WireGuard Archive on lore.kernel.org
 help / color / Atom feed
* PostDown 0.0.20191127
@ 2019-11-28 12:27 Thomas Sattler
  2019-11-28 12:51 ` Jason A. Donenfeld
  0 siblings, 1 reply; 5+ messages in thread
From: Thomas Sattler @ 2019-11-28 12:27 UTC (permalink / raw)
  To: WireGuard mailing list

[-- Attachment #1: Type: text/plain, Size: 130 bytes --]

Hi there ...

in 0.0.20191127 PostDown invocation can fail
as remove_iptables() can return non-zero. A
patch is attached.

Thomas

[-- Attachment #2: wg-quick.20191127-fix.patch --]
[-- Type: text/x-patch, Size: 285 bytes --]

--- /usr/bin/wg-quick.vanilla	2019-11-28 13:23:36.898460985 +0100
+++ /usr/bin/wg-quick	2019-11-28 13:19:59.402907478 +0100
@@ -192,6 +192,7 @@
 		done < <($iptables-save)
 		[[ $found -eq 1 ]] && echo "$restore" | cmd $iptables-restore -nw
 	done
+	return 0
 }
 
 HAVE_SET_IPTABLES=0

[-- Attachment #3: Type: text/plain, Size: 148 bytes --]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: PostDown 0.0.20191127
  2019-11-28 12:27 PostDown 0.0.20191127 Thomas Sattler
@ 2019-11-28 12:51 ` Jason A. Donenfeld
  2019-11-28 13:07   ` Nico Schottelius
  2019-11-28 13:32   ` Thomas Sattler
  0 siblings, 2 replies; 5+ messages in thread
From: Jason A. Donenfeld @ 2019-11-28 12:51 UTC (permalink / raw)
  To: Thomas Sattler; +Cc: WireGuard mailing list

Thanks. Fixed this way:
https://git.zx2c4.com/WireGuard/commit/?id=57854fb710160f567cf776b65080a9ce5afdf02c

But: why is your remove_iptables failing in the first place?
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: PostDown 0.0.20191127
  2019-11-28 12:51 ` Jason A. Donenfeld
@ 2019-11-28 13:07   ` Nico Schottelius
  2019-11-28 13:32   ` Thomas Sattler
  1 sibling, 0 replies; 5+ messages in thread
From: Nico Schottelius @ 2019-11-28 13:07 UTC (permalink / raw)
  To: wireguard


Follow up question from my side Jason: what do you think about replacing
"$2" in the script with a shifted "$@" and allowing multiple devices to
be specified?

i.e. wg-quick up wgungleich wgplace4 wgplace11

is something I would like to do in one call and it would potentially be
easy to just loop around it as follows:

...
elif [[ $# -ge 2 && $1 == up ]]; then
	auto_su
    shift # kick out "up" from the list
    while [ $# -ge 1 ]; do
        name=$1; shift
	    parse_options "$name"
        cmd_up
    done
...


Jason A. Donenfeld <Jason@zx2c4.com> writes:

> Thanks. Fixed this way:
> https://git.zx2c4.com/WireGuard/commit/?id=57854fb710160f567cf776b65080a9ce5afdf02c
>
> But: why is your remove_iptables failing in the first place?
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard


--
Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: PostDown 0.0.20191127
  2019-11-28 12:51 ` Jason A. Donenfeld
  2019-11-28 13:07   ` Nico Schottelius
@ 2019-11-28 13:32   ` Thomas Sattler
  2019-11-28 17:14     ` Jason A. Donenfeld
  1 sibling, 1 reply; 5+ messages in thread
From: Thomas Sattler @ 2019-11-28 13:32 UTC (permalink / raw)
  To: Jason A. Donenfeld; +Cc: WireGuard mailing list

Am 28.11.19 um 13:51 schrieb Jason A. Donenfeld:
> Thanks. Fixed this way:
> https://git.zx2c4.com/WireGuard/commit/?id=57854fb710160f567cf776b65080a9ce5afdf02c
> 
> But: why is your remove_iptables failing in the first place?
> 

If I understand correctly, the implicit return value of remove_iptables()
is the return value of its last command, which is the included for-loop.

And the implicit return value of the for loop is the return value of the
last command run inside the for-loop. Which is the test whether $found
is one. On my system $found is zero.

So the test "fails" and remove_iptables() returns non-zero.

Thomas
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: PostDown 0.0.20191127
  2019-11-28 13:32   ` Thomas Sattler
@ 2019-11-28 17:14     ` Jason A. Donenfeld
  0 siblings, 0 replies; 5+ messages in thread
From: Jason A. Donenfeld @ 2019-11-28 17:14 UTC (permalink / raw)
  To: Thomas Sattler; +Cc: WireGuard mailing list

Ahhh, that's what's up. Thanks! Will address.

Jason
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-28 12:27 PostDown 0.0.20191127 Thomas Sattler
2019-11-28 12:51 ` Jason A. Donenfeld
2019-11-28 13:07   ` Nico Schottelius
2019-11-28 13:32   ` Thomas Sattler
2019-11-28 17:14     ` Jason A. Donenfeld

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com
	public-inbox-index wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.zx2c4.lists.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git