aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStepan Henek <stepan.henek@nic.cz>2021-04-25 23:32:29 +0200
committerPaul Spooren <mail@aparcar.org>2021-10-18 12:14:36 -1000
commitc4e994011f56d30e031705c16c6b5c498c530852 (patch)
treecfcca3ea674f645e639cd2caef5b589ac189f4ef
parentdbb0019cbef43c6ce5d02a52bfe662d2217ce603 (diff)
downloadupstream-c4e994011f56d30e031705c16c6b5c498c530852.tar.gz
upstream-c4e994011f56d30e031705c16c6b5c498c530852.tar.bz2
upstream-c4e994011f56d30e031705c16c6b5c498c530852.zip
wireguard-tools: add uci option to disable wireguard peers
Right now when I want to temporarily disable wg peer I need to delete the entire peer section. This is not such a good solution because I loose the previous configuration of the peer. This patch adds `disabled` option to peer config which causes that the config section is ignored. Signed-off-by: Stepan Henek <stepan.henek@nic.cz> [use $(AUTORELEASE)] Signed-off-by: Paul Spooren <mail@aparcar.org>
-rw-r--r--package/network/utils/wireguard-tools/Makefile2
-rw-r--r--package/network/utils/wireguard-tools/files/wireguard.sh7
-rw-r--r--package/network/utils/wireguard-tools/files/wireguard_watchdog8
3 files changed, 16 insertions, 1 deletions
diff --git a/package/network/utils/wireguard-tools/Makefile b/package/network/utils/wireguard-tools/Makefile
index 11372f2331..717ec2bbb1 100644
--- a/package/network/utils/wireguard-tools/Makefile
+++ b/package/network/utils/wireguard-tools/Makefile
@@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/kernel.mk
PKG_NAME:=wireguard-tools
PKG_VERSION:=1.0.20210424
-PKG_RELEASE:=1
+PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/
diff --git a/package/network/utils/wireguard-tools/files/wireguard.sh b/package/network/utils/wireguard-tools/files/wireguard.sh
index 63261aea71..2e6d74bc91 100644
--- a/package/network/utils/wireguard-tools/files/wireguard.sh
+++ b/package/network/utils/wireguard-tools/files/wireguard.sh
@@ -26,6 +26,7 @@ proto_wireguard_init_config() {
proto_wireguard_setup_peer() {
local peer_config="$1"
+ local disabled
local public_key
local preshared_key
local allowed_ips
@@ -34,6 +35,7 @@ proto_wireguard_setup_peer() {
local endpoint_port
local persistent_keepalive
+ config_get_bool disabled "${peer_config}" "disabled" 0
config_get public_key "${peer_config}" "public_key"
config_get preshared_key "${peer_config}" "preshared_key"
config_get allowed_ips "${peer_config}" "allowed_ips"
@@ -42,6 +44,11 @@ proto_wireguard_setup_peer() {
config_get endpoint_port "${peer_config}" "endpoint_port"
config_get persistent_keepalive "${peer_config}" "persistent_keepalive"
+ if [ "${disabled}" -eq 1 ]; then
+ # skip disabled peers
+ return 0
+ fi
+
if [ -z "$public_key" ]; then
echo "Skipping peer config $peer_config because public key is not defined."
return 0
diff --git a/package/network/utils/wireguard-tools/files/wireguard_watchdog b/package/network/utils/wireguard-tools/files/wireguard_watchdog
index c0a5a0aa33..0126f699bb 100644
--- a/package/network/utils/wireguard-tools/files/wireguard_watchdog
+++ b/package/network/utils/wireguard-tools/files/wireguard_watchdog
@@ -17,6 +17,7 @@
check_peer_activity() {
local cfg=$1
local iface=$2
+ local disabled
local public_key
local endpoint_host
local endpoint_port
@@ -24,9 +25,16 @@ check_peer_activity() {
local last_handshake
local idle_seconds
+ config_get_bool disabled "${cfg}" "disabled" 0
config_get public_key "${cfg}" "public_key"
config_get endpoint_host "${cfg}" "endpoint_host"
config_get endpoint_port "${cfg}" "endpoint_port"
+
+ if [ "${disabled}" -eq 1 ]; then
+ # skip disabled peers
+ return 0
+ fi
+
persistent_keepalive=$(wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}')
# only process peers with endpoints and keepalive set