2 files changed, 22 insertions, 2 deletions

diff --git a/wireguardmeshgenerator.rb b/wireguardmeshgenerator.rb
index 9ef2228..cb0f819 100644
--- a/wireguardmeshgenerator.rb
+++ b/wireguardmeshgenerator.rb
@@ -147,8 +147,10 @@ WireguardConfig = Struct.new(:myself, :hosts) do
 
     ipv4 = hosts[myself]['wg0']['ip']
     ipv6 = hosts[myself]['wg0']['ipv6']
-    # FreeBSD wg-quick requires subnet mask on IPv4 address
-    ipv4_with_mask = hosts[myself]['os'] == 'FreeBSD' ? "#{ipv4}/24" : ipv4
+    # FreeBSD 15.0+ requires /32 host mask on IPv4 Address lines (not /24);
+    # without a prefix, service wireguard start fails with "setting interface
+    # address without mask is no longer supported"
+    ipv4_with_mask = hosts[myself]['os'] == 'FreeBSD' ? "#{ipv4}/32" : ipv4
 
     # WireGuard supports multiple Address directives for dual-stack
     if ipv6
diff --git a/wireguardmeshgenerator.yaml b/wireguardmeshgenerator.yaml
index 92dbf9c..c33c301 100644
--- a/wireguardmeshgenerator.yaml
+++ b/wireguardmeshgenerator.yaml
@@ -54,6 +54,24 @@ hosts:
       - earth
       - pixel7pro
       - freebsd
+  f3:
+    os: FreeBSD
+    ssh:
+      user: paul
+      conf_dir: /usr/local/etc/wireguard
+      sudo_cmd: doas
+      reload_cmd: service wireguard reload
+    lan:
+      domain: 'lan.buetow.org'
+      ip: '192.168.1.133'
+    wg0:
+      domain: 'wg0.wan.buetow.org'
+      ip: '192.168.2.133'
+      ipv6: 'fd42:beef:cafe:2::133'
+    exclude_peers:
+      - earth
+      - pixel7pro
+      - freebsd
   r0:
     os: Linux
     ssh: