From 361437f82984effc7408d4428cd6c89855163de4 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sat, 26 Apr 2025 14:25:27 +0200 Subject: [PATCH] wireguard: Support having a local IP address This is what we need to support VPN providers. Signed-off-by: Michael Tremer --- config/cfgroot/wireguard-functions.pl | 3 ++- html/cgi-bin/wireguard.cgi | 9 +++++++++ src/initscripts/system/wireguard | 13 +++++++++++-- 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/config/cfgroot/wireguard-functions.pl b/config/cfgroot/wireguard-functions.pl index 909b33a29..53e8f1a38 100644 --- a/config/cfgroot/wireguard-functions.pl +++ b/config/cfgroot/wireguard-functions.pl @@ -190,6 +190,7 @@ sub load_peer($) { "LOCAL_SUBNETS" => &decode_subnets($peers{$key}[10]), "PSK" => $peers{$key}[11], "KEEPALIVE" => $peers{$key}[12], + "LOCAL_ADDRESS" => $peers{$key}[13], "INTERFACE" => ($type eq "host") ? "wg0" : "wg${key}", ); @@ -506,7 +507,7 @@ sub parse_configuration($$) { # Address if ($key eq "Address") { if (&Network::check_ip_address($val)) { - $peer{'CLIENT_ADDRESS'} = $val; + $peer{'LOCAL_ADDRESS'} = $val; } else { push(@errormessages, $Lang::tr{'invalid ip address'}); } diff --git a/html/cgi-bin/wireguard.cgi b/html/cgi-bin/wireguard.cgi index e8836439d..2bef8dcde 100644 --- a/html/cgi-bin/wireguard.cgi +++ b/html/cgi-bin/wireguard.cgi @@ -153,6 +153,7 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { "LOCAL_SUBNETS" => join(", ", @$local_subnets), "PSK" => $Wireguard::peers{$key}[11], "KEEPALIVE" => $Wireguard::peers{$key}[12], + "LOCAL_ADDRESS" => $Wireguard::peers{$key}[13], ); # Jump to the editor @@ -221,6 +222,8 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { $peer->{"PSK"}, # 12 = Keepalive $peer->{"KEEPALIVE"} || $Wireguard::DEFAULT_KEEPALIVE, + # 13 = Local Address + $peer->{"LOCAL_ADDRESS"}, ]; # Store the configuration @@ -338,6 +341,8 @@ if ($cgiparams{"ACTION"} eq $Lang::tr{'save'}) { $psk, # 12 = Keepalive $Wireguard::DEFAULT_KEEPALIVE, + # 13 = Local Address + "", ]; # Store the configuration @@ -521,6 +526,8 @@ END $cgiparams{"PSK"} || "", # 12 = Keepalive $cgiparams{"KEEPALIVE"} || 0, + # 13 = Local Address + "", ]; # Store the configuration @@ -634,6 +641,8 @@ END $cgiparams{"PSK"}, # 12 = Keepalive 0, + # 13 = Local Address + "", ]; # Store the configuration diff --git a/src/initscripts/system/wireguard b/src/initscripts/system/wireguard index 9321b09c4..d8c869b9d 100644 --- a/src/initscripts/system/wireguard +++ b/src/initscripts/system/wireguard @@ -148,6 +148,7 @@ generate_config() { local local_subnets local psk local keepalive + local local_address local _rest # Handles the special case of the RW interface @@ -166,7 +167,7 @@ generate_config() { fi while read -r id enabled type name pubkey privkey port endpoint_addr endpoint_port \ - remote_subnets remarks local_subnets psk keepalive _rest; do + remote_subnets remarks local_subnets psk keepalive local_address _rest; do # Skip peers that are not hosts or not enabled [ "${type}" = "host" ] || continue [ "${enabled}" = "on" ] || continue @@ -194,7 +195,7 @@ generate_config() { local remote_subnet while read -r id enabled type name pubkey privkey port endpoint_addr endpoint_port \ - remote_subnets remarks local_subnets psk keepalive _rest; do + remote_subnets remarks local_subnets psk keepalive local_address _rest; do # Check for the matching connection [ "${type}" = "net" ] || continue [ "${intf}" = "wg${id}" ] || continue @@ -205,6 +206,14 @@ generate_config() { # Update the interface alias ip link set "${intf}" alias "${name}" + # Flush any addresses + ip addr flush dev "${intf}" + + # Assign the local address + if [ -n "${local_address}" ]; then + ip addr add "${local_address}" dev "${intf}" + fi + echo "[Interface]" if [ -n "${privkey}" ]; then -- 2.39.5