From: Brassy Panache <brassy.panache@gmail.com>
To: wireguard@lists.zx2c4.com
Subject: Error with wg-quick down when IPv6 not present
Date: Wed, 25 Sep 2019 11:06:18 +1000 [thread overview]
Message-ID: <CAJLOqRznfra3wQz5Gd7-KQw98AN8CuLozC1ZSZk8mupoJ+77RQ@mail.gmail.com> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 1117 bytes --]
I have a kernel without IPv6 support. I've noticed when running:
$ wg-quick down vpn
I receive the following errors:
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
RTNETLINK answers: Address family not supported by protocol
Dump terminated
RTNETLINK answers: Address family not supported by protocol
Dump terminated
[#] ip link delete dev vpn
[#] resolvconf -d vpn -f
This is caused by the assumption that the command:
$ ip -6 rule show
will run on the system. I have made a change to my local wg-quick script
which first tests if the command runs successfully before it clears the
rules. The same should probably also be done prior to running the IPv4
version of the command.
An alternate approach could also be to check that IPv6 is available in the
running kernel, but there didn't seem to be a reliable cross-platform
mechanism to do that [0].
In any case, I have attached a patch which I am running locally to avoid
these spurious errors.
[0]:
https://stackoverflow.com/questions/39983121/how-to-detect-if-system-has-ipv6-enabled-in-a-unix-shell-script
[-- Attachment #1.2: Type: text/html, Size: 1743 bytes --]
[-- Attachment #2: patch --]
[-- Type: application/octet-stream, Size: 927 bytes --]
--- /tmp/wg-quick 2019-09-25 10:43:18.851033088 +1000
+++ /usr/bin/wg-quick 2019-09-25 10:45:12.839833715 +1000
@@ -102,12 +102,14 @@
while [[ $(ip -4 rule show) == *"from all lookup main suppress_prefixlength 0"* ]]; do
cmd ip -4 rule delete table main suppress_prefixlength 0
done
- while [[ $(ip -6 rule show) == *"lookup $table"* ]]; do
- cmd ip -6 rule delete table $table
- done
- while [[ $(ip -6 rule show) == *"from all lookup main suppress_prefixlength 0"* ]]; do
- cmd ip -6 rule delete table main suppress_prefixlength 0
- done
+ if ip -6 rule show &>/dev/null 2>&1 ; then
+ while [[ $(ip -6 rule show) == *"lookup $table"* ]]; do
+ cmd ip -6 rule delete table $table
+ done
+ while [[ $(ip -6 rule show) == *"from all lookup main suppress_prefixlength 0"* ]]; do
+ cmd ip -6 rule delete table main suppress_prefixlength 0
+ done
+ fi
fi
cmd ip link delete dev "$INTERFACE"
}
[-- Attachment #3: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
next reply other threads:[~2019-09-25 8:50 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-25 1:06 Brassy Panache [this message]
2019-09-25 9:25 ` Error with wg-quick down when IPv6 not present Jason A. Donenfeld
2019-09-25 9:30 ` Brassy Panache
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJLOqRznfra3wQz5Gd7-KQw98AN8CuLozC1ZSZk8mupoJ+77RQ@mail.gmail.com \
--to=brassy.panache@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).