[FEATURE PORPOSAL] Wireguard

I’d love if /e/ would support Wireguard directly in the kernel. Wireguard is much faster that way than being run in userspace. As Wireguard is about to become the leading VPN technology in regard to privacy and performance, would that be possible?

Best,

LK

2 Likes

Sorry, but I don’t think it’s a good idea. It will blocking my own or other 3rd party vpn, or not ?

I think this means to add Wireguard to the list of protocols available by default (along with PPTP and OpenVPN). That’s a good point, because now we have to install a standalone client app.

But as I have written, for example, my TrackerControll app needs to have his own local VPN. And other firewalls need also his own VPN. So if Wireguard will be integrated in eOS these apps won’t work.

As we often have discussed. Better a small eOS with less default apps as a big o OS with full of defaults. Everyone should be able to decide what he want’s install and use

Why? At the moment we already have a built-in PPTP, L2TP, IPSec (but not OpenVPN – I was wrong) and it makes no trouble. So why adding support for another one VPN protocol should change something in this regard?

Wireguard is not an app, it’s a protocol. Its support is proposed to be added at the kernel level, just like it is already done in Linux if I’m not mistaken.

2 Likes

In first post it was written a vpn technologie.

That’s the first reason of my post.

Would that mean, that services such as NordVPN who use Wireguard (afaik) they’d run faster?

that’s just a a side effect of a horrible inefficient user level workaround…
the linux kernel, as used by android, provides much better alternatives for this purpose (see: iptables/nftables/bpfilter…)

yes – wireguard is much faster resp. more efficent the e.g. OpenVPN, but it’s also very simple and only supports a minimalist set of features. but this elementary functions work surprisingly well and only need a very small and save code base and extraordinary well implemented crypto routines.

1 Like

WireGuard - sounds like a modern VPN solution. But WireGuard is still in full development, is not yet complete and not yet stable. The concept fits well with /e/ …

Work in Progress
WireGuard is not yet complete. You should not rely on this code. It has not undergone proper degrees of security auditing and the protocol is still subject to change. We’re working toward a stable 1.0 release, but that time has not yet come.

Work in Progress
WireGuard is currently working toward a stable 1.0 release. Current snapshots are generally versioned “0.0.YYYYMMDD” or “0.0.V”, but these should not be considered real releases and they may contain security quirks (which would not be eligible for CVEs, since this is pre-release snapshot software). This text will be removed after a thorough audit.

index : wireguard-monolithic-historical

Installation

F-Droid | WireGuard: Next generation secure VPN network tunne

it’s indeed still not included in the mainline linux kernel, but it’s already used by many individuals and even huge service providers in production.

but it looks very likely, that wireguard will finally find it’s way into the upstream linux kernel code very soon (see: https://www.phoronix.com/scan.php?page=news_item&px=WireGuard-Compat-Pre-5.6)

there are also already alternative user level implementations of wireguard available written in rust and go-lang, which will run on a wide variety of operating systems. (e.g. boringtun, the base of warp)

Lately I have been using a VPN service wireguard app and it is disconnecting all the time.

Then just try another service and/or wireguard client. It’s doubtful if the protocol itself is the cause of your problem.