Hi Michael,
On 26/05/2025 15:43, Michael Tremer wrote:
Hello,
On 26 May 2025, at 13:10, Adolf Belka <[email protected]> wrote:
Hi Michael,
On 26/05/2025 12:12, Michael Tremer wrote:
Hello Adolf,
Thank you for this patch.
I have made some further changes to this, but in essence I agree with it:
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=c29a07b2ee505811a6cd78ca643bf816beb77375
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=9f1f3da8f5866098177edd68ef50b238a3dadf6a
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=8277dec16614df36ed0bd6f687ce244c2d243c62
(not too related)
https://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff;h=c00e6e49c3cd0ba0fa3826539c251d757f41bc9a
Those all look good changes. I just copied the existing code for the IPSec line
and then edited parts to be for wireguard.
And this worked absolutely fine.
I just wanted to make sure that we use the functions we have so that we can
have the logic in one place only. Wireguard should then become much easier to
maintain and extend later.
Should we also add the N2N connections?
Yes, but I would again just copy the IPSec section and see what looked like it
needed to be changed to work for wireguard as I don't fully understand all the
code being used.
If anyone else wants to do the changes, I don't have any problems. I won't try
anything anyway until I have a working wireguard n2n connection.
I have just been able to get an IPSec N2N connection working which took me a
few days. So wireguard is next on the list. Then when I have a working n2n
connection I can use that to test any changes I would make to index.cgi
As I would just copy/paste/edit the IPSec block of code it might well be that I
end up with something that needs to be further modified, although the enabled
check I will now try and remember for other changes.
I can look at implementing this.
I just wanted to make sure we want this. I don’t want the index.cgi page to
become too slow (it is already one of the slowest ones we have) and I don’t
want it to become too long.
Ah I had misunderstood you. I don't have a problem not having the wireguard N2N
connections on the index.cgi page. You can see the status on the individual
pages for IPSec, OpenVPN and WireGuard.
If the decision is to not put WireGuard on that page, then I think IPSec and
OpenVPN could also be removed. That would then be self consistent and should
further help with any speed issues of that page.
Regards,
Adolf.
-Michael
Regards,
Adolf.
-Michael
On 25 May 2025, at 12:35, Adolf Belka <[email protected]> wrote:
- This fix adds a wireguard line to show when it is enabled.
- This fix does not show a table for any net2net connections that are enabled.
I have
started working on that but as I only have an OpenVPN n2n connection in
place, I can't
test out the copy of the ipsec n2n code section that I have made. I need to
get ipsec
and wireguard n2n connections working first.
- If someone else wants to provide a patch for the wireguard n2n connections
tables I have
no problems with that. If not then I will submit one when I have been able
to test it.
Tested-by: Adolf Belka <[email protected]>
Signed-off-by: Adolf Belka <[email protected]>
---
html/cgi-bin/index.cgi | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi
index d9c74ce7f..e28629cc9 100644
--- a/html/cgi-bin/index.cgi
+++ b/html/cgi-bin/index.cgi
@@ -2,7 +2,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2023 IPFire Team <[email protected]> #
+# Copyright (C) 2007-2025 IPFire Team <[email protected]> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -39,6 +39,7 @@ my %netsettings=();
my %ddnssettings=();
my %proxysettings=();
my %vpnsettings=();
+my %wgsettings=();
my %vpnconfig=();
my %ovpnconfig=();
my $warnmessage = '';
@@ -60,6 +61,7 @@ $pppsettings{'PROFILENAME'} = 'None';
&General::readhash("${General::swroot}/ddns/settings", \%ddnssettings);
&General::readhash("${General::swroot}/proxy/advanced/settings",
\%proxysettings);
&General::readhash("${General::swroot}/vpn/settings", \%vpnsettings);
+&General::readhash("${General::swroot}/wireguard/settings", \%wgsettings);
my %color = ();
my %mainsettings = ();
@@ -369,7 +371,21 @@ print <<END;
<td style='width:45%; text-align:center;
color:$Header::colourgreen;'>Online</td>
</tr>
END
- }
+}
+
+#check if WireGuard is running
+if ( $wgsettings{'ENABLED'} eq 'on' ) {
+print<<END;
+ <tr>
+ <td style='width:25%; text-align:center; background-color:$Header::colourwg;'>
+ <a href='/cgi-bin/wireguard.cgi'
style='color:white'><b>$Lang::tr{'wg'}</b></a>
+ </td>
+ <td style='width:30%; text-align:center;'></td>
+ <td style='width:45%; text-align:center;
color:$Header::colourgreen;'>Online</td>
+ </tr>
+END
+}
+
print"</table>";
&Header::closesection();
--
2.49.0
