Feature #11374
closed
WireGuard Status in GUI
0%
Description
A usability request:
WireGuard in 2.5.0devel is indeed very performant. I have been testing it in pfSense (as 'server') connected to by various 'mobile clients'.
It would be great to be able to get some sense of which clients are 'active' from the dashboard (and a possible status page - something akin to: Status / IPsec / Leases). I realize that WireGuard's approach to connections is different - but just knowing if a connection is in use (or significant use) would be very helpful. Perhaps just knowing if a connection is presently un-'dropped' would be enough.
Not sure what the best visualization approach to that would be for WireGuard. Perhaps a 'last seen' [so many] seconds ago column (with green colorization for some cutoff like: <15s).
Thank you for the superb colorization added to differentiate connected and disconnected clients in the IPSEC mobile dashboard widget (and Lease page) - it is clear, quickly appraisable, and much appreciated.
Updated by Jim Pingle about 3 years ago
- Subject changed from WireGuard Connection Tracking in GUI to WireGuard Status in GUI
- Category changed from Dashboard to WireGuard
- Target version set to Future
I agree that it would be nice but the WireGuard utility wg does not expose any of that information for us to use. There is no viable way to track any of that currently.
The only information we can get from the utility at the moment is the last known endpoint for a client, but without any kind of time context to make it meaningful.
That may become possible over time as the remaining features in the wg utility are completed on FreeBSD.
For example, most of the commands in wg return an error still:
: wg show latest-handshakes Unable to access interface: No such file or directory : wg show transfer Unable to access interface: No such file or directory : wg show peers Unable to access interface: No such file or directory : wg show dump Unable to access interface: No such file or directory
Updated by Jum Pers about 3 years ago
Thanks - completely understandable - perhaps as more wg features get exposed over time, some way of visually gauging whether a connection is active (more than just receiving keepalive packets) would be great.
Updated by Jim Pingle about 3 years ago
Current snapshot builds have a bit more info, but it's still limited in its usefulness since WireGuard is connectionless.
: wg show interface: wg0 public key: VBzLM57GLcW0guY2MQF8OZgI2HQKhAWqTE5qeMIANHo= private key: (hidden) listening port: 51820 peer: v1OAeOdAkIE2Yu8NLalb//nNMn/o8VLCgEqRw55ZMRU= endpoint: 198.51.100.15:51820 allowed ips: 2001:db8:1:ee90::/64, 2001:db8:1:ee91::1/64, 10.15.0.0/24, 10.15.210.1/32 latest handshake: 48 seconds ago transfer: 7.20 MiB received, 3.09 MiB sent
The specific subcommands (e.g. show peers) still do not function.
Updated by Yuri Weinstein over 2 years ago
Would you please consider adding WG to the Available Widgets as part of this ticket ?
Updated by Adam Cooper over 2 years ago
I believe between the status page and the dashboard widget this request is now satisfied.
Updated by Christian McDonald over 2 years ago
- Status changed from New to Closed
- Assignee set to Christian McDonald
- Target version deleted (
Future)