From patchwork Mon Feb 19 18:54:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Huehn X-Patchwork-Id: 875276 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="Fm62w5/g"; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zlXxL6n3Yz9s08 for ; Tue, 20 Feb 2018 05:55:02 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Subject:Message-Id: Date:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=RS91QOVzCpijzROdZn/cXL4kWUfIQgWRWHnXZFJk/70=; b=Fm62w5/g8oQcvx OEw8lT2243aKpKr4qyOI90p3ZFj8r9ciCuCcyPgRLRf7NWfIYg9ka/AB6NKFruK7fJb8b4JW9SSV5 S03ZgEeg/pIJdBjm0UAptscoO+lOIHEdafPUlO3/6X6L+OIoypVLDMU2Gk3d9cUYaLLLTG6WfljHw i2d/aTpHKXx2adrvJJkTbN2mY1Sg0DD/Ivp3aUqX6iE0RZBexf82mw9WTXcdUvw8gGE1tXah9ofGu iMcMJp43GEHXSGc+hpF9hZPIY2vkXlP0B6yW7MPPhRuSUNB6Zn651KUJvQT8hXSdDeIx97y4uPIbU CdHbdUyncmWw6NHr69fg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux)) id 1enqaN-0001Xo-HT; Mon, 19 Feb 2018 18:54:47 +0000 Received: from mail1.net.t-labs.tu-berlin.de ([2001:638:809:ff11:130:149:220:242] helo=mail.net.t-labs.tu-berlin.de) by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux)) id 1enqaJ-0001WT-Bg for lede-dev@lists.infradead.org; Mon, 19 Feb 2018 18:54:45 +0000 Received: from BluseBluesMBP7.lan (static-5-102-161-62.net.encoline.de [5.102.161.62]) by mail.net.t-labs.tu-berlin.de (Postfix) with ESMTPSA id 9B2DD29C; Mon, 19 Feb 2018 19:54:18 +0100 (CET) From: Thomas Huehn To: lede-dev@lists.infradead.org Date: Mon, 19 Feb 2018 19:54:17 +0100 Message-Id: <20180219185417.19574-1-thomas@net.t-labs.tu-berlin.de> X-Mailer: git-send-email 2.16.2 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20180219_105443_602465_B5C0695D X-CRM114-Status: UNSURE ( 9.27 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -1.9 (-) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (-1.9 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] Subject: [LEDE-DEV] [PATCH] wireguard: add distinction for remote and local endpoint ip X-BeenThere: lede-dev@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thomas@net.t-labs.tu-berlin.de MIME-Version: 1.0 Sender: "Lede-dev" Errors-To: lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org This patch fixes a bug when someone tries to set up a Wireguard tunnel to an endpoint where its ip belongs to a local subnet, e.g. in a Freifunk olsr mesh. The call of proto_add_host_dependency() is just needed in cases where the endpoint is reachable via a default gateway but not in such cases where the endpoint is part of a local subnet. Signed-off-by: Thomas Huehn --- package/network/services/wireguard/files/wireguard.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh index 7b18a2e0ecdb..36ed80d9e7aa 100644 --- a/package/network/services/wireguard/files/wireguard.sh +++ b/package/network/services/wireguard/files/wireguard.sh @@ -16,6 +16,10 @@ fi init_proto "$@" } +is_remote_ip() { + ip route get $1 | grep "via $(ip route | grep -m1 default | cut -d" " -f3)" +} + proto_wireguard_init_config() { proto_config_add_string "private_key" @@ -174,7 +178,9 @@ proto_wireguard_setup() { sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ while IFS=$'\t ' read -r key address port; do [ -n "${port}" ] || continue - proto_add_host_dependency "${config}" "${address}" + is_remote_ip ${address} && { + logger -t Wireguard "no local route to endpoint - call proto_add_host_dependency()" + proto_add_host_dependency "${config}" "${address}" done proto_send_update "${config}"