Skip to content

/luci

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

luci-proto-wireguard: WireGuard VPN Protocol (New) #852

Merged
merged 9 commits into from Nov 17, 2016

Conversation

Reviewers

@stintel stintel

@jow- jow-

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
6 participants
@danrl @p4yne @jow- @kekukui @stintel @hnyman
@danrl
Copy link
Contributor

commented Nov 15, 2016

WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN. WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances.
It runs over UDP.

Signed-off-by: Dan Lüdtke mail@danrl.com
@danrl
luci-proto-wireguard: WireGuard VPN Protocol (New) 
WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN.  WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances.
It runs over UDP.

Signed-off-by: Dan Lüdtke mail@danrl.com
a508b8d
@danrl

This comment has been minimized.

Sign in to view
Copy link
Contributor Author

commented Nov 15, 2016

Related: openwrt/packages#3514
@p4yne

This comment has been minimized.

Sign in to view
Copy link

commented Nov 15, 2016

With luci support this is getting better and better hopefully this gets merged into openwrt, really looking foward to get an VPN running with a gui on a 32 MB RAM and 4 MB ROM MIPS device (https://wiki.openwrt.org/toh/unbranded/a5-v11).
@danrl
luci-proto-wireguard: added maintainer 
Signed-off-by: Dan Lüdtke <mail@danrl.com>
a42d168
@danrl

danrl reviewed Nov 15, 2016
View changes

protocols/luci-proto-wireguard/luasrc/model/network/proto_wireguard.lua

function proto.is_installed(self)
return nixio.fs.access("/lib/netifd/proto/wireguard.sh")
end

This comment has been minimized.

Sign in to view
Copy link
@danrl

danrl Nov 15, 2016

Author Contributor

File wireguard.sh is provided by package wireguard-tools which requires kmod-wireguard. Both are included in meta package wireguard.

Related PR: openwrt/packages#3514

This comment has been minimized.

Sign in to view
Copy link
@stintel

stintel Nov 15, 2016

Member

Merged openwrt/packages#3514. Please squash the commits in this PR.

danrl and others added some commits Nov 15, 2016

@danrl
luci-proto-wireguard: WireGuard VPN Protocol (New) 
WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN.  WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances.
It runs over UDP.

Signed-off-by: Dan Lüdtke mail@danrl.com
71770c1
@danrl
Merge branch 'luci-proto-wireguard' of github.com:danrl/openwrt-luci … 
…into luci-proto-wireguard
35f1ad8
@hnyman @danrl
luci-app-statistics: adjust cpufreq graph for single/dual-core CPUs 
The original data model definition assumed data from a quad-core CPU,
which caused errors with single- and dual-core processors.
Adjust the data model to work with also them.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
5566b3a
@danrl
luci-proto-wireguard: WireGuard VPN Protocol (New) 
WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN.  WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances.
It runs over UDP.

Signed-off-by: Dan Lüdtke mail@danrl.com
9caa982
@danrl
luci-proto-wireguard: added maintainer 
Signed-off-by: Dan Lüdtke <mail@danrl.com>
f9f4145
@danrl
Merge branch 'luci-proto-wireguard' of github.com:danrl/openwrt-luci … 
…into luci-proto-wireguard
bcd0e1a
@jow-

jow- requested changes Nov 15, 2016
View changes

protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua Outdated
translate("Required. Base64-encoded private key for this interface.")
)
private_key.password = true
private_key.datatype = "and(minlength(44),maxlength(44))"

This comment has been minimized.

Sign in to view
Copy link
@jow-

jow- Nov 15, 2016

Contributor

Please use rangelength(44, 44) here
protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua Outdated
translate("Public Key"),
translate("Required. Public key of peer.")
)
public_key.datatype = "and(minlength(44),maxlength(44))"

This comment has been minimized.

Sign in to view
Copy link
@jow-

jow- Nov 15, 2016

Contributor

Please use rangelength(44, 44)
protocols/luci-proto-wireguard/luasrc/model/cbi/admin_network/proto_wireguard.lua Outdated
translate("Required. IP addresses and prefixes that this peer is allowed " ..
"to use inside the tunnel. Routes will be added accordingly.")
)
allowed_ips.datatype = "or(ip6addr, ip4addr)"

This comment has been minimized.

Sign in to view
Copy link
@jow-

jow- Nov 15, 2016

Contributor

You can use ipaddr here which accepts both IPv4 and IPv6 addresses
@danrl

This comment has been minimized.

Sign in to view
Copy link
Contributor Author

commented Nov 15, 2016

@jow- thank you for taking the time to review my PR. I committed the changes as requested.
Please review again and let me know if there are further changes needed.
@danrl

This comment has been minimized.

Sign in to view
Copy link
Contributor Author

commented Nov 17, 2016

What will happen next? Who is responsible for the next step in the merging process?
@jow-

jow- approved these changes Nov 17, 2016
View changes

@jow- jow- merged commit 36e695d into openwrt:master Nov 17, 2016

@jow-

This comment has been minimized.

Sign in to view
Copy link
Contributor

commented Nov 17, 2016

merged, thanks

@danrl danrl deleted the danrl:luci-proto-wireguard branch Nov 17, 2016

@thinrope thinrope referenced this pull request Nov 18, 2016

Closed

luci-proto-wireguard: missing input fields #854

@kekukui

This comment has been minimized.

Sign in to view
Copy link

commented Sep 3, 2017

It intends to be considerably more performant than OpenVPN.

This certainly does look innovative and promising, but how does it compare to SoftEther, which makes similar performance claims?

http://www.softether.org/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.