Hi,

it appears that wg-quick is not provided for OpenWRT/LEDE.

The reason is not really clear to me. As far I understand wg-quick depends on BASH whilst the default shell in OpenWRT/LEDE is ASH.

This however can be easily remidied by installing the BASH package from the OpenWRT/LEDE repo.

OpenWRT/LEDE is utilising netifd for network configuration which is lacking th3 versatility of wg-quick with there script snippets

PRE_UP=( )
POST_UP=( )
PRE_DOWN=( )
POST_DOWN=( )

Is there a way to get those script snippets working in OpenWRT/LEDE as such is required in dynamic/split/kill-switch routing scenarios.

OpenVPN provides a similar script functionality which is however not stripped on the OpenWRT/LEDE repo, respectively it does not require an extra tool package. I find it rather curious that the aforementioned script snippets are not part of wg but rather implemented in wg-quick which then is absent from OpenWRT/LEDE.

From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: vtol@gmx.net Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id ec7bb278 for ; Tue, 3 Apr 2018 16:20:29 +0000 (UTC) Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 8f6615e1 for ; Tue, 3 Apr 2018 16:20:28 +0000 (UTC) MIME-Version: 1.0 Message-ID: From: vtol@gmx.net To: wireguard@lists.zx2c4.com Subject: Aw: wg-quick (script snippets) for OpenWRT/LEDE Content-Type: text/plain; charset=UTF-8 Date: Tue, 3 Apr 2018 18:33:22 +0200 List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , I am a bit slow with the plain text formatting=2E=2E=2E Traced this https://lists=2Ezx2c4=2Ecom/pipermail/wireguard/2017-January/0= 00935=2Ehtml back from JAN 2017=2E The BASH package https://github=2Ecom/openwrt/packages/commits/master/util= s/bash/patches[https://github=2Ecom/openwrt/packages/commits/master/utils/b= ash/patches] is available in OpenWRT since at least AUG/SEPT 2014 and could= be installed as dependency to wg-quick=2E How to get wg-quick manually installed into (working in) OpenWRT after hav= ing installed their BASH package? =C2=A0 =C2=A0 From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: vtol@gmx.net Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id f64f9254 for ; Sun, 8 Apr 2018 20:31:37 +0000 (UTC) Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id d566b80c for ; Sun, 8 Apr 2018 20:31:36 +0000 (UTC) Received: from [192.168.112.218] ([134.101.165.88]) by mail.gmx.com (mrgmx103 [212.227.17.168]) with ESMTPSA (Nemesis) id 0MWTSA-1exzmI3Dgo-00Xcm8 for ; Sun, 08 Apr 2018 22:45:08 +0200 Subject: wg-quick (script snippets) for OpenWRT/LEDE From: =?UTF-8?B?0b3SieG2rOG4s+KEoA==?= To: wireguard@lists.zx2c4.com References: Message-ID: <95038a29-4c99-1c96-111f-5cc4ead86bcc@gmx.net> Date: Sun, 8 Apr 2018 22:45:07 +0200 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Since I was explicitly directed to this mailing list I has hoped for=20 some input from the developers or perhaps other users of WG. Thus I am=20 bit at a loss at the scarcity of a response. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: yszhou4tech@gmail.com Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id eb6a169a for ; Mon, 9 Apr 2018 02:52:07 +0000 (UTC) Received: from mail-yb0-f174.google.com (mail-yb0-f174.google.com [209.85.213.174]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 0bfafd32 for ; Mon, 9 Apr 2018 02:52:07 +0000 (UTC) Received: by mail-yb0-f174.google.com with SMTP id c1-v6so2524319ybm.2 for ; Sun, 08 Apr 2018 20:05:42 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: Yousong Zhou Date: Mon, 9 Apr 2018 11:05:22 +0800 Message-ID: Subject: Re: wg-quick (script snippets) for OpenWRT/LEDE To: vtol@gmx.net Content-Type: text/plain; charset="UTF-8" Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On 3 April 2018 at 23:19, wrote: > Hi, > > it appears that wg-quick is not provided for OpenWRT/LEDE. > > The reason is not really clear to me. As far I understand wg-quick depends > on BASH whilst the default shell in OpenWRT/LEDE is ASH. > This however can be easily remidied by installing the BASH package from the > OpenWRT/LEDE repo. > > OpenWRT/LEDE is utilising netifd for network configuration which is lacking > th3 versatility of wg-quick with there script snippets > > PRE_UP=( ) > POST_UP=( ) > PRE_DOWN=( ) > POST_DOWN=( ) > POST_UP and POST_DOWN is possible with hotplug scripts in OpenWrt, but the PRE_xx callback is currently not possible. As a temporary workaround, you can try patching locally /lib/netifd/proto/wg.sh to achieve similar effects, or wrapping wg command with a script (hacky wacky way) > Is there a way to get those script snippets working in OpenWRT/LEDE as such > is required in dynamic/split/kill-switch routing scenarios. > Just try installing all those dependencies wg-quick requires, though after you know enough details about the wg-quick script, you may well just write your own stripped down version for your own needs. > OpenVPN provides a similar script functionality which is however not > stripped on the OpenWRT/LEDE repo, respectively it does not require an extra > tool package. I find it rather curious that the aforementioned script > snippets are not part of wg but rather implemented in wg-quick which then is > absent from OpenWRT/LEDE. > OpenVPN and WireGuard is different in this regard. OpenVPN has a daemon running while WireGuard depends on the network manager to do the maintenance things. yousong From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Jason@zx2c4.com Received: from krantz.zx2c4.com (localhost [127.0.0.1]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id f123ea3f for ; Fri, 13 Apr 2018 22:20:49 +0000 (UTC) Received: from frisell.zx2c4.com (frisell.zx2c4.com [192.95.5.64]) by krantz.zx2c4.com (ZX2C4 Mail Server) with ESMTP id d688bf2e for ; Fri, 13 Apr 2018 22:20:49 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTP id 34a34e78 for ; Fri, 13 Apr 2018 22:11:58 +0000 (UTC) Received: by frisell.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id f02b39d6 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128:NO) for ; Fri, 13 Apr 2018 22:11:57 +0000 (UTC) Received: by mail-ot0-f181.google.com with SMTP id a14-v6so11555844otf.6 for ; Fri, 13 Apr 2018 15:35:00 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: "Jason A. Donenfeld" Date: Sat, 14 Apr 2018 00:34:59 +0200 Message-ID: Subject: Re: wg-quick (script snippets) for OpenWRT/LEDE To: vtol@gmx.net Content-Type: text/plain; charset="UTF-8" Cc: WireGuard mailing list List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Hello vtol, OpenWRT has its own robust configuration system, which can do nice things like avoid circular routing. For that reason, the set of tricks that wg-quick uses are best avoided on those types of fully-managed systems. That's why it's not included in the package. Perhaps it should be, though, for people who would prefer to use quick ad-hoc VPNs? Have you tried running it with any success? As mentioned here, you may be able to replace some of the UP/DOWN hooks with hotplug scripts, or possibly other hooks that are part of the OpenWRT system. If nobody pipes up here, you might want to ask a generic question on the OpenWRT list about generally how to execute scripts on events in relation to network interfaces. Jason