wg-quick: syntax error, unexpected saddr

wg-quick: syntax error, unexpected saddr

[Eddie]

First time running wireguard as a native client on my Slackware 14.2 
system throws this:

root@The-Tardis:~# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 192.168.150.14/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] nft -f /dev/fd/63
/dev/fd/63:5:76-80: Error: syntax error, unexpected saddr

Fairly simple config to connect to my VPS:

[Interface]
Address = 192.168.150.14/32
PrivateKey = <Not the key you're looking for>

[Peer]
PublicKey = <Just being overly paranoid>
Endpoint = www.xxx.yyy.zzz:51820
AllowedIPs = 0.0.0.0/0

Not sure what additional information you need collected at this point.

I'm able to connect outbound successfully using NordVPN's version of 
wireguard, but that doesn't use wg-quick, which is where the issue is.

Cheers.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Edward Vielmetti]

[-- Attachment #1.1: Type: text/plain, Size: 1865 bytes --]

Eddie - what version of nftables does Slackware come with? The output of
`nft -v` should be helpful.

There is a report from stackexchange that nftables at 0.7 gives this error,
but at 0.8.1 or better it's OK. I was not easily able to verify that from
the source code, but it would be where I'd start to look. There was

The nftables 0.8.1 release notes (from 2018) are here:
https://lwn.net/Articles/744480/ and it points to new syntax in this
release.

good luck!

Ed

On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net> wrote:

> First time running wireguard as a native client on my Slackware 14.2
> system throws this:
>
> root@The-Tardis:~# wg-quick up wg0
> [#] ip link add wg0 type wireguard
> [#] wg setconf wg0 /dev/fd/63
> [#] ip -4 address add 192.168.150.14/32 dev wg0
> [#] ip link set mtu 1420 up dev wg0
> [#] wg set wg0 fwmark 51820
> [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
> [#] ip -4 rule add not fwmark 51820 table 51820
> [#] ip -4 rule add table main suppress_prefixlength 0
> [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
> [#] nft -f /dev/fd/63
> /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>
> Fairly simple config to connect to my VPS:
>
> [Interface]
> Address = 192.168.150.14/32
> PrivateKey = <Not the key you're looking for>
>
> [Peer]
> PublicKey = <Just being overly paranoid>
> Endpoint = www.xxx.yyy.zzz:51820
> AllowedIPs = 0.0.0.0/0
>
> Not sure what additional information you need collected at this point.
>
> I'm able to connect outbound successfully using NordVPN's version of
> wireguard, but that doesn't use wg-quick, which is where the issue is.
>
> Cheers.
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>


-- 
Edward Vielmetti +1 734 330 2465
edward.vielmetti@gmail.com

[-- Attachment #1.2: Type: text/html, Size: 3046 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Eddie]

[-- Attachment #1.1: Type: text/plain, Size: 2574 bytes --]

Ha.  Even older:

root@The-Tardis:~# nft -v
nftables v0.6 (Support Edward Snowden)


And in reply to a couple of off-list messages:

wireguard-tools-1.0.20191226

There are different reasons for using different VPNs.  Can you really 
"totally" trust the one that you're using.

Cheers.



On 1/1/2020 10:22 PM, Edward Vielmetti wrote:
> Eddie - what version of nftables does Slackware come with? The output 
> of `nft -v` should be helpful.
>
> There is a report from stackexchange that nftables at 0.7 gives this 
> error, but at 0.8.1 or better it's OK. I was not easily able to verify 
> that from the source code, but it would be where I'd start to look. 
> There was
>
> The nftables 0.8.1 release notes (from 2018) are here: 
> https://lwn.net/Articles/744480/ and it points to new syntax in this 
> release.
>
> good luck!
>
> Ed
>
> On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net 
> <mailto:stunnel@attglobal.net>> wrote:
>
>     First time running wireguard as a native client on my Slackware 14.2
>     system throws this:
>
>     root@The-Tardis:~# wg-quick up wg0
>     [#] ip link add wg0 type wireguard
>     [#] wg setconf wg0 /dev/fd/63
>     [#] ip -4 address add 192.168.150.14/32 <http://192.168.150.14/32>
>     dev wg0
>     [#] ip link set mtu 1420 up dev wg0
>     [#] wg set wg0 fwmark 51820
>     [#] ip -4 route add 0.0.0.0/0 <http://0.0.0.0/0> dev wg0 table 51820
>     [#] ip -4 rule add not fwmark 51820 table 51820
>     [#] ip -4 rule add table main suppress_prefixlength 0
>     [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
>     [#] nft -f /dev/fd/63
>     /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>
>     Fairly simple config to connect to my VPS:
>
>     [Interface]
>     Address = 192.168.150.14/32 <http://192.168.150.14/32>
>     PrivateKey = <Not the key you're looking for>
>
>     [Peer]
>     PublicKey = <Just being overly paranoid>
>     Endpoint = www.xxx.yyy.zzz:51820
>     AllowedIPs = 0.0.0.0/0 <http://0.0.0.0/0>
>
>     Not sure what additional information you need collected at this point.
>
>     I'm able to connect outbound successfully using NordVPN's version of
>     wireguard, but that doesn't use wg-quick, which is where the issue is.
>
>     Cheers.
>     _______________________________________________
>     WireGuard mailing list
>     WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>     https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
>
> -- 
> Edward Vielmetti +1 734 330 2465
> edward.vielmetti@gmail.com <mailto:edward.vielmetti@gmail.com>
>


[-- Attachment #1.2: Type: text/html, Size: 5027 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Eddie]

[-- Attachment #1.1: Type: text/plain, Size: 3679 bytes --]

Not sure if this helps, or not.  But this is the relevant part from a 
bash trace:

+ cmd nft -f /dev/fd/63
+ echo '[#] nft -f /dev/fd/63'
[#] nft -f /dev/fd/63
+ nft -f /dev/fd/63
++ echo -n 'add table ip wg-quick-wg0
add chain ip wg-quick-wg0 preraw { type filter hook prerouting priority 
-300; }
add chain ip wg-quick-wg0 premangle { type filter hook prerouting 
priority -150; }
add chain ip wg-quick-wg0 postmangle { type filter hook postrouting 
priority -150; }
add rule ip wg-quick-wg0 preraw iifname != wg0 ip daddr 192.168.150.14 
fib saddr type != local drop
add rule ip wg-quick-wg0 postmangle meta l4proto udp mark 51820 ct mark 
set mark
add rule ip wg-quick-wg0 premangle meta l4proto udp meta mark set ct mark
'
/dev/fd/63:5:76-80: Error: syntax error, unexpected saddr

^^^^^
Cheers.


On 1/1/2020 11:34 PM, Eddie wrote:
> Ha.  Even older:
>
> root@The-Tardis:~# nft -v
> nftables v0.6 (Support Edward Snowden)
>
>
> And in reply to a couple of off-list messages:
>
> wireguard-tools-1.0.20191226
>
> There are different reasons for using different VPNs.  Can you really 
> "totally" trust the one that you're using.
>
> Cheers.
>
>
>
> On 1/1/2020 10:22 PM, Edward Vielmetti wrote:
>> Eddie - what version of nftables does Slackware come with? The output 
>> of `nft -v` should be helpful.
>>
>> There is a report from stackexchange that nftables at 0.7 gives this 
>> error, but at 0.8.1 or better it's OK. I was not easily able to 
>> verify that from the source code, but it would be where I'd start to 
>> look. There was
>>
>> The nftables 0.8.1 release notes (from 2018) are here: 
>> https://lwn.net/Articles/744480/ and it points to new syntax in this 
>> release.
>>
>> good luck!
>>
>> Ed
>>
>> On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net 
>> <mailto:stunnel@attglobal.net>> wrote:
>>
>>     First time running wireguard as a native client on my Slackware 14.2
>>     system throws this:
>>
>>     root@The-Tardis:~# wg-quick up wg0
>>     [#] ip link add wg0 type wireguard
>>     [#] wg setconf wg0 /dev/fd/63
>>     [#] ip -4 address add 192.168.150.14/32
>>     <http://192.168.150.14/32> dev wg0
>>     [#] ip link set mtu 1420 up dev wg0
>>     [#] wg set wg0 fwmark 51820
>>     [#] ip -4 route add 0.0.0.0/0 <http://0.0.0.0/0> dev wg0 table 51820
>>     [#] ip -4 rule add not fwmark 51820 table 51820
>>     [#] ip -4 rule add table main suppress_prefixlength 0
>>     [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
>>     [#] nft -f /dev/fd/63
>>     /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>>
>>     Fairly simple config to connect to my VPS:
>>
>>     [Interface]
>>     Address = 192.168.150.14/32 <http://192.168.150.14/32>
>>     PrivateKey = <Not the key you're looking for>
>>
>>     [Peer]
>>     PublicKey = <Just being overly paranoid>
>>     Endpoint = www.xxx.yyy.zzz:51820
>>     AllowedIPs = 0.0.0.0/0 <http://0.0.0.0/0>
>>
>>     Not sure what additional information you need collected at this
>>     point.
>>
>>     I'm able to connect outbound successfully using NordVPN's version of
>>     wireguard, but that doesn't use wg-quick, which is where the
>>     issue is.
>>
>>     Cheers.
>>     _______________________________________________
>>     WireGuard mailing list
>>     WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>>     https://lists.zx2c4.com/mailman/listinfo/wireguard
>>
>>
>>
>> -- 
>> Edward Vielmetti +1 734 330 2465
>> edward.vielmetti@gmail.com <mailto:edward.vielmetti@gmail.com>
>>
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard


[-- Attachment #1.2: Type: text/html, Size: 7442 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Eddie]

[-- Attachment #1.1: Type: text/plain, Size: 4519 bytes --]

As a follow up, wireguard-tools v1.0.20200102 also has the issue.

I did think of updating nftables to the latest, but that then started 
dragging in too many other updated dependencies I wasn't comfortable 
with.  So, as nftables currently isn't used on Slack, I renamed the 
binary so that wg-quick wouldn't find it, which allowed the connection 
to be made.

Now all I need do is work out why the handshakes between client and 
server are working, but traffic doesn't flow.

Cheers.


On 1/2/2020 12:04 AM, Eddie wrote:
> Not sure if this helps, or not.  But this is the relevant part from a 
> bash trace:
>
> + cmd nft -f /dev/fd/63
> + echo '[#] nft -f /dev/fd/63'
> [#] nft -f /dev/fd/63
> + nft -f /dev/fd/63
> ++ echo -n 'add table ip wg-quick-wg0
> add chain ip wg-quick-wg0 preraw { type filter hook prerouting 
> priority -300; }
> add chain ip wg-quick-wg0 premangle { type filter hook prerouting 
> priority -150; }
> add chain ip wg-quick-wg0 postmangle { type filter hook postrouting 
> priority -150; }
> add rule ip wg-quick-wg0 preraw iifname != wg0 ip daddr 192.168.150.14 
> fib saddr type != local drop
> add rule ip wg-quick-wg0 postmangle meta l4proto udp mark 51820 ct 
> mark set mark
> add rule ip wg-quick-wg0 premangle meta l4proto udp meta mark set ct mark
> '
> /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>
> ^^^^^
> Cheers.
>
>
> On 1/1/2020 11:34 PM, Eddie wrote:
>> Ha.  Even older:
>>
>> root@The-Tardis:~# nft -v
>> nftables v0.6 (Support Edward Snowden)
>>
>>
>> And in reply to a couple of off-list messages:
>>
>> wireguard-tools-1.0.20191226
>>
>> There are different reasons for using different VPNs.  Can you really 
>> "totally" trust the one that you're using.
>>
>> Cheers.
>>
>>
>>
>> On 1/1/2020 10:22 PM, Edward Vielmetti wrote:
>>> Eddie - what version of nftables does Slackware come with? The 
>>> output of `nft -v` should be helpful.
>>>
>>> There is a report from stackexchange that nftables at 0.7 gives this 
>>> error, but at 0.8.1 or better it's OK. I was not easily able to 
>>> verify that from the source code, but it would be where I'd start to 
>>> look. There was
>>>
>>> The nftables 0.8.1 release notes (from 2018) are here: 
>>> https://lwn.net/Articles/744480/ and it points to new syntax in this 
>>> release.
>>>
>>> good luck!
>>>
>>> Ed
>>>
>>> On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net 
>>> <mailto:stunnel@attglobal.net>> wrote:
>>>
>>>     First time running wireguard as a native client on my Slackware
>>>     14.2
>>>     system throws this:
>>>
>>>     root@The-Tardis:~# wg-quick up wg0
>>>     [#] ip link add wg0 type wireguard
>>>     [#] wg setconf wg0 /dev/fd/63
>>>     [#] ip -4 address add 192.168.150.14/32
>>>     <http://192.168.150.14/32> dev wg0
>>>     [#] ip link set mtu 1420 up dev wg0
>>>     [#] wg set wg0 fwmark 51820
>>>     [#] ip -4 route add 0.0.0.0/0 <http://0.0.0.0/0> dev wg0 table 51820
>>>     [#] ip -4 rule add not fwmark 51820 table 51820
>>>     [#] ip -4 rule add table main suppress_prefixlength 0
>>>     [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
>>>     [#] nft -f /dev/fd/63
>>>     /dev/fd/63:5:76-80: Error: syntax error, unexpected saddr
>>>
>>>     Fairly simple config to connect to my VPS:
>>>
>>>     [Interface]
>>>     Address = 192.168.150.14/32 <http://192.168.150.14/32>
>>>     PrivateKey = <Not the key you're looking for>
>>>
>>>     [Peer]
>>>     PublicKey = <Just being overly paranoid>
>>>     Endpoint = www.xxx.yyy.zzz:51820
>>>     AllowedIPs = 0.0.0.0/0 <http://0.0.0.0/0>
>>>
>>>     Not sure what additional information you need collected at this
>>>     point.
>>>
>>>     I'm able to connect outbound successfully using NordVPN's
>>>     version of
>>>     wireguard, but that doesn't use wg-quick, which is where the
>>>     issue is.
>>>
>>>     Cheers.
>>>     _______________________________________________
>>>     WireGuard mailing list
>>>     WireGuard@lists.zx2c4.com <mailto:WireGuard@lists.zx2c4.com>
>>>     https://lists.zx2c4.com/mailman/listinfo/wireguard
>>>
>>>
>>>
>>> -- 
>>> Edward Vielmetti +1 734 330 2465
>>> edward.vielmetti@gmail.com <mailto:edward.vielmetti@gmail.com>
>>>
>>
>>
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard


[-- Attachment #1.2: Type: text/html, Size: 9138 bytes --]

[-- Attachment #2: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Jason A. Donenfeld]

On 1/2/20 6:25 AM, Eddie wrote:
 > First time running wireguard as a native client on my Slackware 14.2
 > system throws this:

So far as I can tell, Slackware hasn't updated its WireGuard since 2018: 
https://slackbuilds.org/repository/14.2/network/WireGuard/

I've tried several times to contact the maintainers and have not 
received a reply.

It sounds like their kernel and/or nft are similarly bitrotted?

Maybe consider a new distro.

Alternatively, just get rid of nft from your system, and it will 
fallback to using iptables.

Jason
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Eddie]

I don't use those packages for wireguard.  I build my own from source.

But yes, the rest of Slack seems to be stuck in a time-warp.

Cheers.



On 1/2/2020 12:10 PM, Jason A. Donenfeld wrote:
> On 1/2/20 6:25 AM, Eddie wrote:
> > First time running wireguard as a native client on my Slackware 14.2
> > system throws this:
>
> So far as I can tell, Slackware hasn't updated its WireGuard since 
> 2018: https://slackbuilds.org/repository/14.2/network/WireGuard/
>
> I've tried several times to contact the maintainers and have not 
> received a reply.
>
> It sounds like their kernel and/or nft are similarly bitrotted?
>
> Maybe consider a new distro.
>
> Alternatively, just get rid of nft from your system, and it will 
> fallback to using iptables.
>
> Jason
>
>


_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Jason A. Donenfeld]

Hi Eddie,

A new Slackware maintainer (CC'd) has been found.

