* wg-quick: syntax error, unexpected saddr
@ 2020-01-02 5:25 Eddie
2020-01-02 6:22 ` Edward Vielmetti
2020-01-02 20:10 ` Jason A. Donenfeld
0 siblings, 2 replies; 14+ messages in thread
From: Eddie @ 2020-01-02 5:25 UTC (permalink / raw)
To: WireGuard mailing list
First time running wireguard as a native client on my Slackware 14.2
system throws this:
root@The-Tardis:~# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 192.168.150.14/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] nft -f /dev/fd/63
/dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
Fairly simple config to connect to my VPS:
[Interface]
Address = 192.168.150.14/32
PrivateKey = <Not the key you're looking for>
[Peer]
PublicKey = <Just being overly paranoid>
Endpoint = www.xxx.yyy.zzz:51820
AllowedIPs = 0.0.0.0/0
Not sure what additional information you need collected at this point.
I'm able to connect outbound successfully using NordVPN's version of
wireguard, but that doesn't use wg-quick, which is where the issue is.
Cheers.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-02 5:25 wg-quick: syntax error, unexpected saddr Eddie
@ 2020-01-02 6:22 ` Edward Vielmetti
2020-01-02 7:34 ` Eddie
2020-01-02 20:10 ` Jason A. Donenfeld
1 sibling, 1 reply; 14+ messages in thread
From: Edward Vielmetti @ 2020-01-02 6:22 UTC (permalink / raw)
To: stunnel; +Cc: WireGuard mailing list
[-- Attachment #1.1: Type: text/plain, Size: 1865 bytes --]
Eddie - what version of nftables does Slackware come with? The output of
`nft -v` should be helpful.
There is a report from stackexchange that nftables at 0.7 gives this error,
but at 0.8.1 or better it's OK. I was not easily able to verify that from
the source code, but it would be where I'd start to look. There was
The nftables 0.8.1 release notes (from 2018) are here:
https://lwn.net/Articles/744480/ and it points to new syntax in this
release.
good luck!
Ed
On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net> wrote:
> First time running wireguard as a native client on my Slackware 14.2
> system throws this:
>
> root@The-Tardis:~# wg-quick up wg0
> [#] ip link add wg0 type wireguard
> [#] wg setconf wg0 /dev/fd/63
> [#] ip -4 address add 192.168.150.14/32 dev wg0
> [#] ip link set mtu 1420 up dev wg0
> [#] wg set wg0 fwmark 51820
> [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
> [#] ip -4 rule add not fwmark 51820 table 51820
> [#] ip -4 rule add table main suppress_prefixlength 0
> [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
> [#] nft -f /dev/fd/63
> /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>
> Fairly simple config to connect to my VPS:
>
> [Interface]
> Address = 192.168.150.14/32
> PrivateKey = <Not the key you're looking for>
>
> [Peer]
> PublicKey = <Just being overly paranoid>
> Endpoint = www.xxx.yyy.zzz:51820
> AllowedIPs = 0.0.0.0/0
>
> Not sure what additional information you need collected at this point.
>
> I'm able to connect outbound successfully using NordVPN's version of
> wireguard, but that doesn't use wg-quick, which is where the issue is.
>
> Cheers.
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
--
Edward Vielmetti +1 734 330 2465
edward.vielmetti@gmail.com
[-- Attachment #1.2: Type: text/html, Size: 3046 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-02 6:22 ` Edward Vielmetti
@ 2020-01-02 7:34 ` Eddie
2020-01-02 8:04 ` Eddie
0 siblings, 1 reply; 14+ messages in thread
From: Eddie @ 2020-01-02 7:34 UTC (permalink / raw)
Cc: WireGuard mailing list
[-- Attachment #1.1: Type: text/plain, Size: 2574 bytes --]
Ha. Even older:
root@The-Tardis:~# nft -v
nftables v0.6 (Support Edward Snowden)
And in reply to a couple of off-list messages:
wireguard-tools-1.0.20191226
There are different reasons for using different VPNs. Can you really
"totally" trust the one that you're using.
Cheers.
On 1/1/2020 10:22 PM, Edward Vielmetti wrote:
> Eddie - what version of nftables does Slackware come with? The output
> of `nft -v` should be helpful.
>
> There is a report from stackexchange that nftables at 0.7 gives this
> error, but at 0.8.1 or better it's OK. I was not easily able to verify
> that from the source code, but it would be where I'd start to look.
> There was
>
> The nftables 0.8.1 release notes (from 2018) are here:
> https://lwn.net/Articles/744480/ and it points to new syntax in this
> release.
>
> good luck!
>
> Ed
>
> On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net
> <mailto:stunnel@attglobal.net>> wrote:
>
> First time running wireguard as a native client on my Slackware 14.2
> system throws this:
>
> root@The-Tardis:~# wg-quick up wg0
> [#] ip link add wg0 type wireguard
> [#] wg setconf wg0 /dev/fd/63
> [#] ip -4 address add 192.168.150.14/32 <http://192.168.150.14/32>
> dev wg0
> [#] ip link set mtu 1420 up dev wg0
> [#] wg set wg0 fwmark 51820
> [#] ip -4 route add 0.0.0.0/0 <http://0.0.0.0/0> dev wg0 table 51820
> [#] ip -4 rule add not fwmark 51820 table 51820
> [#] ip -4 rule add table main suppress_prefixlength 0
> [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
> [#] nft -f /dev/fd/63
> /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>
> Fairly simple config to connect to my VPS:
>
> [Interface]
> Address = 192.168.150.14/32 <http://192.168.150.14/32>
> PrivateKey = <Not the key you're looking for>
>
> [Peer]
> PublicKey = <Just being overly paranoid>
> Endpoint = www.xxx.yyy.zzz:51820
> AllowedIPs = 0.0.0.0/0 <http://0.0.0.0/0>
>
> Not sure what additional information you need collected at this point.
>
> I'm able to connect outbound successfully using NordVPN's version of
> wireguard, but that doesn't use wg-quick, which is where the issue is.
>
> Cheers.
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
>
> --
> Edward Vielmetti +1 734 330 2465
> edward.vielmetti@gmail.com <mailto:edward.vielmetti@gmail.com>
>
[-- Attachment #1.2: Type: text/html, Size: 5027 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-02 7:34 ` Eddie
@ 2020-01-02 8:04 ` Eddie
2020-01-02 20:07 ` Eddie
0 siblings, 1 reply; 14+ messages in thread
From: Eddie @ 2020-01-02 8:04 UTC (permalink / raw)
To: WireGuard mailing list
[-- Attachment #1.1: Type: text/plain, Size: 3679 bytes --]
Not sure if this helps, or not. But this is the relevant part from a
bash trace:
+ cmd nft -f /dev/fd/63
+ echo '[#] nft -f /dev/fd/63'
[#] nft -f /dev/fd/63
+ nft -f /dev/fd/63
++ echo -n 'add table ip wg-quick-wg0
add chain ip wg-quick-wg0 preraw { type filter hook prerouting priority
-300; }
add chain ip wg-quick-wg0 premangle { type filter hook prerouting
priority -150; }
add chain ip wg-quick-wg0 postmangle { type filter hook postrouting
priority -150; }
add rule ip wg-quick-wg0 preraw iifname != wg0 ip daddr 192.168.150.14
fib saddr type != local drop
add rule ip wg-quick-wg0 postmangle meta l4proto udp mark 51820 ct mark
set mark
add rule ip wg-quick-wg0 premangle meta l4proto udp meta mark set ct mark
'
/dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
^^^^^
Cheers.
On 1/1/2020 11:34 PM, Eddie wrote:
> Ha. Even older:
>
> root@The-Tardis:~# nft -v
> nftables v0.6 (Support Edward Snowden)
>
>
> And in reply to a couple of off-list messages:
>
> wireguard-tools-1.0.20191226
>
> There are different reasons for using different VPNs. Can you really
> "totally" trust the one that you're using.
>
> Cheers.
>
>
>
> On 1/1/2020 10:22 PM, Edward Vielmetti wrote:
>> Eddie - what version of nftables does Slackware come with? The output
>> of `nft -v` should be helpful.
>>
>> There is a report from stackexchange that nftables at 0.7 gives this
>> error, but at 0.8.1 or better it's OK. I was not easily able to
>> verify that from the source code, but it would be where I'd start to
>> look. There was
>>
>> The nftables 0.8.1 release notes (from 2018) are here:
>> https://lwn.net/Articles/744480/ and it points to new syntax in this
>> release.
>>
>> good luck!
>>
>> Ed
>>
>> On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net
>> <mailto:stunnel@attglobal.net>> wrote:
>>
>> First time running wireguard as a native client on my Slackware 14.2
>> system throws this:
>>
>> root@The-Tardis:~# wg-quick up wg0
>> [#] ip link add wg0 type wireguard
>> [#] wg setconf wg0 /dev/fd/63
>> [#] ip -4 address add 192.168.150.14/32
>> <http://192.168.150.14/32> dev wg0
>> [#] ip link set mtu 1420 up dev wg0
>> [#] wg set wg0 fwmark 51820
>> [#] ip -4 route add 0.0.0.0/0 <http://0.0.0.0/0> dev wg0 table 51820
>> [#] ip -4 rule add not fwmark 51820 table 51820
>> [#] ip -4 rule add table main suppress_prefixlength 0
>> [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
>> [#] nft -f /dev/fd/63
>> /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>>
>> Fairly simple config to connect to my VPS:
>>
>> [Interface]
>> Address = 192.168.150.14/32 <http://192.168.150.14/32>
>> PrivateKey = <Not the key you're looking for>
>>
>> [Peer]
>> PublicKey = <Just being overly paranoid>
>> Endpoint = www.xxx.yyy.zzz:51820
>> AllowedIPs = 0.0.0.0/0 <http://0.0.0.0/0>
>>
>> Not sure what additional information you need collected at this
>> point.
>>
>> I'm able to connect outbound successfully using NordVPN's version of
>> wireguard, but that doesn't use wg-quick, which is where the
>> issue is.
>>
>> Cheers.
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>>
>>
>>
>> --
>> Edward Vielmetti +1 734 330 2465
>> edward.vielmetti@gmail.com <mailto:edward.vielmetti@gmail.com>
>>
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.2: Type: text/html, Size: 7442 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-02 8:04 ` Eddie
@ 2020-01-02 20:07 ` Eddie
0 siblings, 0 replies; 14+ messages in thread
From: Eddie @ 2020-01-02 20:07 UTC (permalink / raw)
To: WireGuard mailing list
[-- Attachment #1.1: Type: text/plain, Size: 4519 bytes --]
As a follow up, wireguard-tools v1.0.20200102 also has the issue.
I did think of updating nftables to the latest, but that then started
dragging in too many other updated dependencies I wasn't comfortable
with. So, as nftables currently isn't used on Slack, I renamed the
binary so that wg-quick wouldn't find it, which allowed the connection
to be made.
Now all I need do is work out why the handshakes between client and
server are working, but traffic doesn't flow.
Cheers.
On 1/2/2020 12:04 AM, Eddie wrote:
> Not sure if this helps, or not. But this is the relevant part from a
> bash trace:
>
> + cmd nft -f /dev/fd/63
> + echo '[#] nft -f /dev/fd/63'
> [#] nft -f /dev/fd/63
> + nft -f /dev/fd/63
> ++ echo -n 'add table ip wg-quick-wg0
> add chain ip wg-quick-wg0 preraw { type filter hook prerouting
> priority -300; }
> add chain ip wg-quick-wg0 premangle { type filter hook prerouting
> priority -150; }
> add chain ip wg-quick-wg0 postmangle { type filter hook postrouting
> priority -150; }
> add rule ip wg-quick-wg0 preraw iifname != wg0 ip daddr 192.168.150.14
> fib saddr type != local drop
> add rule ip wg-quick-wg0 postmangle meta l4proto udp mark 51820 ct
> mark set mark
> add rule ip wg-quick-wg0 premangle meta l4proto udp meta mark set ct mark
> '
> /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>
> ^^^^^
> Cheers.
>
>
> On 1/1/2020 11:34 PM, Eddie wrote:
>> Ha. Even older:
>>
>> root@The-Tardis:~# nft -v
>> nftables v0.6 (Support Edward Snowden)
>>
>>
>> And in reply to a couple of off-list messages:
>>
>> wireguard-tools-1.0.20191226
>>
>> There are different reasons for using different VPNs. Can you really
>> "totally" trust the one that you're using.
>>
>> Cheers.
>>
>>
>>
>> On 1/1/2020 10:22 PM, Edward Vielmetti wrote:
>>> Eddie - what version of nftables does Slackware come with? The
>>> output of `nft -v` should be helpful.
>>>
>>> There is a report from stackexchange that nftables at 0.7 gives this
>>> error, but at 0.8.1 or better it's OK. I was not easily able to
>>> verify that from the source code, but it would be where I'd start to
>>> look. There was
>>>
>>> The nftables 0.8.1 release notes (from 2018) are here:
>>> https://lwn.net/Articles/744480/ and it points to new syntax in this
>>> release.
>>>
>>> good luck!
>>>
>>> Ed
>>>
>>> On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net
>>> <mailto:stunnel@attglobal.net>> wrote:
>>>
>>> First time running wireguard as a native client on my Slackware
>>> 14.2
>>> system throws this:
>>>
>>> root@The-Tardis:~# wg-quick up wg0
>>> [#] ip link add wg0 type wireguard
>>> [#] wg setconf wg0 /dev/fd/63
>>> [#] ip -4 address add 192.168.150.14/32
>>> <http://192.168.150.14/32> dev wg0
>>> [#] ip link set mtu 1420 up dev wg0
>>> [#] wg set wg0 fwmark 51820
>>> [#] ip -4 route add 0.0.0.0/0 <http://0.0.0.0/0> dev wg0 table 51820
>>> [#] ip -4 rule add not fwmark 51820 table 51820
>>> [#] ip -4 rule add table main suppress_prefixlength 0
>>> [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
>>> [#] nft -f /dev/fd/63
>>> /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>>>
>>> Fairly simple config to connect to my VPS:
>>>
>>> [Interface]
>>> Address = 192.168.150.14/32 <http://192.168.150.14/32>
>>> PrivateKey = <Not the key you're looking for>
>>>
>>> [Peer]
>>> PublicKey = <Just being overly paranoid>
>>> Endpoint = www.xxx.yyy.zzz:51820
>>> AllowedIPs = 0.0.0.0/0 <http://0.0.0.0/0>
>>>
>>> Not sure what additional information you need collected at this
>>> point.
>>>
>>> I'm able to connect outbound successfully using NordVPN's
>>> version of
>>> wireguard, but that doesn't use wg-quick, which is where the
>>> issue is.
>>>
>>> Cheers.
>>> _______________________________________________
>>> WireGuard mailing list
>>> WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>>>
>>>
>>>
>>> --
>>> Edward Vielmetti +1 734 330 2465
>>> edward.vielmetti@gmail.com <mailto:edward.vielmetti@gmail.com>
>>>
>>
>>
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.2: Type: text/html, Size: 9138 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-02 5:25 wg-quick: syntax error, unexpected saddr Eddie
2020-01-02 6:22 ` Edward Vielmetti
@ 2020-01-02 20:10 ` Jason A. Donenfeld
2020-01-02 20:43 ` Eddie
1 sibling, 1 reply; 14+ messages in thread
From: Jason A. Donenfeld @ 2020-01-02 20:10 UTC (permalink / raw)
To: stunnel, WireGuard mailing list
On 1/2/20 6:25 AM, Eddie wrote:
> First time running wireguard as a native client on my Slackware 14.2
> system throws this:
So far as I can tell, Slackware hasn't updated its WireGuard since 2018:
https://slackbuilds.org/repository/14.2/network/WireGuard/
I've tried several times to contact the maintainers and have not
received a reply.
It sounds like their kernel and/or nft are similarly bitrotted?
Maybe consider a new distro.
Alternatively, just get rid of nft from your system, and it will
fallback to using iptables.
Jason
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-02 20:10 ` Jason A. Donenfeld
@ 2020-01-02 20:43 ` Eddie
2020-01-03 15:38 ` Jason A. Donenfeld
0 siblings, 1 reply; 14+ messages in thread
From: Eddie @ 2020-01-02 20:43 UTC (permalink / raw)
To: WireGuard mailing list
I don't use those packages for wireguard. I build my own from source.
But yes, the rest of Slack seems to be stuck in a time-warp.
Cheers.
On 1/2/2020 12:10 PM, Jason A. Donenfeld wrote:
> On 1/2/20 6:25 AM, Eddie wrote:
> > First time running wireguard as a native client on my Slackware 14.2
> > system throws this:
>
> So far as I can tell, Slackware hasn't updated its WireGuard since
> 2018: https://slackbuilds.org/repository/14.2/network/WireGuard/
>
> I've tried several times to contact the maintainers and have not
> received a reply.
