.PP
> +.RS 6n
> +# wg addconf wgnet0 <(wg-quick strip wgnet0)
> +.RE
> +.PP
> +(Note that the above command will add and update peers but will not remove
> +peers.)
>  .SH SEE ALSO
> -.BR wg (8),
> +.BR pass (1),
>  .BR ip (8),
> -.BR ip-link (8),
>  .BR ip-address (8),
> +.BR ip-link (8),
>  .BR ip-route (8),
>  .BR ip-rule (8),
> -.BR resolvconf (8).
> -
> +.BR iptables (8),
> +.BR resolvconf (8),
> +.BR wg (8)
>  .SH AUTHOR
>  .B wg-quick

You've ordered these alphabetically, but the original ordering was
chosen deliberately.

>  was written by
> --
> 2.25.0

Thanks again!
Jason
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: [PATCH] Fix formatting in wg-quick(8)

[Ingo Schwarze]

Hi Jason,

Jason A. Donenfeld wrote on Thu, Feb 13, 2020 at 05:31:41PM +0100:
> On Thu, Feb 13, 2020 at 5:50 AM Stephen Gregoratto <dev@sgregoratto.me> wrote:

>> +.TH WG-QUICK 8 "2019-02-13" ZX2C4 "WireGuard"

> It's 2020 now, but what would you think of retaining the original
> date? Or do you usually bump it on every change? I'm not sure what the
> convention is.

The .TH macro is supposed to contain the date of the last change.

If you want to explain when something was first implemented,
you can do that below ".SH HISTORY".

>> +.PP
>> +The following might be used for connecting as a client to a VPN gateway for
>> +tunneling all traffic:
>> +.nf
>> +.sp
>> +.RS 6n

> Never seen these three modifiers. They set spacing somehow?

Not sure what you mean by "modifiers".
.nf and .sp are roff(7) requests, .RS is a man(7) macro,
and 6n is a scaling width.

  https://man.openbsd.org/roff.7#nf
  https://man.openbsd.org/roff.7#sp
  https://man.openbsd.org/man.7#RS_2
  https://man.openbsd.org/roff.7#Scaling_Widths

>>  .SH SEE ALSO
>> -.BR wg (8),
>> +.BR pass (1),
>>  .BR ip (8),
>> -.BR ip-link (8),
>>  .BR ip-address (8),
>> +.BR ip-link (8),
>>  .BR ip-route (8),
>>  .BR ip-rule (8),
>> -.BR resolvconf (8).
>> -
>> +.BR iptables (8),
>> +.BR resolvconf (8),
>> +.BR wg (8)
>>  .SH AUTHOR
>>  .B wg-quick

> You've ordered these alphabetically, but the original ordering was
> chosen deliberately.

Sorting first by section, then alphabetically is done by convention.
For example, see this style guide:

  https://mandoc.bsd.lv/mdoc/style/see_also.html

The reason is that the number of references ought to be small,
so deliberate ordering adds little value, and a fixed ordering
results in a more predictable experience for the reader.

Yours,
  Ingo
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

[PATCH v2] Rewrite wg-quick.8 in mdoc

[Stephen Gregoratto]

Since the program arguments are semantically marked-up as such, I've
made them lower-case so the manual isn't yelling at us.

Some of text has been reworded slightly to better fit manpage
conventions. I've also wrapped the text to 80 chars.

Signed-off-by: Stephen Gregoratto <dev@sgregoratto.me>
---
For some reason, groff produces this warning, even though it's formatted
correctly:

troff: wg-quick.8:314: name expected (got '\c'): treated as missing

I'm working on simplifying the structure of wg.8 in addition to
rewriting it, which will take some time.

