wireguard-tools
wireguard-tools copied to clipboard
Improvements to wg-quick output for linux.bash.
Replaced use of <(echo $var)' for
wg setconf -fand
nft -fcommands. Use of
<(echo $var)' obscured actual input to wg
and nft
commands
and replaced with /dev/fd/63 which just indicates piped input.
After this commit, output will reflect actual commands for nft
and will echo the config parameters being read by wg setconf
.
Config parameters will also hide Private and Preshared keys like
the `wg' command.
Before
[#] wg setconf wg0 /dev/fd/63 [#] nft -f /dev/fd/63
After
[#] wg setconf wg0 /dev/fd/63 wg configuration [Interface] PrivateKey = (hidden) ListenPort = 51820
[Peer] PublicKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx= PresharedKey = (hidden) AllowedIPs = 0.0.0.0/0 Endpoint = xxx.xxx.xxx.xxx:51820 PersistentKeepalive = 25
[#] nft delete table ip wg-quick-wg0