Controlling verbosity of wireguard logs

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: fuxjez <mail_at_osfux.nl>
Date: Thu, 19 Sep 2024 11:06:59 UTC

Hi List,

Somebody managed to get Wireguard logging running vebosely on 14.1? I've 
tried setting the LOG_LEVEL (mentioned in the wg 8 manpage, albeit 
directed at "userspace implementations") to debug, but I wasn't able to 
identify any ip information (for instance) looking at the debug 
information generated :(

I've only managed to find information regarding linux WG implementations 
that generate verbose logging ( 
https://superuser.com/questions/1774092/wireguard-connectivity-between-handshakes 
for instance ).

On FreeBSD 14.1 I've tried enabling the debug logging required like this:

===
LOG_LEVEL=verbose /sbin/ifconfig wg0 debug
LOG_LEVEL=DEBUG /sbin/ifconfig wg0 debug
LOG_LEVEL=debug /sbin/ifconfig wg0 debug
===

but the only generated messages I'm seeing are regarding wireguard 
handshakes / wireguard keepalive functionality. I tried simulating 
faulty connection attempts by connecting to the wg endpoint using an 
"invalid" publickey. With LOG_LEVEL=debug this only generates:

wg0: Invalid initiation MAC

messages in the logs. I'm after the source ip addresses that fail to 
establish correct crypto with this servers' wg endpoint so the messages 
do not contain sufficient information for my purposes.

Any thoughts? Feedback appreciated!

ruben