With this change, I'm able to connect to a wireguard peer by running doas wg-quick up /usr/local/etc/wireguard/wg0.conf where the content of wg0.conf, with some parts censored as "XXX", is: [Interface] PrivateKey = XXX Address=10.167.1.5 [Peer] PublicKey = XXX EndPoint = exoco.falsifian.org:791 AllowedIps = 10.167.1.0/24 PersistentKeepalive = 25 Essentially, there are three changes, all of which will hopefully appear upstream eventually: 1. Fix DragonflyBSD support in the x/net go library. This change is under review upstream at https://go-review.googlesource.com/c/net/+/328331/ Here, I'm actually patching the vendored copy of x/net used by lang/go and lang/go-devel, because the problem manefests via the "net" library, which is provided directly by go (or go-devel). (Specifically, net.InterfaceByName doesn't work without this patch.) 2. Fix wireguard-go's DragonflyBSD support. This change, originally by Aaron Li, is under review at https://github.com/WireGuard/wireguard-go/pull/49 I added GO_ENV to MAKE_ENV to fix wireguard-go vendoring, based on commit 7a2ae184 from FreeBSD ports. 3. A small fix to net/wireguard to be compatible with the newer wireguard-go. This change is cherry-picked from upstream net/wireguard.