Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Package Request] Wireguard #3690

Open
r-chris opened this issue Apr 20, 2019 · 7 comments
Open

[Package Request] Wireguard #3690

r-chris opened this issue Apr 20, 2019 · 7 comments
Labels
request request for new package

Comments

@r-chris
Copy link

r-chris commented Apr 20, 2019

Name: Wireguard
Description: General purpose VPN for running on embedded interfaces and super computers alike
Website: https://www.wireguard.com
Software documentation: https://www.wireguard.com/quickstart/
Build/Installation documentation: https://www.wireguard.com/install/#compiling-from-source
Source code: https://git.zx2c4.com/WireGuard/
License: GPLv2 (https://git.zx2c4.com/WireGuard/about/COPYING)

@publicarray
Copy link
Member

publicarray commented Apr 26, 2019

Hi there!

We have started on a build here: #3646 but it still needs testing and additional scripts to make the binary more useful.

@r-chris
Copy link
Author

r-chris commented Apr 26, 2019

Sounds great - I’ll take a look

@cytec cytec added the request request for new package label Jul 9, 2019
@pdblood
Copy link

pdblood commented Apr 14, 2021

@publicarray I'd like to run a Wireguard VPN client on my RT2600ac. Is this in a state that I could try to deploy it there?

@publicarray
Copy link
Member

@pdblood The binaries should work, but IMHO it's not production ready. https://seby.io/download/synology-rt2600ac/wireguard_ipq806x-1.2_1.0.20210219-1.spk

You may also look at https://github.com/runfalk/synology-wireguard instead

@publicarray
Copy link
Member

The reason I'm uncomfortable recommending to use in production is that I had a kernel crash a long time ago. Using kernel modules can be dangerous. Even the repo I liked to has a large disclaimer for what I assume is a similar reason,

@pdblood
Copy link

pdblood commented May 1, 2021

@publicarray thanks for the Wireguard package and information. To provide a bit more background: I am trying to get Wireguard to run as a VPN client to a remote VPN service like Mullvad from my RT2600ac, but there are certain dependencies in wg-quick that do not work on SRM when used in this scenario.

I was able to build my own .spk package using your wireguard branch, and package some of these dependencies with the .spk package (including bash and openresolv), but now I am hitting an issue that appears to be caused by lack of kernel support for addrtype netfilter module in the SRM kernel:

SynologyRouter> wg-quick up /var/packages/wireguard/target/var/wg0.conf
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /proc/self/fd/63
[#] ip -4 address add XX.XX.XXX.XXX/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] /var/packages/wireguard/target/sbin/resolvconf -a wg0 -m 0 -x
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
**[#] iptables-restore -n
iptables-restore v1.6.0: Couldn't load match `addrtype':No such file or directory

Error occurred at line: 2
Try `iptables-restore -h' or 'iptables-restore --help' for more information.**
[#] /var/packages/wireguard/target/sbin/resolvconf -d wg0 -f
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
[#] ip link delete dev wg0

Is this a show-stopper, or might it be possible to build and load the missing addrtype netfilter module, or even rebuild the SRM kernel with this option enabled? Any pointers you can provide would be appreciated.

@naringas
Copy link

naringas commented Dec 7, 2022

I'm here to vouch for https://github.com/runfalk/synology-wireguard you should certainly pull that project in...

I'm running it already, though I had to do a manual install. greetings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
request request for new package
Projects
None yet
Development

No branches or pull requests

5 participants