Re: wg ifconfing control

That's why Linux have ip(8) utiity, similar to our pkg(8) subcommands or GEOM
classes. This could have been implemented with plugins, and - like pkg(8) - it
doesn't need to live in one big manpage (hard to read) - SEE ALSO to
individual pages is enough.

On Wed, 5 Feb 2025 15:32:05 +0100
Daniel Lovasko <daniel.lovasko@gmail.com> wrote:

> The same ioctls with wg_data_io structures could be issued from ifconfig,
> just as they are from the wg utility in base. I am not arguing that wg
> utility should be removed, or that the kernel access surface to WireGuard
> expanded. That being said, I think a similar wg utility can be obtained
> from ports (wireguard-tools).
> 
> The patch linked by Baptiste is pretty much what I was looking for. Whilst
> Baptiste's setup does indeed work, what I am looking for is a similar
> interface to how I configure other ifconfig _xyN interfaces in
> /etc/rc.conf. Also, perhaps expanding the scope of my ask: having the
> commands in ifconfig aids discoverability since the commands can be
> described in the manual page of ifconfig, similar to how it is done for
> other protocols.
> 
> As for the meta-debate on ifconfig itself, my goal is to *configure a
> network interface* (which wg presents itself as), so ifconfig sounds to me
> like the right place. Please correct me if I am wrong, but if you want to
> select the MTU of a WireGuard interface, you would still use ifconfig to do
> that. Having to use a single tool for all my configuration needs for wg
> would be greatly appreciated, instead of relying on wg in the base,
> wg-quick from wireguard-tools package to get /etc/rc.conf entries instead
> of the ifconfig ones already in base, and ifconfig for particular generic
> properties, without having a single non-Linux manual page dedicated to the
> WireGuard subject in base. Whether the ifconfig utility does not live up to
> code quality standards, or has active bugs, is a different debate
> altogether.
> 
> On Mon, Feb 3, 2025 at 5:40 PM Peter 'PMc' Much <pmc@citylink.dinoex.sub.org>
> wrote:
> 
> > On 2025-01-23, Bertrand Petit <freebsd-hackers@phoe.frmug.org> wrote:  
> > > On Thu, Jan 23, 2025 at 08:24:08AM +0000, Poul-Henning Kamp wrote:  
> > >>
> > >> Isn't that program already horrible and complex enough, in terms
> > >> of source code, manual page and command line options ?  
> >
> > Thanks for speaking it out.
> > I already moved all my bridges and guests and virtuals to netgraph,
> > where I can find them again. It's much nicer to have a separate
> > plane of existance where one can put things together independent
> > from the ifconfig moloch.
> >  
> > >       And buggy, see [1]. Reported Oct. 2021 and still present.  
> >
> > Ups, is that a bug?
> > I got used to the scans sometimes either returning nothing or not
> > returning at all. The link itself now functioning, I thought this
> > an acceptable tradeoff.
> >
> > cheerio,
> > PMc
> >
> >  



-- 
WBR, @nuclight