 src/man/wg-quick.8 | 564 ++++++++++++++++++++++++---------------------
 1 file changed, 303 insertions(+), 261 deletions(-)

diff --git a/src/man/wg-quick.8 b/src/man/wg-quick.8
index c38c7d9..2ed90a5 100644
--- a/src/man/wg-quick.8
+++ b/src/man/wg-quick.8
@@ -1,277 +1,319 @@
-.TH WG-QUICK 8 "2016 January 1" ZX2C4 "WireGuard"
-
-.SH NAME
-wg-quick - set up a WireGuard interface simply
-
-.SH SYNOPSIS
-.B wg-quick
-[
-.I up
-|
-.I down
-|
-.I save
-|
-.I strip
-] [
-.I CONFIG_FILE
-|
-.I INTERFACE
-]
-
-.SH DESCRIPTION
-
+.Dd February 14, 2020
+.Dt WG-QUICK 8
+.Os
+.Sh NAME
+.Nm wg-quick
+.Nd set up a WireGuard interface simply
+.Sh SYNOPSIS
+.Nm
+.Op Cm up | down | sconfig-file
+.Op Ar config-file
+.Op Ar interface
+.Sh DESCRIPTION
 This is an extremely simple script for easily bringing up a WireGuard interface,
 suitable for a few common use cases.
-
-Use \fIup\fP to add and set up an interface, and use \fIdown\fP to tear down and remove
-an interface. Running \fIup\fP adds a WireGuard interface, brings up the interface with the
-supplied IP addresses, sets up mtu and routes, and optionally runs pre/post up scripts. Running \fIdown\fP
-optionally saves the current configuration, removes the WireGuard interface, and optionally
-runs pre/post down scripts. Running \fIsave\fP saves the configuration of an existing
-interface without bringing the interface down. Use \fIstrip\fP to output a configuration file
-with all
-.BR wg-quick (8)-specific
+.Pp
+Use
+.Cm up
+to add and set up an interface, and use
+.Cm down
+to tear down and remove an interface.
+Running
+.Cm up
+adds a WireGuard interface, brings up the interface with the supplied IP
+addresses, sets up mtu and routes, and optionally runs pre/post up scripts.
+Running
+.Cm down
+optionally saves the current configuration, removes the WireGuard interface, and
+optionally runs pre/post down scripts.
+Running
+.Cm save
+saves the configuration of an existing interface without bringing the interface
+down.
+Use
+.Cm strip
+to output a configuration file with all
+.Nm Ns -specific
 options removed, suitable for use with
-.BR wg (8).
-
-\fICONFIG_FILE\fP is a configuration file, whose filename is the interface name
-followed by `.conf'. Otherwise, \fIINTERFACE\fP is an interface name, with configuration
-found at `/etc/wireguard/\fIINTERFACE\fP.conf', searched first, followed by distro-specific
-search paths.
-
-Generally speaking, this utility is just a simple script that wraps invocations to
-.BR wg (8)
+.Xr wg 8 .
+.Pp
+.Ar config-file
+is a configuration file, whose filename is the interface name followed by
+.Ql \&.conf .
+Otherwise,
+.Ar interface
+is an interface name, with configuration found at
+.Pa /etc/wireguard/interface.conf ,
+searched first, followed by distro-specific search paths.
+.Pp
+Generally speaking, this utility is just a simple script that wraps invocations
+to
+.Xr wg 8
 and
-.BR ip (8)
-in order to set up a WireGuard interface. It is designed for users with simple
-needs, and users with more advanced needs are highly encouraged to use a more
-specific tool, a more complete network manager, or otherwise just use
-.BR wg (8)
+.Xr ip 8
+in order to set up a WireGuard interface.
+It is designed for users with simple needs, and users with more advanced needs
+are highly encouraged to use a more specific tool, a more complete network
+manager, or otherwise just use
+.Xr wg 8
 and
-.BR ip (8),
+.Xr ip 8
 as usual.
-
-.SH CONFIGURATION
-
-The configuration file adds a few extra configuration values to the format understood by
-.BR wg (8)
-in order to configure additional attributes of an interface. It handles the
-values that it understands, and then it passes the remaining ones directly to
-.BR wg (8)
+.Sh CONFIGURATION
+The configuration file adds a few extra configuration values to the format
+understood by
+.Xr wg 8
+in order to configure additional attributes of an interface.
+It handles the values that it understands, and then it passes the remaining ones
+directly to
+.Xr wg 8
 for further processing.
-
+.Pp
 It infers all routes from the list of peers' allowed IPs, and automatically adds
-them to the system routing table. If one of those routes is the default route
+them to the system routing table.
+If one of those routes is the default route
 (0.0.0.0/0 or ::/0), then it uses
-.BR ip-rule (8)
+.Xr ip-rule 8
 to handle overriding of the default gateway.
-
-The configuration file will be passed directly to \fBwg\fP(8)'s `setconf'
-sub-command, with the exception of the following additions to the \fIInterface\fP section,
-which are handled by this tool:
-
-.IP \(bu
-Address \(em a comma-separated list of IP (v4 or v6) addresses (optionally with CIDR masks)
-to be assigned to the interface. May be specified multiple times.
-.IP \(bu
-DNS \(em a comma-separated list of IP (v4 or v6) addresses to be set as the interface's
-DNS servers. May be specified multiple times. Upon bringing the interface up, this runs
-`resolvconf -a tun.\fIINTERFACE\fP -m 0 -x` and upon bringing it down, this runs
-`resolvconf -d tun.\fIINTERFACE\fP`. If these particular invocations of
-.BR resolvconf (8)
-are undesirable, the PostUp and PostDown keys below may be used instead.
-.IP \(bu
-MTU \(em if not specified, the MTU is automatically determined from the endpoint addresses
-or the system default route, which is usually a sane choice. However, to manually specify
-an MTU to override this automatic discovery, this value may be specified explicitly.
-.IP \(bu
-Table \(em Controls the routing table to which routes are added. There are two
-special values: `off' disables the creation of routes altogether, and `auto'
+.Pp
+The configuration file will be passed directly to
+.Xr wg 8 Ap s
+.Cm setconf
+sub-command, with the exception of the following additions to the INTERFACE
+section, which are handled by this tool:
+.Bl -tag -width Ds
+.It Cm Address
+A comma-separated list of IP (v4 or v6) addresses (optionally with CIDR masks)
+to be assigned to the interface.
+May be specified multiple times.
+.It Cm DNS
+A comma-separated list of IP (v4 or v6) addresses to be set as the interface's
+DNS servers.
+May be specified multiple times.
+Upon bringing the interface up, this runs
+.Pp
+.Dl resolvconf -a tun.interface -m 0 -x
+.Pp
+and upon
+bringing it down, this runs
+.Pp
+.Dl resolvconf -d tun.interface .
+.Pp
+If these particular invocations of
+.Xr resolvconf 8
+are undesirable, the
+.Cm PostUp
+and
+.Cm PostDown
+keys below may be used instead.
+.It Cm MTU
+If not specified, the MTU is automatically determined from the endpoint
+addresses or the system default route, which is usually a sane choice.
+However, to manually specify an MTU to override this automatic discovery, this
+value may be specified explicitly.
+.It Cm Table
+Controls the routing table to which routes are added.
+There are two special values:
+.Cm off
+disables the creation of routes altogether, and
+.Cm auto
 (the default) adds routes to the default table and enables special handling of
 default routes.
-.IP \(bu
-PreUp, PostUp, PreDown, PostDown \(em script snippets which will be executed by
-.BR bash (1)
-before/after setting up/tearing down the interface, most commonly used
-to configure custom DNS options or firewall rules. The special string `%i'
-is expanded to \fIINTERFACE\fP. Each one may be specified multiple times, in which case
-the commands are executed in order.
-.IP \(bu
-SaveConfig \(em if set to `true', the configuration is saved from the current state of the
-interface upon shutdown.
-
-.P
-Recommended \fIINTERFACE\fP names include `wg0' or `wgvpn0' or even `wgmgmtlan0'.
+.It Cm PreUp , PostUp , PreDown , PostDown
+Script snippets which will be executed by
+.Xr bash 1
+before/after setting up/tearing down the interface, most commonly used to
+configure custom DNS options or firewall rules.
+The special string
+.Ql %i
+is expanded to
+.Ar interface .
+Each one may be specified multiple times, in which case the commands are
+executed in order.
+.It Cm SaveConfig
+If set to
+.Cm true ,
+the configuration is saved from the current state of the interface upon
+shutdown.
+.El
+.Pp
+Recommended
+.Ar interface
+names include
+.Ql wg0
+or
+.Ql wgvpn0
+or even
+.Ql wgmgmtlan0 .
 However, the number at the end is in fact optional, and really
-any free-form string [a-zA-Z0-9_=+.-]{1,15} will work. So even interface names corresponding
-to geographic locations would suffice, such as `cincinnati', `nyc', or `paris', if that's
-somehow desirable.
-
-.SH EXAMPLES
-
+any free-form string [a-zA-Z0-9_=+.-]{1,15} will work.
+So even interface names corresponding to geographic locations would suffice,
+such as
+.Ql cincinnati , nyc
+or
+.Ql paris ,
+if that's somehow desirable.
+.Sh EXAMPLES
 These examples draw on the same syntax found for
-.BR wg (8),
-and a more complete description may be found there. Bold lines below are for options that extend
-.BR wg (8).
-
-The following might be used for connecting as a client to a VPN gateway for tunneling all
-traffic:
-
-    [Interface]
-.br
-    \fBAddress = 10.200.100.8/24\fP
-.br
-    \fBDNS = 10.200.100.1\fP
-.br
-    PrivateKey = oK56DE9Ue9zK76rAc8pBl6opph+1v36lm7cXXsQKrQM=
-.br
-
-.br
-    [Peer]
-.br
-    PublicKey = GtL7fZc/bLnqZldpVofMCD6hDjrK28SsdLxevJ+qtKU=
-.br
-    PresharedKey = /UwcSPg38hW/D9Y3tcS1FOV0K1wuURMbS0sesJEP5ak=
-.br
-    AllowedIPs = 0.0.0.0/0
-.br
-    Endpoint = demo.wireguard.com:51820
-.br
-
-The `Address` field is added here in order to set up the address for the interface. The `DNS` field
-indicates that a DNS server for the interface should be configured via
-.BR resolvconf (8).
-The peer's allowed IPs entry implies that this interface should be configured as the default gateway,
-which this script does.
-
-Building on the last example, one might attempt the so-called ``kill-switch'', in order
-to prevent the flow of unencrypted packets through the non-WireGuard interfaces, by adding the following
-two lines `PostUp` and `PreDown` lines to the `[Interface]` section:
-
-    \fBPostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT\fP
-.br
-    \fBPreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT\fP
-.br
-
-The `PostUp' and `PreDown' fields have been added to specify an
-.BR iptables (8)
-command which, when used with interfaces that have a peer that specifies 0.0.0.0/0 as part of the
-`AllowedIPs', works together with wg-quick's fwmark usage in order to drop all packets that
-are either not coming out of the tunnel encrypted or not going through the tunnel itself. (Note
-that this continues to allow most DHCP traffic through, since most DHCP clients make use of PF_PACKET
-sockets, which bypass Netfilter.) When IPv6 is in use, additional similar lines could be added using
-.BR ip6tables (8).
-
