OPNsense Forum

English Forums => Zenarmor (Sensei) => Topic started by: fields987 on March 31, 2021, 12:14:28 am

Title: OPNSense 21.1.4 and wg0 interface
Post by: fields987 on March 31, 2021, 12:14:28 am

I've already contacted Sunny Valley about this, but thought I'd post here also. After updating to 21.1.4, it appears that Sensei can't read the ip of my wg0 (Wireguard) interface. The packet engine wont start. At Sunny Valley's direction, I removed wg0 from protected interface, and the packet engine starts and runs fine. Looking through the archive logs, I can see where it reads the tunnel interface ip just in 21.1.3, but in 21.1.4, it fails and wont start the service.

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: sos_opnsense on March 31, 2021, 07:09:12 am

Yep - same issue here. Thanks for reporting it, and hopefully a fix appears soon, so my WG clients can have the benefits of sensei!

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: sy on March 31, 2021, 05:14:36 pm

Hi all,

We determined the problem and working on it. The patch will be shipped asap.

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: mb on March 31, 2021, 05:39:55 pm

Problem seems to be related to wg(4) on 21.1.4 is missing POINTTOPOINT interface flag. Sensei's interface initialization was reliant on this flag to determine if a particular interface is a point to point interface. I guess this change is due to the recent improvements to the wireguard subsystem.

We'll ship a package handling this case momentarily.

UPDATE: 1.8.2 packages built and awaiting final test results. Release planned for tomorrow.

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: fields987 on April 01, 2021, 08:17:56 pm

The 1.8.2 patch fixed the issue with the wg0 interface for me. Thanks for the quick turnaround!

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: mimugmail on April 01, 2021, 10:08:17 pm

Quote from: mb on March 31, 2021, 05:39:55 pm

Problem seems to be related to wg(4) on 21.1.4 is missing POINTTOPOINT interface flag. Sensei's interface initialization was reliant on this flag to determine if a particular interface is a point to point interface. I guess this change is due to the recent improvements to the wireguard subsystem.

We'll ship a package handling this case momentarily.

UPDATE: 1.8.2 packages built and awaiting final test results. Release planned for tomorrow.

Are you in touch with Franco and Jason about it?

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: mb on April 01, 2021, 11:55:14 pm

@mimugmail, no need for now. We've already shipped 1.8.2 handling this situation. New wg(4) does not seem to be a pointtopoint interface.

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: Giant850 on April 12, 2021, 04:32:51 pm

I'm using Sensei 1.8.2, with the WG0 kernel module and my network interface stats in Sensei isn't showing any packets in/out. Did 1.8.2 only fix it for user space WG and not kernel module WG?

Title: Re: OPNSense 21.1.4 and wg0 interface
Post by: mb on April 12, 2021, 08:00:29 pm

Hi @Giang850,

Please see this message:

https://forum.opnsense.org/index.php?topic=22577.msg107427#msg107427