Question about Wireguard in Release Notes of 23.7.3

[Monviech (Cedrik)]

This also means the plugin will be moved to the
core for 24.1 along with Wireguard go plugin being removed completely
since on FreeBSD 13.2 no external package is needed to enjoy WireGuard
and the permanent existence of a kernel module renders the Go fallback
defunct through wireguard-tools/wg-quick implementation quirks.

I want to know if the implementation of the plugin to core will have the option to set

Code: [Select]

if_wg_load="YES" to

Code: [Select]

if_wg_load="NO" if wireguard isn't enabled. So that the kernel module won't be loaded at boot time if you don't want to use wireguard.
https://man.freebsd.org/cgi/man.cgi?query=wg&sektion=4&format=html

I feel iffy about wireguard since experiencing multiple kernel panics on DEC Hardware.
https://forum.opnsense.org/index.php?topic=35513.0

Thanks a lot for the good work

[franco]

It currently defaults to not configuring anything which is the same as:

if_wg_load="NO"

That will stay this way because ifconfig can auto-load modules at runtime when you try to create a network device:

# ifconfig wg create

If the driver module wasn't loaded before it will now be loaded. Also I don't think WireGuard will ever be part of the default kernel. Funnily enough pf isn't part of the base kernel either. It's also a module.


Cheers,
Franco