-Or, perhaps it is desirable to store private keys in encrypted form, such as through use of
-.BR pass (1):
-
-    \fBPostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)\fP
-.br
-
-For use on a server, the following is a more complicated example involving multiple peers:
-
-    [Interface]
-.br
-    \fBAddress = 10.192.122.1/24\fP
-.br
-    \fBAddress = 10.10.0.1/16\fP
-.br
-    \fBSaveConfig = true\fP
-.br
-    PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
-.br
-    ListenPort = 51820
-.br
-
-.br
-    [Peer]
-.br
-    PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
-.br
-    AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
-.br
-
-.br
-    [Peer]
-.br
-    PublicKey = TrMvSoP4jYQlY6RIzBgbssQqY3vxI2Pi+y71lOWWXX0=
-.br
-    AllowedIPs = 10.192.122.4/32, 192.168.0.0/16
-.br
-
-.br
-    [Peer]
-.br
-    PublicKey = gN65BkIKy1eCE9pP1wdc8ROUtkHLF2PfAqYdyYBz6EA=
-.br
-    AllowedIPs = 10.10.10.230/32
-
-Notice the two `Address' lines at the top, and that `SaveConfig' is set to `true', indicating
-that the configuration file should be saved on shutdown using the current status of the
-interface.
-
-A combination of the `Table', `PostUp', and `PreDown' fields may be used for policy routing
-as well. For example, the following may be used to send SSH traffic (TCP port 22) traffic
+.Xr wg 8 ,
+and a more complete description may be found there.
+.Pp
+The following might be used for connecting as a client to a VPN gateway for
+tunneling all traffic:
+.Bd -literal -offset indent
+[Interface]
+Address = 10.200.100.8/24
+DNS = 10.200.100.1
+PrivateKey = oK56DE9Ue9zK76rAc8pBl6opph+1v36lm7cXXsQKrQM=
+
+[Peer]
+PublicKey = GtL7fZc/bLnqZldpVofMCD6hDjrK28SsdLxevJ+qtKU=
+PresharedKey = /UwcSPg38hW/D9Y3tcS1FOV0K1wuURMbS0sesJEP5ak=
+AllowedIPs = 0.0.0.0/0
+Endpoint = demo.wireguard.com:51820
+.Ed
+.Pp
+The
+.Cm Address
+field is added here in order to set up the address for the interface.
+The
+.Cm DNS
+field indicates that a DNS server for the interface should
+be configured via
+.Xr resolvconf 8 .
+The peer's allowed IPs entry implies that this interface should be configured as
+the default gateway, which this script does.
+.Pp
+Building on the last example, one might attempt the so-called
+.Dq kill-switch ,
+in order to prevent the flow of unencrypted packets through the non-WireGuard
+interfaces, by adding the following two lines
+.Cm PostUp
+and
+.Cm PreDown
+lines to
+.Cm [Interface]
+section:
+.Bd -literal -offset indent
+PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
+PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
+.Ed
+.Pp
+The
+.Cm PostUp
+and
+.Cm PreDown
+fields have been added to specify an
+.Xr iptables 8
+command which, when used with interfaces that have a peer that specifies
+0.0.0.0/0 as part of the
+.Cm AllowedIPs ,
+works together with
+.Nm Ap s
+fwmark usage in order to drop all packets that are either not coming out of the
+tunnel encrypted or not going through the tunnel itself.
+(Note that this continues to allow most DHCP traffic through, since most DHCP
+clients make use of PF_PACKET sockets, which bypass Netfilter.)
+When IPv6 is in use, additional similar lines could be added using
+.Xr ip6tables 8 .
+.Pp
+Or, perhaps it is desirable to store private keys in encrypted form, such as
+through use of
+.Xr pass 1 :
+.Pp
+.Dl PostUp = wg set %i private-key <(pass WireGuard/private-keys/%i)
+.Pp
+For use on a server, the following is a more complicated example involving
+multiple peers:
+.Bd -literal -offset indent
+[Interface]
+Address = 10.192.122.1/24
+Address = 10.10.0.1/16
+SaveConfig = true
+PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
