Download raw body.
[patch] wireguard floods dmesg
On Wed, Dec 11, 2024 at 02:39:20PM +0300, Vitaliy Makkoveev wrote: > > On 11 Dec 2024, at 12:24, Claudio Jeker <cjeker@diehard.n-r-g.com> wrote: > > > > On Wed, Dec 11, 2024 at 07:45:34AM +0000, Lloyd wrote: > >> Hello, > >> > >> Wireguard has a rudimentary logging function accessed by setting the debug flag on the interface. Logging Wireguard activity is desirable e.g. for SIEM purposes. However, the current implementation will flood the system message buffer with the following message if the other side of the tunnel is down: > >> > >> wg0: No valid endpoint has been configured or discovered for peer 0 > >> wg0: No valid endpoint has been configured or discovered for peer 0 > >> wg0: No valid endpoint has been configured or discovered for peer 0 > > > > Is that message actually useful? Shouldn't it be simply removed? > > This message appears only if IFF_DEBUG flag is set. No problem > with it. But it triggers probably for every portscan or similar attempt. It does not report the IP addrs it does not give any useful info. So I think it is not useful for anyone. -- :wq Claudio
[patch] wireguard floods dmesg