This patch fixes a bug when someone tries to set up a Wireguard tunnel to an endpoint where its ip belongs to a local subnet, e.g. in a Freifunk olsr mesh. The call of proto_add_host_dependency() is just needed in cases where the endpoint is reachable via a default gateway but not in such cases where the endpoint is part of a local subnet.
Signed-off-by: Thomas Huehn <tho...@net.t-labs.tu-berlin.de> --- package/network/services/wireguard/files/wireguard.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh index 7b18a2e0ecdb..36ed80d9e7aa 100644 --- a/package/network/services/wireguard/files/wireguard.sh +++ b/package/network/services/wireguard/files/wireguard.sh @@ -16,6 +16,10 @@ fi init_proto "$@" } +is_remote_ip() { + ip route get $1 | grep "via $(ip route | grep -m1 default | cut -d" " -f3)" +} + proto_wireguard_init_config() { proto_config_add_string "private_key" @@ -174,7 +178,9 @@ proto_wireguard_setup() { sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ while IFS=$'\t ' read -r key address port; do [ -n "${port}" ] || continue - proto_add_host_dependency "${config}" "${address}" + is_remote_ip ${address} && { + logger -t Wireguard "no local route to endpoint - call proto_add_host_dependency()" + proto_add_host_dependency "${config}" "${address}" done proto_send_update "${config}" -- 2.16.2 _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev