Not sure if this helps, or not.  But this is the relevant part from a bash trace:

+ cmd nft -f /dev/fd/63
+ echo '[#] nft -f /dev/fd/63'
[#] nft -f /dev/fd/63
+ nft -f /dev/fd/63
++ echo -n 'add table ip wg-quick-wg0
add chain ip wg-quick-wg0 preraw { type filter hook prerouting priority -300; }
add chain ip wg-quick-wg0 premangle { type filter hook prerouting priority -150; }
add chain ip wg-quick-wg0 postmangle { type filter hook postrouting priority -150; }
add rule ip wg-quick-wg0 preraw iifname != wg0 ip daddr 192.168.150.14 fib saddr type != local drop
add rule ip wg-quick-wg0 postmangle meta l4proto udp mark 51820 ct mark set mark
add rule ip wg-quick-wg0 premangle meta l4proto udp meta mark set ct mark
'
/dev/fd/63:5:76-80: Error: syntax error, unexpected saddr

                                                                           ^^^^^
Cheers.


On 1/1/2020 11:34 PM, Eddie wrote:
Ha.  Even older:

root@The-Tardis:~# nft -v
nftables v0.6 (Support Edward Snowden)


And in reply to a couple of off-list messages:

wireguard-tools-1.0.20191226

There are different reasons for using different VPNs.  Can you really "totally" trust the one that you're using.

Cheers.



On 1/1/2020 10:22 PM, Edward Vielmetti wrote:
Eddie - what version of nftables does Slackware come with? The output of `nft -v` should be helpful.

There is a report from stackexchange that nftables at 0.7 gives this error, but at 0.8.1 or better it's OK. I was not easily able to verify that from the source code, but it would be where I'd start to look. There was 

The nftables 0.8.1 release notes (from 2018) are here: https://lwn.net/Articles/744480/ and it points to new syntax in this release.

good luck!

Ed

On Thu, Jan 2, 2020 at 12:27 AM Eddie <stunnel@attglobal.net> wrote:
First time running wireguard as a native client on my Slackware 14.2
system throws this:

root@The-Tardis:~# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 192.168.150.14/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] nft -f /dev/fd/63
/dev/fd/63:5:76-80: Error: syntax error, unexpected saddr

Fairly simple config to connect to my VPS:

[Interface]
Address = 192.168.150.14/32
PrivateKey = <Not the key you're looking for>

[Peer]
PublicKey = <Just being overly paranoid>
Endpoint = www.xxx.yyy.zzz:51820
AllowedIPs = 0.0.0.0/0

Not sure what additional information you need collected at this point.

I'm able to connect outbound successfully using NordVPN's version of
wireguard, but that doesn't use wg-quick, which is where the issue is.

Cheers.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard


--
Edward Vielmetti +1 734 330 2465
edward.vielmetti@gmail.com



_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard