Re: [OpenWrt-Devel] [PATCH] wireguard: do not add host-dependencies if fwmark is set

Wed, 20 Mar 2019 01:32:32 -0700 

On Tue, 19 Mar 2019 at 23:53, Daniel Golle <dan...@makrotopia.org> wrote:
>
> The 'fwmark' option is used to define routing traffic to
> wireguard endpoints to go through specific routing tables.
> In that case it doesn't make sense to setup routes for
> host-dependencies in the 'main' table, so skip setting host
> dependencies if 'fwmark' is set.
>
> Signed-off-by: Daniel Golle <dan...@makrotopia.org>

I would suggest keeping the host route there.  The direct effect of
fwmark option is that traffic generated by wireguard will have that
mark.  The actual rules and routes will need to be setup by userspace.
If I understand it correctly, it's mainly for using wireguard as the
default route while not colliding with existing local lan routes and
dhcp processes (supress_prefixlength 0).  It fits in quite well across
different network managers.  OpenWrt has its own way of managing rules
and routes and does not depend on wg-quick script.  So in this context
I think the host dependency route fits specifically well in OpenWrt
environment ;)

Regards,
                yousong

> ---
>  .../network/services/wireguard/files/wireguard.sh  | 14 ++++++++------
>  1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/package/network/services/wireguard/files/wireguard.sh 
> b/package/network/services/wireguard/files/wireguard.sh
> index 96fa7215ff..58e47f9450 100644
> --- a/package/network/services/wireguard/files/wireguard.sh
> +++ b/package/network/services/wireguard/files/wireguard.sh
> @@ -176,12 +176,14 @@ proto_wireguard_setup() {
>    done
>
>    # endpoint dependency
> -  wg show "${config}" endpoints | \
> -    sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
> -    while IFS=$'\t ' read -r key address port; do
> -    [ -n "${port}" ] || continue
> -    proto_add_host_dependency "${config}" "${address}"
> -  done
> +  if [ ! "${fwmark}" ]; then
> +    wg show "${config}" endpoints | \
> +      sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
> +      while IFS=$'\t ' read -r key address port; do
> +      [ -n "${port}" ] || continue
> +      proto_add_host_dependency "${config}" "${address}"
> +    done
> +  fi
>
>    proto_send_update "${config}"
>  }
> --
> 2.21.0
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel@lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel

_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Reply via email to