Skip to content
Arti Zirk edited this page Mar 6, 2020 · 3 revisions

Plan is to allow setting WireGuard options via ip link command.

Inspiration: https://lists.zx2c4.com/pipermail/wireguard/2019-December/004723.html

ip link help wireguard
Usage: ... wireguard
		[listen-port  <port>]
		[fwmark <fwmark>]
		[private-key <file-path>]
		[peer <base64-public-key>
			[remove]
			[preshared-key  <file-path>]
			[endpoint <ip>:<port>]
			[persistent-keepalive <interval seconds>]
			[allowed-ips <ip1>/<cidr1>[,<ip2>/<cidr2>]...]
		]...

Already today you can create and destroy WireGuard interfaces with those commands

ip link add testwg type wireguard
ip link del testwg

Im trying to extend ip link command so that it would be possible to also set additional parameters.

ip link add testwg type wireguard listen-port 51820 private-key /tmp/wg.key
ip link set testwg type wireguard peer KEYKEY endpoint 10.0.0.1:51821 allowed-ips 192.168.0.1/24

So basicaly clone the wg set command into iproute2. Other wg tool features probably will not be ported over.

Clone this wiki locally