ProHoster > Blog > internet nhau > In-kernel kuita kweWireGuard yeOpenBSD yakaziviswa

In-kernel kuita kweWireGuard yeOpenBSD yakaziviswa

Pa Twitter yekambani EdgeSecurity, yakavambwa nemunyori weWireGuard, yakashuma nezve kugadzira yemuno uye inotsigirwa zvizere VPN kuita WireGuard pasi pe OpenBSD. Kuti asimbise mazwi, skrini inoratidza basa yakabudiswa. Kuwanikwa kwezvigamba zveOpenBSD kernel kwakasimbiswawo naJason A. Donenfeld, munyori weWireGuard, mu. chiziviso wireguard-zvishandiso utility updates.

In-kernel kuita kweWireGuard yeOpenBSD yakaziviswa

Parizvino inongowanikwa zvigamba zvekunzeNekudaro, vanyori vanovimbisa kutumira yavo yekupedzisira vhezheni kune OpenBSD yekuvandudza yetsamba runyorwa munguva pfupi iri kutevera. Iyo WireGuard kodhi yeOpenBSD kernel ine mitsara ye3322, iri pasi peiyo Linux kernel kuita. Kana iyo kodhi yekushandisa WireGuard ikazogamuchirwa muOpenBSD sosi muti, inova yechipiri OS (mushure meLinux) ine yakazara uye yakabatanidzwa rutsigiro rweWireGuard kunze kwebhokisi. Rutsigiro rwakakura rweWireGuard runotarisirwa mukuburitswa kweOpenBSD 6.8 (mukuburitswa kweOpenBSD 6.7, yaive kusuduruka kubva Chivabvu 1 kusvika Chivabvu 19, zvigamba hazviwanikwe). Zvichakadaro, avo vanoda kushandisa WireGuard paOpenBSD vanofanira kushandisa chiteshi net/wireguard-go kana kuisa nemaoko zvigamba zvakapihwa.

Pamusoro pezvo, iwe unogona kucherechedza kuburitswa kwezvigadziriso zvepakeji wireguard-zvishandiso v1.0.20200510 ΠΈ wireguard-linux-compat v1.0.20200506, kusanganisira mushandisi-nzvimbo zvinoshandiswa senge wg uye wg-nekukurumidza, uye dhizaini yekupa kuenderana neyekare Linux kernels (3.10 kusvika uye kusanganisira 5.5) iyo isina yakavakirwa-mukati tsigiro yeWireGuard. Kuburitswa kutsva kwewg uye wg-kukurumidza zvinoshandiswa kunowedzera rutsigiro rwekudyidzana neOpenBSD kernel kuitiswa kweWireGuard. Zvinonzi zvigamba zveOpenBSD kernel zvakarongwa kugovaniswa mukati mesvondo rinotevera. Kugadzirisa mugero muOpenBSD, iyo yakajairika wg interface uye "ifconfig wg0 gadzira" ichashandiswa.

Pakati peshanduko dzisingaenderane nerutsigiro rweOpenBSD, chinonyanya kukosha ndechekuwedzera kune wg-kukurumidza kushandiswa kwemadomasi anowira pasi pe "dns search" mask mune resolv.conf. Ye Android, yakawedzera tsigiro yekushandisa whitelisting mukuwedzera kune yakasviba. Yakawedzera wg-quick.target sevhisi yesystemd kuti itangezve uye kutonga wg-nekukurumidza. Shanduko inonyanya kukosha muwayaguard-linux-compat package ndeyekuona kuenderana neremangwana zvigadziriso kune kernel mapakeji eUbuntu 19.10 uye 18.04-hwe, ari parizvino muchikamu "chakarongwa" uye haasati aendeswa kune inogadziridza.

Source: opennet.ru

Voeg