Message ID | 20190524110044.981-1-freifunk@adrianschmutzler.de |
---|---|
State | Accepted |
Headers | show |
diff --git a/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch new file mode 100644 index 00000000..09d43ddc --- /dev/null +++ b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch @@ -0,0 +1,47 @@ +From: Daniel Golle <daniel@makrotopia.org> +Date: Tue, 19 Mar 2019 16:47:17 +0100 +Subject: wireguard: introduce 'nohostroute' option + +Use a new config option 'nohostroute' to explicitely prevent creation +of the route to the endpoint. + +Signed-off-by: Daniel Golle <daniel@makrotopia.org> +[squashed with commit 1e8bb50, shorten commit message] +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.net> + +diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh +index 96fa7215ff..fb781070d6 100644 +--- a/package/network/services/wireguard/files/wireguard.sh ++++ b/package/network/services/wireguard/files/wireguard.sh +@@ -114,6 +114,7 @@ proto_wireguard_setup() { + config_get mtu "${config}" "mtu" + config_get fwmark "${config}" "fwmark" + config_get ip6prefix "${config}" "ip6prefix" ++ config_get nohostroute "${config}" "nohostroute" + + # create interface + ip link del dev "${config}" 2>/dev/null +@@ -176,12 +177,14 @@ proto_wireguard_setup() { + done + + # endpoint dependency +- wg show "${config}" endpoints | \ +- sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ +- while IFS=$'\t ' read -r key address port; do +- [ -n "${port}" ] || continue +- proto_add_host_dependency "${config}" "${address}" +- done ++ if [ "${nohostroute}" != "1" ]; then ++ wg show "${config}" endpoints | \ ++ sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ ++ while IFS=$'\t ' read -r key address port; do ++ [ -n "${port}" ] || continue ++ proto_add_host_dependency "${config}" "${address}" ++ done ++ fi + + proto_send_update "${config}" + } +-- +2.11.0 +
Hallo Adrian, vielen Dank, das macht meinen wireguard Patch dann viel angenehmer zum Reviewen. Reviewed-by: Fabian Bläse <fabian@blaese.de> Gruß Fabian On 24.05.19 13:00, Adrian Schmutzler wrote: > When using IPv6 addresses (or DNS which has AAAA record) as endpoint, > add_host_dependency fails for some reason which causes the wireguard > interface to disappear. > > This patch backports an option from OpenWrt master, where > host_dependency can be disabled by adding 'option nohostroute 1' > to the interface. > > This is an alternate approach based on the work of Fabian Bläse. > > Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > --- > ...01-wireguard-introduce-nohostroute-option.patch | 47 ++++++++++++++++++++++ > 1 file changed, 47 insertions(+) > create mode 100644 build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch > > diff --git a/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch > new file mode 100644 > index 00000000..09d43ddc > --- /dev/null > +++ b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch > @@ -0,0 +1,47 @@ > +From: Daniel Golle <daniel@makrotopia.org> > +Date: Tue, 19 Mar 2019 16:47:17 +0100 > +Subject: wireguard: introduce 'nohostroute' option > + > +Use a new config option 'nohostroute' to explicitely prevent creation > +of the route to the endpoint. > + > +Signed-off-by: Daniel Golle <daniel@makrotopia.org> > +[squashed with commit 1e8bb50, shorten commit message] > +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.net> > + > +diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh > +index 96fa7215ff..fb781070d6 100644 > +--- a/package/network/services/wireguard/files/wireguard.sh > ++++ b/package/network/services/wireguard/files/wireguard.sh > +@@ -114,6 +114,7 @@ proto_wireguard_setup() { > + config_get mtu "${config}" "mtu" > + config_get fwmark "${config}" "fwmark" > + config_get ip6prefix "${config}" "ip6prefix" > ++ config_get nohostroute "${config}" "nohostroute" > + > + # create interface > + ip link del dev "${config}" 2>/dev/null > +@@ -176,12 +177,14 @@ proto_wireguard_setup() { > + done > + > + # endpoint dependency > +- wg show "${config}" endpoints | \ > +- sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ > +- while IFS=$'\t ' read -r key address port; do > +- [ -n "${port}" ] || continue > +- proto_add_host_dependency "${config}" "${address}" > +- done > ++ if [ "${nohostroute}" != "1" ]; then > ++ wg show "${config}" endpoints | \ > ++ sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ > ++ while IFS=$'\t ' read -r key address port; do > ++ [ -n "${port}" ] || continue > ++ proto_add_host_dependency "${config}" "${address}" > ++ done > ++ fi > + > + proto_send_update "${config}" > + } > +-- > +2.11.0 > + >
Hi Adrian, Reviewed-by: Robert Langhammer <rlanghammer@web.de> Am 24.05.19 um 13:00 schrieb Adrian Schmutzler: > When using IPv6 addresses (or DNS which has AAAA record) as endpoint, > add_host_dependency fails for some reason which causes the wireguard > interface to disappear. > > This patch backports an option from OpenWrt master, where > host_dependency can be disabled by adding 'option nohostroute 1' > to the interface. > > This is an alternate approach based on the work of Fabian Bläse. > > Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> > --- > ...01-wireguard-introduce-nohostroute-option.patch | 47 ++++++++++++++++++++++ > 1 file changed, 47 insertions(+) > create mode 100644 build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch > > diff --git a/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch > new file mode 100644 > index 00000000..09d43ddc > --- /dev/null > +++ b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch > @@ -0,0 +1,47 @@ > +From: Daniel Golle <daniel@makrotopia.org> > +Date: Tue, 19 Mar 2019 16:47:17 +0100 > +Subject: wireguard: introduce 'nohostroute' option > + > +Use a new config option 'nohostroute' to explicitely prevent creation > +of the route to the endpoint. > + > +Signed-off-by: Daniel Golle <daniel@makrotopia.org> > +[squashed with commit 1e8bb50, shorten commit message] > +Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.net> > + > +diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh > +index 96fa7215ff..fb781070d6 100644 > +--- a/package/network/services/wireguard/files/wireguard.sh > ++++ b/package/network/services/wireguard/files/wireguard.sh > +@@ -114,6 +114,7 @@ proto_wireguard_setup() { > + config_get mtu "${config}" "mtu" > + config_get fwmark "${config}" "fwmark" > + config_get ip6prefix "${config}" "ip6prefix" > ++ config_get nohostroute "${config}" "nohostroute" > + > + # create interface > + ip link del dev "${config}" 2>/dev/null > +@@ -176,12 +177,14 @@ proto_wireguard_setup() { > + done > + > + # endpoint dependency > +- wg show "${config}" endpoints | \ > +- sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ > +- while IFS=$'\t ' read -r key address port; do > +- [ -n "${port}" ] || continue > +- proto_add_host_dependency "${config}" "${address}" > +- done > ++ if [ "${nohostroute}" != "1" ]; then > ++ wg show "${config}" endpoints | \ > ++ sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ > ++ while IFS=$'\t ' read -r key address port; do > ++ [ -n "${port}" ] || continue > ++ proto_add_host_dependency "${config}" "${address}" > ++ done > ++ fi > + > + proto_send_update "${config}" > + } > +-- > +2.11.0 > +
applied.
When using IPv6 addresses (or DNS which has AAAA record) as endpoint, add_host_dependency fails for some reason which causes the wireguard interface to disappear. This patch backports an option from OpenWrt master, where host_dependency can be disabled by adding 'option nohostroute 1' to the interface. This is an alternate approach based on the work of Fabian Bläse. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> --- ...01-wireguard-introduce-nohostroute-option.patch | 47 ++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch