NHAS/wag v1.3.2-pre-release

on GitHub

This release is incompatible with previous versions of wag.

It is recommended that the systemd service file is updated to the current version in the respository.

Major Changes:

• WgDevName has been moved into a new configuration structure Wireguard and is now called DevName
• Wag will now create and populate a wireguard device using netlink, when the device specified by DevName is not present
• Wag no longer relies on wg-quick configuration for peers

Features:

• Netlink interoperability allows wag to setup/teardown a wireguard device
• Hot upgrading, the VPN now does not need to be fully stopped in order to upgrade the golang components of wag this is added with the ./wag upgrade command
• Improved control package, now every action can be done using it

Changes:

• When a user exceeds the lockout number of attempts the error message they now get is "account locked"
• Wags XDP component is now more obviously labeled as wag in tools such as bpftool
• The wag socket now allows whatever process group wag is in to read/write (allows for better integrations)
• No longer use the default http mux for the control mux just in case it becomes exposed
• Once a TOTP code is used, it cannot be reused

Bug Fixes:

• Fix firewall list command not outputting data
• -config is now no longer required for every cli command
• Add a minimum time to registration request completion to stop timing attacks (now will take ~1 second)