* [PATCH 0/1] Trying to rephrase man-file AllowedIPs again
@ 2018-02-18 12:02 Daniel Lublin
2018-02-18 12:02 ` [PATCH 1/1] wg(8): rephrase wording on AllowedIPs Daniel Lublin
0 siblings, 1 reply; 3+ messages in thread
From: Daniel Lublin @ 2018-02-18 12:02 UTC (permalink / raw)
To: wireguard
Giving another stab at this, after my (quite's) initial though on IRC
Daniel Lublin (1):
wg(8): rephrase wording on AllowedIPs
src/tools/wg.8 | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
--
2.16.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH 1/1] wg(8): rephrase wording on AllowedIPs
2018-02-18 12:02 [PATCH 0/1] Trying to rephrase man-file AllowedIPs again Daniel Lublin
@ 2018-02-18 12:02 ` Daniel Lublin
2018-02-18 16:10 ` Lonnie Abelbeck
0 siblings, 1 reply; 3+ messages in thread
From: Daniel Lublin @ 2018-02-18 12:02 UTC (permalink / raw)
To: wireguard
---
src/tools/wg.8 | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/tools/wg.8 b/src/tools/wg.8
index 49dc15b..b49fb7a 100644
--- a/src/tools/wg.8
+++ b/src/tools/wg.8
@@ -143,12 +143,12 @@ and may be omitted. This option adds an additional layer of symmetric-key
cryptography to be mixed into the already existing public-key cryptography,
for post-quantum resistance.
.IP \(bu
-AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses with
-CIDR masks from which incoming traffic for this peer is allowed and to
-which outgoing traffic for this peer is directed. The catch-all
-\fI0.0.0.0/0\fP may be specified for matching all IPv4 addresses, and
-\fI::/0\fP may be specified for matching all IPv6 addresses. May be specified
-multiple times. Required.
+AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses with CIDR
+masks, declaring the sources of incoming traffic that are allowed through the
+peer, and as well defining which destinations of outgoing traffic that will be
+directed through the peer. The catch-all \fI0.0.0.0/0\fP may be specified for
+matching all IPv4 addresses, and \fI::/0\fP may be specified for matching all
+IPv6 addresses. May be specified multiple times. Required.
.IP \(bu
Endpoint \(em an endpoint IP or hostname, followed by a colon, and then a
port number. This endpoint will be updated automatically to the most recent
--
2.16.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 1/1] wg(8): rephrase wording on AllowedIPs
2018-02-18 12:02 ` [PATCH 1/1] wg(8): rephrase wording on AllowedIPs Daniel Lublin
@ 2018-02-18 16:10 ` Lonnie Abelbeck
0 siblings, 0 replies; 3+ messages in thread
From: Lonnie Abelbeck @ 2018-02-18 16:10 UTC (permalink / raw)
To: WireGuard mailing list
On Feb 18, 2018, at 6:02 AM, Daniel Lublin <daniel@lublin.se> wrote:
> +AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses =
with CIDR
> +masks, declaring the sources of incoming traffic that are allowed =
through the
> +peer, and as well defining which destinations of outgoing traffic =
that will be
> +directed through the peer. The catch-all \fI0.0.0.0/0\fP may be =
specified for
> +matching all IPv4 addresses, and \fI::/0\fP may be specified for =
matching all
> +IPv6 addresses. May be specified multiple times. Required.
Personally, in an effort to make this more clear, from this reference:
Cryptokey Routing
https://www.wireguard.com/#cryptokey-routing
This quote offered clarity to me ...
--
When sending packets, the list of allowed IPs behaves as a sort of =
routing table, and when receiving packets, the list of allowed IPs =
behaves as a sort of access control list.
--
Lonnie
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-02-18 16:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-02-18 12:02 [PATCH 0/1] Trying to rephrase man-file AllowedIPs again Daniel Lublin
2018-02-18 12:02 ` [PATCH 1/1] wg(8): rephrase wording on AllowedIPs Daniel Lublin
2018-02-18 16:10 ` Lonnie Abelbeck
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).