>
> It sounds like their kernel and/or nft are similarly bitrotted?
>
> Maybe consider a new distro.
>
> Alternatively, just get rid of nft from your system, and it will
> fallback to using iptables.
>
> Jason
>
>
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-02 20:43 ` Eddie
@ 2020-01-03 15:38 ` Jason A. Donenfeld
2020-01-03 16:07 ` Jason A. Donenfeld
0 siblings, 1 reply; 14+ messages in thread
From: Jason A. Donenfeld @ 2020-01-03 15:38 UTC (permalink / raw)
To: Eddie; +Cc: alvind11, WireGuard mailing list
Hi Eddie,
A new Slackware maintainer (CC'd) has been found.
Something to consider with the nft(8) issue, by the way, is not only
the version of nft(8), but also the options in your kernel. We check
for these ones in Gentoo:
https://gitweb.gentoo.org/repo/gentoo.git/tree/net-vpn/wireguard-tools/wireguard-tools-1.0.20200102.ebuild#n39
Jason
On Thu, Jan 2, 2020 at 9:43 PM Eddie <stunnel@attglobal.net> wrote:
>
> I don't use those packages for wireguard. I build my own from source.
>
> But yes, the rest of Slack seems to be stuck in a time-warp.
>
> Cheers.
>
>
>
> On 1/2/2020 12:10 PM, Jason A. Donenfeld wrote:
> > On 1/2/20 6:25 AM, Eddie wrote:
> > > First time running wireguard as a native client on my Slackware 14.2
> > > system throws this:
> >
> > So far as I can tell, Slackware hasn't updated its WireGuard since
> > 2018: https://slackbuilds.org/repository/14.2/network/WireGuard/
> >
> > I've tried several times to contact the maintainers and have not
> > received a reply.
> >
> > It sounds like their kernel and/or nft are similarly bitrotted?
> >
> > Maybe consider a new distro.
> >
> > Alternatively, just get rid of nft from your system, and it will
> > fallback to using iptables.
> >
> > Jason
> >
> >
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-03 15:38 ` Jason A. Donenfeld
@ 2020-01-03 16:07 ` Jason A. Donenfeld
2020-01-03 16:22 ` Jason A. Donenfeld
2020-01-03 20:31 ` Eddie
0 siblings, 2 replies; 14+ messages in thread
From: Jason A. Donenfeld @ 2020-01-03 16:07 UTC (permalink / raw)
To: Eddie; +Cc: alvind11, WireGuard mailing list
I took a closer look. Indeed the issue is that nft 0.6 is too old. Use 0.7+.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-03 16:07 ` Jason A. Donenfeld
@ 2020-01-03 16:22 ` Jason A. Donenfeld
[not found] ` <PU1PR03MB3175D92D59E6C47D12822411D7230@PU1PR03MB3175.apcprd03.prod.outlook.com>
2020-01-03 20:29 ` Eddie
2020-01-03 20:31 ` Eddie
1 sibling, 2 replies; 14+ messages in thread
From: Jason A. Donenfeld @ 2020-01-03 16:22 UTC (permalink / raw)
To: Eddie; +Cc: alvind11, WireGuard mailing list
We could do something like this:
https://git.zx2c4.com/wireguard-tools/commit/?h=jd/nft-version-detection
But that seems pretty ugly and I think I'd rather not.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
[not found] ` <PU1PR03MB3175D92D59E6C47D12822411D7230@PU1PR03MB3175.apcprd03.prod.outlook.com>
@ 2020-01-03 17:14 ` Jason A. Donenfeld
2020-01-03 20:33 ` Eddie
0 siblings, 1 reply; 14+ messages in thread
From: Jason A. Donenfeld @ 2020-01-03 17:14 UTC (permalink / raw)
To: Alvin Darkness, WireGuard mailing list
On Fri, Jan 3, 2020 at 5:43 PM Alvin Darkness <AlvinD11@hotmail.com> wrote:
>
> Unfortunately as slackware 14.2 is a (quite old now) stable release there isnt much we can do about getting nft past 0.6. A good portion of us slackware users have moved onto slackware -current, which is the rolling release, as we wait for Pat to pull the trigger and get slackware 15.0 out. Slackware -current is using nft 0.9.3 at the moment, so no issues there.
