- local config="$1"
- local wg_dir="/tmp/wireguard"
- local wg_cfg="${wg_dir}/${config}"
-
- local private_key
- local listen_port
- local mtu
-
- # load configuration
- config_load network
- config_get private_key "${config}" "private_key"
- config_get listen_port "${config}" "listen_port"
- config_get addresses "${config}" "addresses"
- config_get mtu "${config}" "mtu"
- config_get fwmark "${config}" "fwmark"
- config_get ip6prefix "${config}" "ip6prefix"
-
- # create interface
- ip link del dev "${config}" 2>/dev/null
- ip link add dev "${config}" type wireguard
-
- if [ "${mtu}" ]; then
- ip link set mtu "${mtu}" dev "${config}"
- fi
-
- proto_init_update "${config}" 1
-
- # generate configuration file
- umask 077
- mkdir -p "${wg_dir}"
- echo "[Interface]" > "${wg_cfg}"
- echo "PrivateKey=${private_key}" >> "${wg_cfg}"
- if [ "${listen_port}" ]; then
- echo "ListenPort=${listen_port}" >> "${wg_cfg}"
- fi
- if [ "${fwmark}" ]; then
- echo "FwMark=${fwmark}" >> "${wg_cfg}"
- fi
- config_foreach proto_wireguard_setup_peer "wireguard_${config}"
-
- # apply configuration file
- ${WG} setconf ${config} "${wg_cfg}"
- WG_RETURN=$?
-
- # delete configuration file
- rm -f "${wg_cfg}"
-
- # check status
- if [ ${WG_RETURN} -ne 0 ]; then
- sleep 5
- proto_setup_failed "${config}"
- exit 1
- fi
-
- # add ip addresses
- for address in ${addresses}; do
- case "${address}" in
- *:*/*)
- proto_add_ipv6_address "${address%%/*}" "${address##*/}"
- ;;
- *.*/*)
- proto_add_ipv4_address "${address%%/*}" "${address##*/}"
- ;;
- *:*)
- proto_add_ipv6_address "${address%%/*}" "128"
- ;;
- *.*)
- proto_add_ipv4_address "${address%%/*}" "32"
- ;;
- esac
- done
-
- # support ip6 prefixes
- for prefix in ${ip6prefix}; do
- proto_add_ipv6_prefix "$prefix"
- done
-
- # endpoint dependency
- wg show "${config}" endpoints | \
- sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
- while IFS=$'\t ' read -r key address port; do
- [ -n "${port}" ] || continue
- proto_add_host_dependency "${config}" "${address}"
- done
-
- proto_send_update "${config}"
+ local config="$1"
+ local wg_dir="/tmp/wireguard"
+ local wg_cfg="${wg_dir}/${config}"
+
+ local private_key
+ local listen_port
+ local mtu
+
+ config_load network
+ config_get private_key "${config}" "private_key"
+ config_get listen_port "${config}" "listen_port"
+ config_get addresses "${config}" "addresses"
+ config_get mtu "${config}" "mtu"
+ config_get fwmark "${config}" "fwmark"
+ config_get ip6prefix "${config}" "ip6prefix"
+ config_get nohostroute "${config}" "nohostroute"
+
+ ip link del dev "${config}" 2>/dev/null
+ ip link add dev "${config}" type wireguard
+
+ if [ "${mtu}" ]; then
+ ip link set mtu "${mtu}" dev "${config}"
+ fi
+
+ proto_init_update "${config}" 1
+
+ umask 077
+ mkdir -p "${wg_dir}"
+ echo "[Interface]" > "${wg_cfg}"
+ echo "PrivateKey=${private_key}" >> "${wg_cfg}"
+ if [ "${listen_port}" ]; then
+ echo "ListenPort=${listen_port}" >> "${wg_cfg}"
+ fi
+ if [ "${fwmark}" ]; then
+ echo "FwMark=${fwmark}" >> "${wg_cfg}"
+ fi
+ config_foreach proto_wireguard_setup_peer "wireguard_${config}"
+
+ # apply configuration file
+ ${WG} setconf ${config} "${wg_cfg}"
+ WG_RETURN=$?
+
+ rm -f "${wg_cfg}"
+
+ if [ ${WG_RETURN} -ne 0 ]; then
+ sleep 5
+ proto_setup_failed "${config}"
+ exit 1
+ fi
+
+ for address in ${addresses}; do
+ case "${address}" in
+ *:*/*)
+ proto_add_ipv6_address "${address%%/*}" "${address##*/}"
+ ;;
+ *.*/*)
+ proto_add_ipv4_address "${address%%/*}" "${address##*/}"
+ ;;
+ *:*)
+ proto_add_ipv6_address "${address%%/*}" "128"
+ ;;
+ *.*)
+ proto_add_ipv4_address "${address%%/*}" "32"
+ ;;
+ esac
+ done
+
+ for prefix in ${ip6prefix}; do
+ proto_add_ipv6_prefix "$prefix"
+ done
+
+ # endpoint dependency
+ if [ "${nohostroute}" != "1" ]; then
+ wg show "${config}" endpoints | \
+ sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \
+ while IFS=$'\t ' read -r key address port; do
+ [ -n "${port}" ] || continue
+ proto_add_host_dependency "${config}" "${address}"
+ done
+ fi
+
+ proto_send_update "${config}"