Bug #14613
open
Incorrect wireguard control panel status management
Added by hao zhang over 1 year ago.
Updated 11 months ago.
Description
Wireguard can still be clicked on to start while in the boot state and is unresponsive when clicked on, making wireguard uncontrollable.
pfsense2.7
pfSense-pkg-WireGuard 0.2.0_2
Files
Meanwhile, in this state, although it shows that the peer is connected, it is not actually able to communicate
I reinstalled pfsense and ran into this problem again
I have 3 tunnel, 5 peers and each tunnel is assigned interface
When using wireguard, I installed it once and uninstalled it once, and after completing the wireguard configuration, restarting pfsense gives me this problem
Reinstalling wireguard in the plugin manager restores it
I do it manually with ssh
/usr/local/bin/php_wg -f /usr/local/pkg/wireguard/includes/wg_service.inc stop
then web UI can be controlled
I checked /var/run/wireguardd.pid before rebooting and it was 22536.
After that I rebooted the pfsense.
After reboot /var/run/wireguardd.pid changed to 52579 but the pid is not found in top.
And the process php_wg is not found.
But running /usr/local/bin/php_wg -f /usr/local/pkg/wireguard/includes/wg_service.inc start
The WireGuard service is already running.
So I'm assuming that wireguard is already running, but for some reason it crashed and the wireguard control program didn't recognize the state of wireguard correctly.
I checked wg_is_service_running() in /usr/local/pkg/wireguard/includes/wg_service.inc, and the $wouldblock of this function returns true when php_wg doesn't exist, and I found out that it's dpinger after fstat. The /var/run/wireguardd.pid is occupied.
But I can't find the reason why php_wg crashes on startup
I can't find any logs in the system logs, how do I turn on the wireguard logs?
After running
/usr/local/bin/php_wg -f /usr/local/pkg/wireguard/includes/wg_service.inc stop
fstat shows that /var/run/wireguardd.pid has been unoccupied
You can only enable wiregtuard by starting it in the web gui.
After starting with the script /usr/local/bin/php_wg -f /usr/local/pkg/wireguard/includes/wg_service.inc
Symptoms are the same as at startup, but I don't know php very well, so I can't find the actual call from web gui to start the wireguard process.
I'm guessing this is why the problem occurs.
I can get php_wg to work again as well as soon as I make a change to an interface within the gui. That fixes the wireguard gui as well. I can second that there is not much in the logs to shed any light on why php_wg is not starting even when triggered through the gui.
All our wireguard tunnels are associated with an interface as well. As soon as I remove the interfaces the error is gone as well. Unfortunately we need them in production though.
The error might affect 23.09 as well (refer to forum post).
The 2.7.2 bug seems to have been fixed. I upgraded from 2.7 to 2.7.2 and restarted. The bug did not recur. I will continue to observe this issue.
Also available in: Atom
PDF
Updated by 
Updated by 
