Re: What are the options for stopping and starting?

["Jason A. Donenfeld" <Jason@zx2c4.com>]

On Mon, Dec 4, 2017 at 8:27 PM, Whit Blauvelt <whit@transpect.com> wrote:
> While it's obvious wg-quick is a special purpose script, the precise niche
> it's good for is underspecified; as is the incompatibility of the resulting
> extra lines in the conf files. So if you were going to expand the docs to
> avoid confusing average sysadmins like me, those would be nice things to
> add.

Patches and documentation contributions welcome.

> although wg-quick has some daemonic properties

No, it has exactly zero "daemonic properties". All calls to fork(2)
are quickly followed by either an exec(3) or an _exit(2), and every
child terminates prior to its parent. The parent itself never becomes
a session leader or detaches from its own parent. In other words,
wg-quick is a normal boring bash script.

> It's natural in that metaphor of "service" to ask how to "turn it on" and
> "turn it off." Okay, so "ip link set wg0 down" is the off switch; and "wg
> setconf wg0 wg0.conf" is the on switch?

No. As mentioned before, the reverse of `ip link set wg0 down` is `ip
link set wg0 up`.

> If so, it's just a bit unusual to have the off switch be outside of the
> product (wg), while the on switch is inside it. Each command makes sense;
> having them be so far apart is an unusual placement.

The linux kernel networking stack uses ip(8) and the iproute2 set of
commands as the standard way of configuring the networking state of
the system. The place to complain about this would probably be the
netdev sublist of LKML, but I sincerely doubt you're going to convince
them to change two decades of userspace APIs.

> I respect you're
> adherence to KISS here. Yet an additional option like "wg setconf wg0
> standby" (to set the link down while perserving the options if possible), or
> "wg setconf wg0 off" (to turn it off and lose option settings) would fulfil
> the user's expectation of the on switch and the off switch being found in
> the same place. In a way it simplifies the interface to have features where
> people most naturally look for them.

As has been written prior, `ip link set wg0 up` and `ip link set wg0
down` are what you're looking for.


> Now that I understand it, I've got no problem with it. I'm just pointing out
> that for the next new user, unless the docs further explain this, the same
> confusion could occur.

If you'd like to write an beginner's tutorial to iproute2, and then
add a section on wg(8), be my guest. Probably many people would
benefit.

As was written to you prior, please take additional inquiries to
#wireguard on Freenode where we can help you in real time.

Thanks,
Jason