On Thursday, December 12th, 2024, Stuart Henderson wrote:

> 
> IIRC it wasn't ported, it was a separate implementation.
>

I agree, but from my brief examination the text of some debugging messages was identical, with the IP addresses deleted.
 
> Also IIRC the data structures used in this implementation make it
> a bit hard to get at some of the information that would be useful
> for loggin.

The information should be there (struct wg_endpoint accessed via struct wg_peer) - there is usually a struct wg_peer available whenever something security-relevant is happening. I suspect this was not implemented simply because the Linux networking stack's debugging facility can decode a struct sockaddr directly from a printf-like statement. printf(9) does not, so it was removed.

It's best this is viewed as two separate issues:

- How best to capture data considered statistics, rather than flooding the console, per previous discussion.

- How to capture wg security-related events via some sort of persistent logging, similar to iked, as this functionality is currently missing. Maybe printf(9) isn't the best way - does it impact performance? Perhaps similar to how pf does it?

Regards
Lloyd