[OpenWrt-Devel] [PATCH v2] wireguard: fix interface remove for lonely peers
Florian Eckert
fe at dev.tdt.de
Thu Dec 5 05:58:05 EST 2019
When we delete a Wireguard interface, the associated peer sections are
not deleted. They remain in the network configuration.
This commit adds an init script, that triggers when the network
configuration file is changed.
For each change event, each Wireguard peer section is checked to see if
the corresponding wireguard interface section still exists. If this is not
the case, all wireguard peer sections for that interface are deleted.
Signed-off-by: Florian Eckert <fe at dev.tdt.de>
---
v2:
* update commit description
package/network/services/wireguard/Makefile | 2 ++
.../services/wireguard/files/wireguard.init | 31 +++++++++++++++++++
2 files changed, 33 insertions(+)
create mode 100644 package/network/services/wireguard/files/wireguard.init
diff --git a/package/network/services/wireguard/Makefile b/package/network/services/wireguard/Makefile
index ea34b7550b..d78fcfface 100644
--- a/package/network/services/wireguard/Makefile
+++ b/package/network/services/wireguard/Makefile
@@ -93,6 +93,8 @@ define Package/wireguard-tools/install
$(INSTALL_BIN) ./files/wireguard_watchdog $(1)/usr/bin/
$(INSTALL_DIR) $(1)/lib/netifd/proto/
$(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/
+ $(INSTALL_DIR) $(1)/etc/init.d/
+ $(INSTALL_BIN) ./files/wireguard.init $(1)/etc/init.d/wireguard
endef
define KernelPackage/wireguard
diff --git a/package/network/services/wireguard/files/wireguard.init b/package/network/services/wireguard/files/wireguard.init
new file mode 100644
index 0000000000..781d0839bc
--- /dev/null
+++ b/package/network/services/wireguard/files/wireguard.init
@@ -0,0 +1,31 @@
+#!/bin/sh /etc/rc.common
+
+START=80
+USE_PROCD=1
+
+service_triggers() {
+ procd_add_reload_trigger "network"
+}
+
+reload_service() {
+ # delete old peers of related wireguard interface
+ wireguard_check_peers
+}
+
+wireguard_check_peers() {
+ local iface peer
+
+ # get all wireguard peers
+ for peer in $(uci show network | grep =wireguard_); do
+ # extract peer section type
+ peer="${peer##*=}"
+ # extract interface name
+ iface="${peer#*_}"
+
+ # delete peer if iface is not present anymore
+ if ! uci -q show "network.${iface}" 1>/dev/null 2>/dev/null; then
+ uci -q delete "network.@${peer}[-1]"
+ uci commit network
+ fi
+ done
+}
--
2.20.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list