Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - cdavis

Pages1
#1
General Discussion / Re: What is correct way to shutdown wireguard via cli?
January 22, 2024, 05:58:08 PM
Thanks, I will make a call to configctl in my script. wg-service-control.php allows for -a for all instances.

The wg-sevice-control.php script downs the wg interface, which I believe means that the following is not indicative of a specific instance being available for wg peers.
Code Select
/usr/local/sbin/pluginctl -s wireguard status


Using the below code to see if wg is listening on the configured UDP port indicates my script is now working as expected.
Code Select
sockstat -l -4

Thanks for your help!
#2
General Discussion / Re: What is correct way to shutdown wireguard via cli?
January 22, 2024, 04:35:47 PM
Thanks for the suggestion. I am not sure if I am doing something wrong or have a major misconfiguration. Even with the wg-service-control.php script wg remains running:

Code Select
root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/opnsense/scripts/Wireguard/wg-service-control.php -a stop
root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard status
wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267] is running.
#3
General Discussion / What is correct way to shutdown wireguard via cli?
January 22, 2024, 01:52:54 PM
I am trying to get wireguard to honor the CARP status of my interfaces. See https://forum.opnsense.org/index.php?topic=38103.0 for a description of my issues.

I am now trying to use a custom script in syshook.d/carp but pluginctl isn't working as I would expect. Wireguard is not stopping even though it is being requested. What is the proper way to shutdown wireguard from the cli?

Below is an example of what I am experiencing where I submit the command to shutdown wireguard but its status remains "running".

Code Select
root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard status
wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267] is running.

root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard stop
Service `wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267]' has been stopped.

root@OPNsenseMaster:/usr/local/etc/rc.syshook.d/carp # /usr/local/sbin/pluginctl -s wireguard status
wireguard[846d1fe6-cb46-4f32-8ca8-dcc31f9ff267] is running.
#4
High availability / After upgrade to 23.7.11 Wireguard won't run with Depend on (CARP) set
January 14, 2024, 02:47:50 AM
I have to set the Depend on (CARP) entry to None or Wireguard will not work. I'm not sure what logs will help but happy to provide more details.This worked before I upgraded to 23.7.11.

This shows screenshots with wg working and entry set to None:



And this shows wg down after setting Depends on (CARP) to the correct VIP entry:

Pages1