mirrors/openwrt
0
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-12 11:23:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

wireguard-tools: add uci option to disable wireguard peers

Browse Source 
Right now when I want to temporarily disable wg peer I need to delete
the entire peer section. This is not such a good solution because I
loose the previous configuration of the peer.

This patch adds `disabled` option to peer config which causes that
the config section is ignored.

Signed-off-by: Stepan Henek <stepan.henek@nic.cz>
[use $(AUTORELEASE)]
Signed-off-by: Paul Spooren <mail@aparcar.org>
This commit is contained in:
Stepan Henek 2021-04-25 23:32:29 +02:00 committed by Paul Spooren
parent dbb0019cbe
commit c4e994011f
3 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/network/utils/wireguard-tools/Makefile
View File

@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=wireguard-tools PKG_NAME:=wireguard-tools
PKG_VERSION:=1.0.20210424 PKG_VERSION:=1.0.20210424
PKG_RELEASE:=1 PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/ PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/

7
package/network/utils/wireguard-tools/files/wireguard.sh
View File

@ -26,6 +26,7 @@ proto_wireguard_init_config() {
proto_wireguard_setup_peer() { proto_wireguard_setup_peer() {
local peer_config="$1" local peer_config="$1"
local disabled
local public_key local public_key
local preshared_key local preshared_key
local allowed_ips local allowed_ips
@ -34,6 +35,7 @@ proto_wireguard_setup_peer() {
local endpoint_port local endpoint_port
local persistent_keepalive local persistent_keepalive
config_get_bool disabled "${peer_config}" "disabled" 0
config_get public_key "${peer_config}" "public_key" config_get public_key "${peer_config}" "public_key"
config_get preshared_key "${peer_config}" "preshared_key" config_get preshared_key "${peer_config}" "preshared_key"
config_get allowed_ips "${peer_config}" "allowed_ips" config_get allowed_ips "${peer_config}" "allowed_ips"
@ -42,6 +44,11 @@ proto_wireguard_setup_peer() {
config_get endpoint_port "${peer_config}" "endpoint_port" config_get endpoint_port "${peer_config}" "endpoint_port"
config_get persistent_keepalive "${peer_config}" "persistent_keepalive" config_get persistent_keepalive "${peer_config}" "persistent_keepalive"
if [ "${disabled}" -eq 1 ]; then
# skip disabled peers
return 0
fi
if [ -z "$public_key" ]; then if [ -z "$public_key" ]; then
echo "Skipping peer config $peer_config because public key is not defined." echo "Skipping peer config $peer_config because public key is not defined."
return 0 return 0

8
package/network/utils/wireguard-tools/files/wireguard_watchdog
View File

@ -17,6 +17,7 @@
check_peer_activity() { check_peer_activity() {
local cfg=$1 local cfg=$1
local iface=$2 local iface=$2
local disabled
local public_key local public_key
local endpoint_host local endpoint_host
local endpoint_port local endpoint_port
@ -24,9 +25,16 @@ check_peer_activity() {
local last_handshake local last_handshake
local idle_seconds local idle_seconds
config_get_bool disabled "${cfg}" "disabled" 0
config_get public_key "${cfg}" "public_key" config_get public_key "${cfg}" "public_key"
config_get endpoint_host "${cfg}" "endpoint_host" config_get endpoint_host "${cfg}" "endpoint_host"
config_get endpoint_port "${cfg}" "endpoint_port" config_get endpoint_port "${cfg}" "endpoint_port"
if [ "${disabled}" -eq 1 ]; then
# skip disabled peers
return 0
fi
persistent_keepalive=$(wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}') persistent_keepalive=$(wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}')
# only process peers with endpoints and keepalive set # only process peers with endpoints and keepalive set