Hello ports@ The use of fwmark in net/wireguard-tools wg(8) appears to be broken. I believe this is because this fwmark is a Linux-specific convention for use with their netfilter API. E.g. an error is returned if the fwmark argument is supplied:
# wg set wg0 fwmark 1234 Unable to modify interface: Invalid argument Setting FwMark = 1234 in a Wireguard config file also results in a broken configuration. There appears to be some IPC interface to the wg(4) driver in this respect, but I don't understand what it's trying to do, or if it even works. It's worth nothing the man pages for wg(8) and wg-quick(8) reference many Linux-isms like modprobe and iptables which is misleading. Should these be patched out of the OpenBSD port of wireguard-tools?
