This patch fixes a bug when someone tries to set up a Wireguard tunnel
to an endpoint where its ip belongs to a local subnet, e.g. in a Freifunk
olsr mesh. The call of proto_add_host_dependency() is just needed in cases
where the endpoint is reachable via a default gateway but not in such cases
where the endpoint is part of a local subnet.
Signed-off-by: Thomas Huehn <tho...@net.t-labs.tu-berlin.de>
---
package/network/services/wireguard/files/wireguard.sh | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/package/network/services/wireguard/files/wireguard.sh
b/package/network/services/wireguard/files/wireguard.sh
index 7b18a2e0ecdb..36ed80d9e7aa 100644
--- a/package/network/services/wireguard/files/wireguard.sh
+++ b/package/network/services/wireguard/files/wireguard.sh
@@ -16,6 +16,10 @@ fi
init_proto "$@"
}
+is_remote_ip() {
+ ip route get $1 | grep "via $(ip route | grep -m1 default | cut -d" "
-f3)"
+}
+
proto_wireguard_init_config() {
proto_config_add_string "private_key"
@@ -174,7 +178,9 @@ proto_wireguard_setup() {
sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
while IFS=$'\t ' read -r key address port; do
[ -n "${port}" ] || continue
- proto_add_host_dependency "${config}" "${address}"
+ is_remote_ip ${address} && {
+ logger -t Wireguard "no local route to endpoint - call
proto_add_host_dependency()"
+ proto_add_host_dependency "${config}" "${address}"
done
proto_send_update "${config}"
--
2.16.2
_______________________________________________
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev
