Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - cdavis

Pages: [1]

General Discussion / Re: What is correct way to shutdown wireguard via cli?

« on: January 22, 2024, 05:58:08 pm »

Thanks, I will make a call to configctl in my script. wg-service-control.php allows for -a for all instances.

The wg-sevice-control.php script downs the wg interface, which I believe means that the following is not indicative of a specific instance being available for wg peers.

Code: [Select]

/usr/local/sbin/pluginctl -s wireguard status

Using the below code to see if wg is listening on the configured UDP port indicates my script is now working as expected.

Code: [Select]

sockstat -l -4

Thanks for your help!

General Discussion / Re: What is correct way to shutdown wireguard via cli?

« on: January 22, 2024, 04:35:47 pm »

Thanks for the suggestion. I am not sure if I am doing something wrong or have a major misconfiguration. Even with the wg-service-control.php script wg remains running:

Code: [Select]

root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/opnsense/scripts/Wireguard/wg-service-control.php -a stop
root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard status
wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267] is running.

General Discussion / What is correct way to shutdown wireguard via cli?

« on: January 22, 2024, 01:52:54 pm »

I am trying to get wireguard to honor the CARP status of my interfaces. See https://forum.opnsense.org/index.php?topic=38103.0 for a description of my issues.

I am now trying to use a custom script in syshook.d/carp but pluginctl isn't working as I would expect. Wireguard is not stopping even though it is being requested. What is the proper way to shutdown wireguard from the cli?

Below is an example of what I am experiencing where I submit the command to shutdown wireguard but its status remains "running".

Code: [Select]

root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard status
wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267] is running.

root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard stop
Service `wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267]' has been stopped.

root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard status
wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267] is running.

High availability / After upgrade to 23.7.11 Wireguard won't run with Depend on (CARP) set

« on: January 14, 2024, 02:47:50 am »

I have to set the Depend on (CARP) entry to None or Wireguard will not work. I'm not sure what logs will help but happy to provide more details.This worked before I upgraded to 23.7.11.

This shows screenshots with wg working and entry set to None:

And this shows wg down after setting Depends on (CARP) to the correct VIP entry:

Pages: [1]