>
> I can add a caveat to the description/readme on the slackbuilds wireguard-tools page to include something about wg-quick and nft compatibility for 14.2 users.
>
> That commit is up to you. If you think an install time solution is better we could just add something to the build script instead.
Can you just add:
sed -i 's/type -p nft/false/g' src/wg-quick/linux.bash
to your slackbuild before installing? That'll make it fall back to
iptables always.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-03 16:22 ` Jason A. Donenfeld
[not found] ` <PU1PR03MB3175D92D59E6C47D12822411D7230@PU1PR03MB3175.apcprd03.prod.outlook.com>
@ 2020-01-03 20:29 ` Eddie
1 sibling, 0 replies; 14+ messages in thread
From: Eddie @ 2020-01-03 20:29 UTC (permalink / raw)
Cc: WireGuard mailing list
Agreed, way too ugly. :-) Don't do it for me.
Cheers.
On 1/3/2020 8:22 AM, Jason A. Donenfeld wrote:
> We could do something like this:
> https://git.zx2c4.com/wireguard-tools/commit/?h=jd/nft-version-detection
>
> But that seems pretty ugly and I think I'd rather not.
>
>
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-03 16:07 ` Jason A. Donenfeld
2020-01-03 16:22 ` Jason A. Donenfeld
@ 2020-01-03 20:31 ` Eddie
1 sibling, 0 replies; 14+ messages in thread
From: Eddie @ 2020-01-03 20:31 UTC (permalink / raw)
Cc: WireGuard mailing list
Let me see if I can install 0.7 without too many dependencies creeping
in. I tried the latest Slackware current build of 0.9, but the
dependencies were getting out of hand.
Cheers.
On 1/3/2020 8:07 AM, Jason A. Donenfeld wrote:
> I took a closer look. Indeed the issue is that nft 0.6 is too old. Use 0.7+.
>
>
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: wg-quick: syntax error, unexpected saddr
2020-01-03 17:14 ` Jason A. Donenfeld
@ 2020-01-03 20:33 ` Eddie
0 siblings, 0 replies; 14+ messages in thread
From: Eddie @ 2020-01-03 20:33 UTC (permalink / raw)
To: WireGuard mailing list
On 1/3/2020 9:14 AM, Jason A. Donenfeld wrote:
> On Fri, Jan 3, 2020 at 5:43 PM Alvin Darkness <AlvinD11@hotmail.com> wrote:
>> Unfortunately as slackware 14.2 is a (quite old now) stable release there isnt much we can do about getting nft past 0.6. A good portion of us slackware users have moved onto slackware -current, which is the rolling release, as we wait for Pat to pull the trigger and get slackware 15.0 out. Slackware -current is using nft 0.9.3 at the moment, so no issues there.
>>
>> I can add a caveat to the description/readme on the slackbuilds wireguard-tools page to include something about wg-quick and nft compatibility for 14.2 users.
>>
>> That commit is up to you. If you think an install time solution is better we could just add something to the build script instead.
> Can you just add:
>
> sed -i 's/type -p nft/false/g' src/wg-quick/linux.bash
>
> to your slackbuild before installing? That'll make it fall back to
> iptables always.
Looks like a winner, at least for me, as I do my own builds. Thanks.
Cheers.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2020-01-03 20:34 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-02 5:25 wg-quick: syntax error, unexpected saddr Eddie
2020-01-02 6:22 ` Edward Vielmetti
2020-01-02 7:34 ` Eddie
2020-01-02 8:04 ` Eddie
2020-01-02 20:07 ` Eddie
2020-01-02 20:10 ` Jason A. Donenfeld
2020-01-02 20:43 ` Eddie
2020-01-03 15:38 ` Jason A. Donenfeld
2020-01-03 16:07 ` Jason A. Donenfeld
2020-01-03 16:22 ` Jason A. Donenfeld
[not found] ` <PU1PR03MB3175D92D59E6C47D12822411D7230@PU1PR03MB3175.apcprd03.prod.outlook.com>
2020-01-03 17:14 ` Jason A. Donenfeld
2020-01-03 20:33 ` Eddie
2020-01-03 20:29 ` Eddie
2020-01-03 20:31 ` Eddie
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).