Something to consider with the nft(8) issue, by the way, is not only
the version of nft(8), but also the options in your kernel. We check
for these ones in Gentoo:
https://gitweb.gentoo.org/repo/gentoo.git/tree/net-vpn/wireguard-tools/wireguard-tools-1.0.20200102.ebuild#n39

Jason


On Thu, Jan 2, 2020 at 9:43 PM Eddie <stunnel@attglobal.net> wrote:
>
> I don't use those packages for wireguard.  I build my own from source.
>
> But yes, the rest of Slack seems to be stuck in a time-warp.
>
> Cheers.
>
>
>
> On 1/2/2020 12:10 PM, Jason A. Donenfeld wrote:
> > On 1/2/20 6:25 AM, Eddie wrote:
> > > First time running wireguard as a native client on my Slackware 14.2
> > > system throws this:
> >
> > So far as I can tell, Slackware hasn't updated its WireGuard since
> > 2018: https://slackbuilds.org/repository/14.2/network/WireGuard/
> >
> > I've tried several times to contact the maintainers and have not
> > received a reply.
> >
> > It sounds like their kernel and/or nft are similarly bitrotted?
> >
> > Maybe consider a new distro.
> >
> > Alternatively, just get rid of nft from your system, and it will
> > fallback to using iptables.
> >
> > Jason
> >
> >
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Jason A. Donenfeld]

I took a closer look. Indeed the issue is that nft 0.6 is too old. Use 0.7+.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Jason A. Donenfeld]

We could do something like this:
https://git.zx2c4.com/wireguard-tools/commit/?h=jd/nft-version-detection

But that seems pretty ugly and I think I'd rather not.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Jason A. Donenfeld]

On Fri, Jan 3, 2020 at 5:43 PM Alvin Darkness <AlvinD11@hotmail.com> wrote:
>
> Unfortunately as slackware 14.2 is a (quite old now) stable release there isnt much we can do about getting nft past 0.6.  A good portion of us slackware users have moved onto slackware -current, which is the rolling release, as we wait for Pat to pull the trigger and get slackware 15.0 out.   Slackware -current is using nft 0.9.3 at the moment, so no issues there.
>
> I can add a caveat to the description/readme on the slackbuilds wireguard-tools page to include something about wg-quick and nft compatibility for 14.2 users.
>
> That commit is up to you.  If you think an install time solution is better we could just add something to the build script instead.

Can you just add:

sed -i 's/type -p nft/false/g' src/wg-quick/linux.bash

to your slackbuild before installing? That'll make it fall back to
iptables always.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Eddie]

Agreed, way too ugly.  :-)  Don't do it for me.

Cheers.


On 1/3/2020 8:22 AM, Jason A. Donenfeld wrote:
> We could do something like this:
> https://git.zx2c4.com/wireguard-tools/commit/?h=jd/nft-version-detection
>
> But that seems pretty ugly and I think I'd rather not.
>
>

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Eddie]

Let me see if I can install 0.7 without too many dependencies creeping 
in.  I tried the latest Slackware current build of 0.9, but the 
dependencies were getting out of hand.

Cheers.


On 1/3/2020 8:07 AM, Jason A. Donenfeld wrote:
> I took a closer look. Indeed the issue is that nft 0.6 is too old. Use 0.7+.
>
>

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: wg-quick: syntax error, unexpected saddr

[Eddie]

On 1/3/2020 9:14 AM, Jason A. Donenfeld wrote:
> On Fri, Jan 3, 2020 at 5:43 PM Alvin Darkness <AlvinD11@hotmail.com> wrote:
>> Unfortunately as slackware 14.2 is a (quite old now) stable release there isnt much we can do about getting nft past 0.6.  A good portion of us slackware users have moved onto slackware -current, which is the rolling release, as we wait for Pat to pull the trigger and get slackware 15.0 out.   Slackware -current is using nft 0.9.3 at the moment, so no issues there.
>>
>> I can add a caveat to the description/readme on the slackbuilds wireguard-tools page to include something about wg-quick and nft compatibility for 14.2 users.
>>
>> That commit is up to you.  If you think an install time solution is better we could just add something to the build script instead.
> Can you just add:
>
> sed -i 's/type -p nft/false/g' src/wg-quick/linux.bash
>
> to your slackbuild before installing? That'll make it fall back to
> iptables always.

Looks like a winner, at least for me, as I do my own builds. Thanks.

Cheers.

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard