From: Jay Subject: Re: [patch] wireguard floods dmesg To: Lloyd Cc: Claudio Jeker , "tech@openbsd.org" Date: Thu, 12 Dec 2024 12:50:30 -0600 On Wed, Dec 11, 2024 at 9:55 PM Lloyd wrote: > This didn't make sense, so I looked at the Linux implementation of Wireguard. Under Linux, the debugging messages contain more information such as IP addresses of the remote endpoint that triggered the error. It appears when Wireguard was ported to OpenBSD, these were intentionally removed. >.. > Should this functionality be added/restored? I would suggest that information be restored to the log messages. It seems to be an important feature that got lost (log message content that could be analyzed for debugging or security monitoring purposes). And also that there be global options rather than a per-link flag establishing a maximum count on identical log messages within a short period of time. More than a couple of this message per 30 seconds or so is not going to be useful for a conceivable purpose, especially without more information, since the meaning/intent of what is being logged is too vague/non-specific. A simple flag on each link rather than an integer threshold does not seem very suitable for choosing a verbosity level. Ideally you would go to syslog with a more detailed category and more detailed priority for each log message, and the user would decide through their syslog filtering more precisely what verbosity they would like saved or printed to their console, or not displayed. > Regards > Lloyd -- -J