+ListenPort = 51820
+
+[Peer]
+PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
+AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
+
+[Peer]
+PublicKey = TrMvSoP4jYQlY6RIzBgbssQqY3vxI2Pi+y71lOWWXX0=
+AllowedIPs = 10.192.122.4/32, 192.168.0.0/16
+
+[Peer]
+PublicKey = gN65BkIKy1eCE9pP1wdc8ROUtkHLF2PfAqYdyYBz6EA=
+AllowedIPs = 10.10.10.230/32
+.Ed
+.Pp
+Notice the two
+.Cm Address
+lines at the top, and that
+.Cm SaveConfig
+is set to
+.Cm true ,
+indicating that the configuration file should be saved on shutdown using
+the current status of the interface.
+.Pp
+A combination of the
+.Cm Table , PostUp
+and
+.Cm PreDown
+fields may be used for policy routing as well.
+For example, the following may be used to send SSH traffic (TCP port 22) traffic
 through the tunnel:
-
-    [Interface]
-.br
-    Address = 10.192.122.1/24
-.br
-    PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
-.br
-    ListenPort = 51820
-.br
-    \fBTable = 1234\fP
-.br
-    \fBPostUp = ip rule add ipproto tcp dport 22 table 1234\fP
-.br
-    \fBPreDown = ip rule delete ipproto tcp dport 22 table 1234\fP
-.br
-
-.br
-    [Peer]
-.br
-    PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
-.br
-    AllowedIPs = 0.0.0.0/0
-
-These configuration files may be placed in any directory, putting the desired interface name
-in the filename:
-
-\fB    # wg-quick up /path/to/wgnet0.conf\fP
-
-For convenience, if only an interface name is supplied, it automatically chooses a path in
-`/etc/wireguard/':
-
-\fB    # wg-quick up wgnet0\fP
-
-This will load the configuration file `/etc/wireguard/wgnet0.conf'.
-
-The \fIstrip\fP command is useful for reloading configuration files without disrupting active
+.Bd -literal -offset indent
+[Interface]
+Address = 10.192.122.1/24
+PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
+ListenPort = 51820
+Table = 1234
+PostUp = ip rule add ipproto tcp dport 22 table 1234
+PreDown = ip rule delete ipproto tcp dport 22 table 1234
+
+[Peer]
+PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
+AllowedIPs = 0.0.0.0/0
+.Ed
+.Pp
+These configuration files may be placed in any directory, putting the desired
+interface name in the filename:
+.Pp
+.Dl # wg-quick up /path/to/wgnet0.conf
+.Pp
+For convenience, if only an interface name is supplied, it automatically chooses
+a path in
+.Pa /etc/wireguard :
+.Pp
+.Dl # wg-quick up wgnet0
+.Pp
+This will load the configuration file
+.Pa /etc/wireguard/wgnet0.conf .
+.Pp
+The
+.Cm strip
+command is useful for reloading configuration files without disrupting active
 sessions:
-
-\fB    # wg addconf wgnet0 <(wg-quick strip wgnet0)\fP
-
-(Note that the above command will add and update peers but will not remove peers.)
-
-.SH SEE ALSO
-.BR wg (8),
-.BR ip (8),
-.BR ip-link (8),
-.BR ip-address (8),
-.BR ip-route (8),
-.BR ip-rule (8),
-.BR resolvconf (8).
-
-.SH AUTHOR
-.B wg-quick
-was written by
-.MT Jason@zx2c4.com
-Jason A. Donenfeld
-.ME .
-For updates and more information, a project page is available on the
-.UR https://\:www.wireguard.com/
-World Wide Web
-.UE .
+.Pp
+.Dl # wg addconf wgnet0 <(wg-quick strip wgnet0)
+.Pp
+(Note that the above command will add and update peers but will not remove
+peers.)
+.Sh SEE ALSO
+.Xr pass 1 ,
+.Xr ip 8 ,
+.Xr ip-address 8 ,
+.Xr ip-link 8 ,
+.Xr ip-route 8 ,
+.Xr ip-rule 8 ,
+.Xr iptables 8 ,
+.Xr resolvconf 8 ,
+.Xr wg 8
+.Pp
+For updates and more information, a project page is available at
+.Lk https://www.wireguard.com .
+.Sh AUTHORS
+The
+.Nm
+program was written by
+.An Jason A. Donenfeld Aq Mt Jason@zx2c4.com .
-- 
2.25.0

