Revision 729c4d55
Added by Steve Beaver over 4 years ago
| src/etc/inc/wg.inc | ||
|---|---|---|
| 3 | 3 |
* syslog.inc |
| 4 | 4 |
* |
| 5 | 5 |
* part of pfSense (https://www.pfsense.org) |
| 6 |
* Copyright (c) 2004-2013 BSD Perimeter |
|
| 7 |
* Copyright (c) 2013-2016 Electric Sheep Fencing |
|
| 8 | 6 |
* Copyright (c) 2014-2020 Rubicon Communications, LLC (Netgate) |
| 9 | 7 |
* All rights reserved. |
| 10 | 8 |
* |
| ... | ... | |
| 28 | 26 |
require_once("globals.inc");
|
| 29 | 27 |
require_once('config.inc');
|
| 30 | 28 |
|
| 31 |
// Read the Wireguard configuration from $config.xml and create a number of *.conf files for wg-quick to read
|
|
| 29 |
// Read the Wireguard configuration from config.xml and create a number of *.conf files for wg-quick to read |
|
| 32 | 30 |
function wg_create_config_files() {
|
| 33 | 31 |
global $config, $g; |
| 34 | 32 |
|
| ... | ... | |
| 71 | 69 |
$txt .= "\n"; |
| 72 | 70 |
|
| 73 | 71 |
// Process peers section |
| 74 |
if (isset($tunnel["peer"]) && count($tunnel["peer"]) > 0) {
|
|
| 72 |
if (isset($tunnel["peers"]) && count($tunnel["peers"]) > 0) {
|
|
| 75 | 73 |
global $g; |
| 76 | 74 |
|
| 77 |
foreach ($tunnel["peer"] as $peer) {
|
|
| 75 |
foreach ($tunnel["peers"] as $peer) {
|
|
| 78 | 76 |
$txt .= "# Peer: {$peer['descr']}\n";
|
| 79 | 77 |
$txt .= "[Peer]\n"; |
| 80 | 78 |
|
| ... | ... | |
| 105 | 103 |
file_put_contents($g["wg_conf_path"] . "/wg_" . $idx . ".conf", $txt); |
| 106 | 104 |
} |
| 107 | 105 |
|
| 106 |
|
|
| 107 |
/* |
|
| 108 |
Sample Wireguard config.xml entry |
|
| 109 |
|
|
| 110 |
<wireguard> |
|
| 111 |
<tunnel> |
|
| 112 |
<descr>Home office</descr> |
|
| 113 |
<interface> |
|
| 114 |
<privatekey>yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=</privatekey> |
|
| 115 |
<address>10.0.0.1/24, fdc9:281f:04d7:9ee9::1/64</address> |
|
| 116 |
<listenport>51820</listenport> |
|
| 117 |
</interface> |
|
| 118 |
<peers> |
|
| 119 |
<publickey>xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=</publickey> |
|
| 120 |
<endpoint>192.88.8.88:51820</endpoint> |
|
| 121 |
<allowedips>10.192.122.1/32, 10.192.124.1/24</allowedips> |
|
| 122 |
<descr>Alice</descr> |
|
| 123 |
</peers> |
|
| 124 |
<peers> |
|
| 125 |
<publickey>xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=</publickey> |
|
| 126 |
<endpoint>192.88.8.88:51820</endpoint> |
|
| 127 |
<allowedips>10.192.122.2/32, 10.192.124.2/24</allowedips> |
|
| 128 |
<descr>Bob</descr> |
|
| 129 |
</peers> |
|
| 130 |
<peers> |
|
| 131 |
<publickey>xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=</publickey> |
|
| 132 |
<endpoint>192.88.8.88:51820</endpoint> |
|
| 133 |
<allowedips>10.192.122.3/32, 10.192.124.3/24</allowedips> |
|
| 134 |
<descr>Charlie</descr> |
|
| 135 |
</peers> |
|
| 136 |
</tunnel> |
|
| 137 |
<tunnel> |
|
| 138 |
<descr>Branch office</descr> |
|
| 139 |
<interface> |
|
| 140 |
<privatekey>yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=</privatekey> |
|
| 141 |
<address>10.0.0.1/24, fdc9:281f:04d7:9ee9::1/64</address> |
|
| 142 |
<listenport>51820</listenport> |
|
| 143 |
</interface> |
|
| 144 |
<peers> |
|
| 145 |
<publickey>xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=</publickey> |
|
| 146 |
<endpoint>192.88.8.88:51820</endpoint> |
|
| 147 |
<allowedips>10.192.122.1/32, 10.192.124.1/24</allowedips> |
|
| 148 |
<descr>Alice</descr> |
|
| 149 |
</peers> |
|
| 150 |
</tunnel> |
|
| 151 |
</wireguard> |
|
| 152 |
*/ |
|
Also available in: Unified diff
<peer> => <peers>