Bug 253487 - if_wg module multiple ipv4 in allowed-ips will cause all IPs' subnet mask become the same.
Summary: if_wg module multiple ipv4 in allowed-ips will cause all IPs' subnet mask bec...
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 13.0-STABLE
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-net (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-02-13 17:39 UTC by nyan
Modified: 2021-02-22 08:53 UTC (History)
6 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description nyan 2021-02-13 17:39:00 UTC 
When using `if_wg`, adding a peer with a list of allowed-ip, for example

 allowed-ips 10.0.20.0/24 allowed-ips 192.168.0.0/16

will result in

AllowedIPs = 10.0.20.0/24, 192.168.0.0/24

Expected:

AllowedIPs = 10.0.20.0/24, 192.168.0.0/16
Comment 1 nyan 2021-02-13 17:44:25 UTC 
Revision: FreeBSD 13.0-CURRENT #11 r369260M
Comment 2 Ka Ho Ng freebsd_committer freebsd_triage 2021-02-13 17:46:08 UTC 
This bug also affects -STABLE at 6136a10e355a7a837edecbccbed04c34b4bc32c9.

Some extra hints on mixing IPv4 and IPv6 allowed-ips

command:
allowed-ips 10.88.88.0/24 allowed-ips fccc:cccc:cccc:0::/64 allowed-ips fbbb:bbbb:bbbb:bbbb:bbbb::/80

Output:
[Peer]
PublicKey = ***
Endpoint = *:*
AllowedIPs = 10.88.88.0/24
[Peer]
PublicKey = ***
Endpoint = *:*
AllowedIPs = 10.88.88.0/24, fccc:cccc:cccc::/24
[Peer]
PublicKey = ***
Endpoint = *:*
AllowedIPs = 10.88.88.0/24, fccc:cccc:cccc::/24, fbbb:bbbb:bbbb:bbbb:bbbb::/24
Comment 3 nyan 2021-02-13 23:42:00 UTC 
https://reviews.freebsd.org/D28655
The above commit fixes this issue.
Comment 4 Kristof Provost freebsd_committer freebsd_triage 2021-02-16 09:31:00 UTC 
That fix went in as https://cgit.freebsd.org/src/commit/?id=0646b83f0779260256e03a11c7bc2e6bcfefa694
Comment 5 Li-Wen Hsu freebsd_committer freebsd_triage 2021-02-16 15:51:46 UTC 
Should this be merged to stable/13 and even releng/13.0?