[OpenWrt-Devel] [PATCH] wireguard: fix reload config on peer change
Florian Eckert
fe at dev.tdt.de
Fri Nov 29 08:36:17 EST 2019
If we change a peer section, then the interface of netifd gets not
reloaded. Because the change were not made in an interface section.
And so the netifd does not recognize the change. And the new config gets
not applied until we do a network restart or we restart the interface
with 'ifup <name>'.
With this new wireguard init script, a md5sum will be calculated on
every network change. The sum is generated over the wireguard peers for
each wireguard interface. If a change in the peers section gets detected
then only the detecated wireguard interface gets restarted.
With this change we can see if the peer section has changed to the
corresponding interface. The wireguard configuration is rewritten and
reconfigured by the netif proto handler.
Signed-off-by: Florian Eckert <fe at dev.tdt.de>
---
package/network/services/wireguard/Makefile | 2 +
.../services/wireguard/files/wireguard.init | 49 +++++++++++++++++++
2 files changed, 51 insertions(+)
create mode 100644 package/network/services/wireguard/files/wireguard.init
diff --git a/package/network/services/wireguard/Makefile b/package/network/services/wireguard/Makefile
index ea34b7550b..d78fcfface 100644
--- a/package/network/services/wireguard/Makefile
+++ b/package/network/services/wireguard/Makefile
@@ -93,6 +93,8 @@ define Package/wireguard-tools/install
$(INSTALL_BIN) ./files/wireguard_watchdog $(1)/usr/bin/
$(INSTALL_DIR) $(1)/lib/netifd/proto/
$(INSTALL_BIN) ./files/wireguard.sh $(1)/lib/netifd/proto/
+ $(INSTALL_DIR) $(1)/etc/init.d/
+ $(INSTALL_BIN) ./files/wireguard.init $(1)/etc/init.d/wireguard
endef
define KernelPackage/wireguard
diff --git a/package/network/services/wireguard/files/wireguard.init b/package/network/services/wireguard/files/wireguard.init
new file mode 100644
index 0000000000..24569752b4
--- /dev/null
+++ b/package/network/services/wireguard/files/wireguard.init
@@ -0,0 +1,49 @@
+#!/bin/sh /etc/rc.common
+
+START=80
+USE_PROCD=1
+
+WG_DIR="/tmp/wireguard"
+
+wireguard_check_peer(){
+ local cfg="${1}"
+ local cfile="${2}"
+
+ uci show "network.${cfg}" >> "${cfile}"
+}
+
+wireguard_check_interface() {
+ local cfg="${1}"
+ local proto cfile n_sum o_sum
+
+ config_get proto "${cfg}" proto
+ [ "${proto}" = "wireguard" ] || return 0
+ cfile="$(mktemp -p "${WG_DIR}")"
+ config_foreach wireguard_check_peer "wireguard_${1}" "${cfile}"
+
+ . /lib/functions/network.sh
+
+ n_sum="$(md5sum "${cfile}" | cut -d" " -f1)"
+ rm -rf "${cfile}"
+ [ -f "${WG_DIR}/${cfg}.check" ] && {
+ o_sum="$(cat "${WG_DIR}/${cfg}.check")"
+ [ "${o_sum}" != "${n_sum}" ] && {
+ network_is_up "${cfg}" && ifup "${cfg}"
+ }
+ }
+ echo "$n_sum" > "${WG_DIR}/${cfg}.check"
+}
+
+boot() {
+ config_load network
+ config_foreach wireguard_check_interface interface
+}
+
+service_triggers() {
+ procd_add_reload_trigger "network"
+}
+
+reload_service() {
+ config_load network
+ config_foreach wireguard_check_interface interface
+}
--
2.20.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list