X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=net%2Fwireguard%2Ffiles%2Fwireguard.sh;h=7b18a2e0ecdb07cd5df2065661c71fd05fb37f93;hb=83a03d31cfe83da8cbd6bf937c449c439fb1475e;hp=2eb30242a664128a595c0b3d9bf5b7308715ce9e;hpb=99a3b34db3817d0fc4c5338d899ae9658f0d90cb;p=feed%2Fpackages.git

diff --git a/net/wireguard/files/wireguard.sh b/net/wireguard/files/wireguard.sh
index 2eb30242a6..7b18a2e0ec 100644
--- a/net/wireguard/files/wireguard.sh
+++ b/net/wireguard/files/wireguard.sh
@@ -21,7 +21,7 @@ proto_wireguard_init_config() {
   proto_config_add_string "private_key"
   proto_config_add_int    "listen_port"
   proto_config_add_int    "mtu"
-  proto_config_add_string "preshared_key"
+  proto_config_add_string "fwmark"
   available=1
   no_proto_task=1
 }
@@ -31,6 +31,7 @@ proto_wireguard_setup_peer() {
   local peer_config="$1"
 
   local public_key
+  local preshared_key
   local allowed_ips
   local route_allowed_ips
   local endpoint_host
@@ -38,6 +39,7 @@ proto_wireguard_setup_peer() {
   local persistent_keepalive
 
   config_get      public_key           "${peer_config}" "public_key"
+  config_get      preshared_key        "${peer_config}" "preshared_key"
   config_get      allowed_ips          "${peer_config}" "allowed_ips"
   config_get_bool route_allowed_ips    "${peer_config}" "route_allowed_ips" 0
   config_get      endpoint_host        "${peer_config}" "endpoint_host"
@@ -47,6 +49,9 @@ proto_wireguard_setup_peer() {
   # peer configuration
   echo "[Peer]"                                         >> "${wg_cfg}"
   echo "PublicKey=${public_key}"                        >> "${wg_cfg}"
+  if [ "${preshared_key}" ]; then
+    echo "PresharedKey=${preshared_key}"                >> "${wg_cfg}"
+  fi
   for allowed_ip in $allowed_ips; do
     echo "AllowedIPs=${allowed_ip}"                     >> "${wg_cfg}"
   done
@@ -77,9 +82,15 @@ proto_wireguard_setup_peer() {
         *:*/*)
           proto_add_ipv6_route "${allowed_ip%%/*}" "${allowed_ip##*/}"
         ;;
-        */*)
+        *.*/*)
           proto_add_ipv4_route "${allowed_ip%%/*}" "${allowed_ip##*/}"
         ;;
+        *:*)
+          proto_add_ipv6_route "${allowed_ip%%/*}" "128"
+        ;;
+        *.*)
+          proto_add_ipv4_route "${allowed_ip%%/*}" "32"
+        ;;
       esac
     done
   fi
@@ -94,7 +105,6 @@ proto_wireguard_setup() {
   local private_key
   local listen_port
   local mtu
-  local preshared_key
 
   # load configuration
   config_load network
@@ -102,7 +112,7 @@ proto_wireguard_setup() {
   config_get listen_port   "${config}" "listen_port"
   config_get addresses     "${config}" "addresses"
   config_get mtu           "${config}" "mtu"
-  config_get preshared_key "${config}" "preshared_key"
+  config_get fwmark        "${config}" "fwmark"
 
   # create interface
   ip link del dev "${config}" 2>/dev/null
@@ -122,8 +132,8 @@ proto_wireguard_setup() {
   if [ "${listen_port}" ]; then
     echo "ListenPort=${listen_port}"     >> "${wg_cfg}"
   fi
-  if [ "${preshared_key}" ]; then
-    echo "PresharedKey=${preshared_key}" >> "${wg_cfg}"
+  if [ "${fwmark}" ]; then
+    echo "FwMark=${fwmark}" >> "${wg_cfg}"
   fi
   config_foreach proto_wireguard_setup_peer "wireguard_${config}"
 
@@ -164,7 +174,6 @@ proto_wireguard_setup() {
     sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
     while IFS=$'\t ' read -r key address port; do
     [ -n "${port}" ] || continue
-    echo "adding host depedency for ${address} at ${config}"
     proto_add_host_dependency "${config}" "${address}"
   done