frodovdr/raspap-webgui
1
0
Fork 0
mirror of https://github.com/billz/raspap-webgui.git synced 2023-10-10 13:37:24 +02:00
Code Issues Releases Wiki Activity

Add defaults for wg server PostUp/Down

Browse Source
This commit is contained in:
billz 2021-03-05 08:32:00 +00:00
parent 18729edd1e
commit 333d447c6b
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/defaults.json
View File

@ -38,10 +38,12 @@
"server": { "server": {
"Address": [ "10.253.3.1/24" ], "Address": [ "10.253.3.1/24" ],
"ListenPort": [ "51820" ], "ListenPort": [ "51820" ],
"DNS": [ "10.3.141.1" ] "DNS": [ "10.3.141.1" ],
"PostUp": [ "iptables -A FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -A FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE" ],
"PostDown": [ "iptables -D FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE" ]
}, },
"peer": { "peer": {
"Endpoint": [ "10.253.3.1:51820" ], "Endpoint": [ "10.253.3.1" ],
"AllowedIPs": ["0.0.0.0/0"], "AllowedIPs": ["0.0.0.0/0"],
"PersistentKeepalive": [ "15" ] "PersistentKeepalive": [ "15" ]
} }

10
includes/wireguard.php
View File

@ -87,12 +87,12 @@ function SaveWireGuardConfig($status)
} }
} }
if (isset($_POST['wg_pendpoint']) && strlen(trim($_POST['wg_pendpoint']) >0 )) { if (isset($_POST['wg_pendpoint']) && strlen(trim($_POST['wg_pendpoint']) >0 )) {
if (!validateCidr($_POST['wg_pendpoint'])) { if (!filter_var($_POST['wg_pendpoint'],FILTER_VALIDATE_IP)) {
$status->addMessage('Invalid value for endpoint address', 'danger'); $status->addMessage('Invalid value for endpoint address', 'danger');
$good_input = false; $good_input = false;
} }
} }
if (isset($_POST['wg_pallowedips'])) { if (isset($_POST['wg_pallowedips']) && strlen(trim($_POST['wg_pallowedips']) >0)) {
if (!validateCidr($_POST['wg_pallowedips'])) { if (!validateCidr($_POST['wg_pallowedips'])) {
$status->addMessage('Invalid value for allowed IPs', 'danger'); $status->addMessage('Invalid value for allowed IPs', 'danger');
$good_input = false; $good_input = false;
@ -115,13 +115,13 @@ function SaveWireGuardConfig($status)
$config[] = 'Address = '.$_POST['wg_srvipaddress']; $config[] = 'Address = '.$_POST['wg_srvipaddress'];
$config[] = 'ListenPort = '.$_POST['wg_srvport']; $config[] = 'ListenPort = '.$_POST['wg_srvport'];
$config[] = 'PrivateKey = '.$wg_srvprivkey; $config[] = 'PrivateKey = '.$wg_srvprivkey;
$config[] = 'PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE'; $config[] = 'PostUp = '.getDefaultNetValue('wireguard','server','PostUp');
$config[] = 'PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o wlan0 -j MASQUERADE'; $config[] = 'PostDown = '.getDefaultNetValue('wireguard','server','PostDown');
$config[] = ''; $config[] = '';
$config[] = '[Peer]'; $config[] = '[Peer]';
$config[] = 'PublicKey = '.$_POST['wg-peer']; $config[] = 'PublicKey = '.$_POST['wg-peer'];
if ($_POST['wg_pendpoint'] !== '') { if ($_POST['wg_pendpoint'] !== '') {
$config[] = 'Endpoint = '.trim($_POST['wg_pendpoint']); $config[] = 'Endpoint = '.trim($_POST['wg_pendpoint']).':'.$_POST['wg_srvport'];
} }
$config[] = 'AllowedIPs = '.$_POST['wg_pallowedips']; $config[] = 'AllowedIPs = '.$_POST['wg_pallowedips'];
if ($_POST['wg_pkeepalive'] !== '') { if ($_POST['wg_pkeepalive'] !== '') {