Do what it says; pass the -w option to iptables. On Sun, Feb 23, 2020, 11:36 Dimitri J. Panagiotou wrote: > Hi, > > Since upgrading to Fedora 31 (5.5), wireguard (latest) does not start > after rebooting. > It does start with no problem at all after rebooting, by manually running > wg-quick. > > This is what I get: > -- Reboot -- > Feb 22 01:19:48 myservername systemd[1]: Starting WireGuard via > wg-quick(8) for wg0... > Feb 22 01:19:49 myservername wg-quick[1173]: [#] ip link add wg0 type > wireguard > Feb 22 01:19:49 myservername wg-quick[1173]: [#] wg setconf wg0 /dev/fd/63 > Feb 22 01:19:50 myservername wg-quick[1173]: [#] ip -4 address add > 10.12.182.1/24 dev wg0 > Feb 22 01:19:50 myservername wg-quick[1173]: [#] ip link set mtu 1420 up > dev wg0 > Feb 22 01:19:50 myservername wg-quick[1173]: [#] mount `10.12.197.1' > /etc/resolv.conf > Feb 22 01:19:51 myservername wg-quick[1173]: [#] iptables -A FORWARD -i > wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE > Feb 22 01:19:51 myservername wg-quick[1173]: Another app is currently > holding the xtables lock. Perhaps you want to use the -w option? > Feb 22 01:19:51 myservername wg-quick[1173]: [#] umount /etc/resolv.conf > Feb 22 01:19:51 myservername wg-quick[1173]: [#] ip link delete dev wg0 > Feb 22 01:19:51 myservername systemd[1]: wg-quick@wg0.service: Main > process exited, code=exited, status=4/NOPERMISSION > Feb 22 01:19:51 myservername systemd[1]: wg-quick@wg0.service: Failed > with result 'exit-code'. > Feb 22 01:19:51 myservername systemd[1]: Failed to start WireGuard via > wg-quick(8) for wg0. > > Running > wireguard-dkms.noarch 1:0.0.20200215-2.fc31 > @jdoss-wireguard > wireguard-tools.x86_64 1:1.0.20200102-1.fc31 > @jdoss-wireguard > > Any idea what's causing this? > > Thanks, > -dimitri > > > _______________________________________________ > WireGuard mailing list > WireGuard@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/wireguard >