From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4b5cRk6VWNz30Hh for ; Mon, 26 May 2025 13:43:46 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4b5cRg31RQz2y1D for ; Mon, 26 May 2025 13:43:43 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4b5cRd1XXcz1VG; Mon, 26 May 2025 13:43:40 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1748267022; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WpT+2/1msBUmqFrOCQF4eTBapf7gjyxgf/npc+IyTu8=; b=KGuUDcSxCF7yGBYZGZmfvV3cPscdP1L+bdBuaR3rmAVBRv83dBTS7AvO+izhjcMazlODCb Qsbpz0qhSqmaD4Dg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1748267022; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WpT+2/1msBUmqFrOCQF4eTBapf7gjyxgf/npc+IyTu8=; b=II9+Vz35P0nmsp6oODSLGYYsSnJ+gfiTDiQTURwtyBro2f3QQQITQV459+rJtPWEEXLNl/ +oDvbZvmczqMIF40NBddHhkf+6KNWDIv7idZJ3DNW5MEsxR932bliVLW0cdXAiKYjBKSlq 8Zp4hHriiB4SfbJ3rgr1RIbEYcAeP0EMVVnJn1pmbIS/SWKmAioQat9sYBdRRIGZx8qA+h fG+L6qVjQFgqVwwAW6hmeylnAIhvJxIZBxN4BK7hXvawMUjweVu17qKtpolyfPSr7lvQFn D0HI/Mumw6594bloFzEQMytMSRC4cZsdBXwAILv9s32EK6cjkrwJWrf56oRETg== Content-Type: text/plain; charset=utf-8 Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: Mime-Version: 1.0 Subject: Re: [PATCH] index.cgi: Add wireguard status to home screen From: Michael Tremer In-Reply-To: Date: Mon, 26 May 2025 14:43:36 +0100 Cc: development@lists.ipfire.org Content-Transfer-Encoding: quoted-printable Message-Id: <1EA05C7D-F736-435C-91C3-B561BBED0F62@ipfire.org> References: <20250525113501.9516-1-adolf.belka@ipfire.org> To: Adolf Belka Hello, > On 26 May 2025, at 13:10, Adolf Belka wrote: >=20 > Hi Michael, >=20 > On 26/05/2025 12:12, Michael Tremer wrote: >> Hello Adolf, >> Thank you for this patch. >> I have made some further changes to this, but in essence I agree with = it: >> = https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommitdiff;h=3Dc29a07b2ee50= 5811a6cd78ca643bf816beb77375 >> = https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommitdiff;h=3D9f1f3da8f586= 6098177edd68ef50b238a3dadf6a >> = https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommitdiff;h=3D8277dec16614= df36ed0bd6f687ce244c2d243c62 (not too related) >> = https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommitdiff;h=3Dc00e6e49c3cd= 0ba0fa3826539c251d757f41bc9a >=20 > Those all look good changes. I just copied the existing code for the = IPSec line and then edited parts to be for wireguard. And this worked absolutely fine. I just wanted to make sure that we use the functions we have so that we = can have the logic in one place only. Wireguard should then become much = easier to maintain and extend later. >> Should we also add the N2N connections? >=20 > Yes, but I would again just copy the IPSec section and see what looked = like it needed to be changed to work for wireguard as I don't fully = understand all the code being used. >=20 > If anyone else wants to do the changes, I don't have any problems. I = won't try anything anyway until I have a working wireguard n2n = connection. >=20 > I have just been able to get an IPSec N2N connection working which = took me a few days. So wireguard is next on the list. Then when I have a = working n2n connection I can use that to test any changes I would make = to index.cgi >=20 > As I would just copy/paste/edit the IPSec block of code it might well = be that I end up with something that needs to be further modified, = although the enabled check I will now try and remember for other = changes. I can look at implementing this. I just wanted to make sure we want this. I don=E2=80=99t want the = index.cgi page to become too slow (it is already one of the slowest ones = we have) and I don=E2=80=99t want it to become too long. -Michael > Regards, > Adolf. >=20 >> -Michael >>> On 25 May 2025, at 12:35, Adolf Belka = wrote: >>>=20 >>> - This fix adds a wireguard line to show when it is enabled. >>> - This fix does not show a table for any net2net connections that = are enabled. I have >>> started working on that but as I only have an OpenVPN n2n = connection in place, I can't >>> test out the copy of the ipsec n2n code section that I have made. = I need to get ipsec >>> and wireguard n2n connections working first. >>> - If someone else wants to provide a patch for the wireguard n2n = connections tables I have >>> no problems with that. If not then I will submit one when I have = been able to test it. >>>=20 >>> Tested-by: Adolf Belka >>> Signed-off-by: Adolf Belka >>> --- >>> html/cgi-bin/index.cgi | 20 ++++++++++++++++++-- >>> 1 file changed, 18 insertions(+), 2 deletions(-) >>>=20 >>> diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi >>> index d9c74ce7f..e28629cc9 100644 >>> --- a/html/cgi-bin/index.cgi >>> +++ b/html/cgi-bin/index.cgi >>> @@ -2,7 +2,7 @@ >>> = ##########################################################################= ##### >>> # = # >>> # IPFire.org - A linux based firewall = # >>> -# Copyright (C) 2007-2023 IPFire Team = # >>> +# Copyright (C) 2007-2025 IPFire Team = # >>> # = # >>> # This program is free software: you can redistribute it and/or = modify # >>> # it under the terms of the GNU General Public License as published = by # >>> @@ -39,6 +39,7 @@ my %netsettings=3D(); >>> my %ddnssettings=3D(); >>> my %proxysettings=3D(); >>> my %vpnsettings=3D(); >>> +my %wgsettings=3D(); >>> my %vpnconfig=3D(); >>> my %ovpnconfig=3D(); >>> my $warnmessage =3D ''; >>> @@ -60,6 +61,7 @@ $pppsettings{'PROFILENAME'} =3D 'None'; >>> &General::readhash("${General::swroot}/ddns/settings", = \%ddnssettings); >>> &General::readhash("${General::swroot}/proxy/advanced/settings", = \%proxysettings); >>> &General::readhash("${General::swroot}/vpn/settings", = \%vpnsettings); >>> +&General::readhash("${General::swroot}/wireguard/settings", = \%wgsettings); >>>=20 >>> my %color =3D (); >>> my %mainsettings =3D (); >>> @@ -369,7 +371,21 @@ print <>> Online >>> >>> END >>> - } >>> +} >>> + >>> +#check if WireGuard is running >>> +if ( $wgsettings{'ENABLED'} eq 'on' ) { >>> +print<>> + >>> + >>> + $Lang::tr{'wg'} >>> + >>> + >>> + Online >>> + >>> +END >>> +} >>> + >>> print""; >>> &Header::closesection(); >>>=20 >>> --=20 >>> 2.49.0 >>>=20 >>>=20 >=20