the client config used by openwrt has something wrong

Question

the client config used by openwrt has something wrong

Closed this issue 4 years ago · 3 comments

root@racknerd-4afe10:~/wg# cat wgclient_wghub.uci.txt 
# 10: wghub > wgclient_wghub.uci.txt
config interface 'wg0'
        option proto 'wireguard'
        option listen_port '28894' //this port should be in peer section! the server side's port
        list addresses '10.x.x.x/24'
        list addresses '2001:470:x:x:1::10/112'
        list dns '1.1.1.1'
        list dns '2606:4700:4700::1111'
        option private_key ''
config wireguard_wg0
        option allowed_ips '0.0.0.0/0' //this should be list allow_ips........
        option route_allowed_ips '1'
        option endpoint_host 'x.x.x.x'
        option endpoint_port '28894' //this is correct
        option persistent_keepalive '25'
        option public_key ''
        option preshared_key ''

Answer 1 · 2020-11-26T14:06:06.000Z

option listen_port '28894' //this port should be in peer section! the server side's port

This makes the client listen on that port. It's perfectly fine in that part of the configuration. It doesn't belong to the pear configuration. Do you think it could be skipped?

option allowed_ips '0.0.0.0/0' //this should be list allow_ips

Yes, this is a bug and needs to be fixed. Thank you for catching that!

Answer 2 · 2020-11-26T14:39:00.000Z

Looks like option listen_port is not required for peers. I will remove it.

Answer 3 · 2020-11-26T17:30:13.000Z

and another question, do you noticed the rout table's difference between wg-quick and openwrt?
the openwrt add ::/0 and 0.0.0.0/0 all to main table, unlike wg-quick ,which uses ip rule, create table 51820 and make label to ip package. this is clear for me.

so I am puzzled with openwrt, the original rout table


root@OpenWrt:~# ip -4 route show table main

default via 192.168.1.1 dev eth0.2 proto static src 192.168.1.181 
172.16.0.0/16 dev br-lan proto kernel scope link src 172.16.0.1 
192.168.1.0/24 dev eth0.2 proto kernel scope link src 192.168.1.181

if unlike wg-quick, ip rule label package, and ip route to using specific route, just add 0.0.0.0/0 to main table,
does "default via 192.168.1.1 dev eth0.2 proto static src 192.168.1.181" be replaced by "default dev wg0" after start wg0?because they are both in main table.
if replaced, the wireguard server's real ip will go through wg0, it is a cycle. so I'm confused:)