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: [PATCH v2] Rewrite wg-quick.8 in mdoc

[Jason A. Donenfeld]

Hi Stephen,

Thanks for doing this. I appreciate it. I can manually diff the text
to the old one if you insist, but I'd really prefer to see either a
list of what text you changed or having the type setting and the text
change done in separate commits. Alternatively, if you refuse to do
that, I'll manually diff, but I'd rather not if you can remember what
you changed.

>  I'm working on simplifying the structure of wg.8 in addition to
> rewriting it, which will take some time.

If there are any changes to content, rather than just the typesetting,
please make this separate commits.

Jason
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: [PATCH v2] Rewrite wg-quick.8 in mdoc

[Stephen Gregoratto]

Hi Jason,

On Sat Feb 15, 2020 at 8:53 PM, Jason A. Donenfeld wrote:
> Thanks for doing this. I appreciate it. I can manually diff the text
> to the old one if you insist, but I'd really prefer to see either a
> list of what text you changed or having the type setting and the text
> change done in separate commits.

The changes made are very minor:

The config_file and interface arguments were made lowercase, and all
mention of them in the rest of the manual has been changed as well.

The interface additions were changed from a bulleted list to a
definition list, where the additions were the definitions.

I removed the boldening in the examples along with the sentance:
  
  "Bold lines below are for options that extend wg(8)."

The justification was that since the [interface] additions were
properly marked up in the example explainations, having the lines be
enboldened was redundant. You can see the difference better when viewing
them as PDF's through groff side-by-side. If you'd like I can revert
this.

As mentioned by Ingo, more manual references were added to the SEE ALSO
section, with them being sorted in section-name order. I also moved the
link to the project page into this section, and dropped the "World Wide
Web" bit.

Finally, the AUTHORS section was reworded slightly:

 original:  "wg-quick was written by..."
 new:       "The wg-quick program was written by..."

This is a convention for system programs.


As for Anthony's work, this seems to be a case of "convergent
evolution," since our work is very similar ;). I think if I combine the
best parts of both, along with Ingo's comments, I could prepare a final
patch for wg-quick. I'm not sure if everyone that helped needs to sign
off on the patch, but I'll make sure they're mentioned.

For the next patch, would you like to see the list above in the commit
message?
-- 
Stephen Gregoratto
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: [PATCH v2] Rewrite wg-quick.8 in mdoc

[Stephen Gregoratto]

Hi Jason,

On Sat Feb 15, 2020 at 8:53 PM, Jason A. Donenfeld wrote:
> Thanks for doing this. I appreciate it. I can manually diff the text
> to the old one if you insist, but I'd really prefer to see either a
> list of what text you changed or having the type setting and the text
> change done in separate commits.

The changes made are very minor:

The config_file and interface arguments were made lowercase, and all
mention of them in the rest of the manual has been changed as well.

The interface additions were changed from a bulleted list to a
definition list, where the additions were the definitions.

I removed the boldening in the examples along with the sentance:
  
  "Bold lines below are for options that extend wg(8)."

The justification was that since the [interface] additions were
properly marked up in the example explanations, having the lines be
emboldened was redundant. You can see the difference better when viewing
them as PDF's through groff side-by-side. If you'd like I can revert
this.

As mentioned by Ingo, more manual references were added to the SEE ALSO
section, with them being sorted in section-name order. I also moved the
link to the project page into this section, and dropped the "World Wide
Web" bit.

Finally, the AUTHORS section was reworded slightly:

 original:  "wg-quick was written by..."
 new:       "The wg-quick program was written by..."

This is a convention for system programs.


As for Anthony's work, this seems to be a case of "convergent
evolution," since our work is very similar ;). I think if I combine the
best parts of both, along with Ingo's comments, I could prepare a final
patch for wg-quick. I'm not sure if everyone that helped needs to sign
off on the patch, but I'll make sure they're mentioned.

For the next patch, would you like to see the list above in the commit
message?
-- 
Stephen Gregoratto
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: [PATCH v2] Rewrite wg-quick.8 in mdoc

[Ingo Schwarze]

Hi,

i think Jason should simply commit Anthony's work because that's
what i verified in detail (given that it arrived a day earlier).
There is no point in attempting to merge large patches out of the
tree: that would be tedious and error-prone.

Just let Jason do the commits to his own repo.  Discussing commit
messages and adding signed-off lines is a waste of time.

Once the conversion is committed, people can submit smaller patches
to improve things further.  Those will be much easier to review.

Yours,
  Ingo
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard