search

max-moser / network-manager-wireguard

NetworkManager VPN Plugin: Wireguard
Other
449 stars 56 forks source link

AllowedIPs routes disappear when using the plugin #43

Open nmdnm opened 5 years ago

nmdnm commented 5 years ago

When I call simply wg-quick up wg0.conf then it adds routes from AllowedIPs but if I use the plugin then the added routes are added but immediately disappear

nmdnm commented 5 years ago

Adding routes here https://github.com/max-moser/network-manager-wireguard/blob/61646ade26750c52626a44b025cb1b165681c662/src/nm-wireguard-service.c#L523 Disappear most likely in https://github.com/max-moser/network-manager-wireguard/blob/61646ade26750c52626a44b025cb1b165681c662/src/nm-wireguard-service.c#L346 but I am not sure

meiser79 commented 3 years ago

duplicate of #5

klemmster commented 2 years ago

Is it a duplicate? In #5 it's suggested to manually set the routes. However, this doesn't seem to be the right way:

Jan 22 16:38:22 rivulet NetworkManager[4883]: [#] ip link add netmaker-vpn type wireguard
Jan 22 16:38:22 rivulet NetworkManager[4883]: [#] wg setconf netmaker-vpn /dev/fd/63
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7089] manager: (netmaker-vpn): new WireGuard device (/org/freedesktop/NetworkManage>
Jan 22 16:38:22 rivulet NetworkManager[4883]: [#] ip -4 address add 10.100.0.2/32 dev netmaker-vpn
Jan 22 16:38:22 rivulet NetworkManager[4883]: [#] ip link set mtu 1420 up dev netmaker-vpn
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7188] device (netmaker-vpn): state change: unmanaged -> unavailable (reason 'connec>
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7209] device (netmaker-vpn): state change: unavailable -> disconnected (reason 'con>
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7216] device (netmaker-vpn): Activation: starting connection 'netmaker-vpn' (8908c8>
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7219] device (netmaker-vpn): state change: disconnected -> prepare (reason 'none', >
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7221] device (netmaker-vpn): state change: prepare -> config (reason 'none', sys-if>
Jan 22 16:38:22 rivulet NetworkManager[4883]: [#] ip -4 route add 10.7.228.0/24 dev netmaker-vpn
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7225] device (netmaker-vpn): state change: config -> ip-config (reason 'none', sys->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7226] device (netmaker-vpn): state change: ip-config -> ip-check (reason 'none', sy>
Jan 22 16:38:22 rivulet NetworkManager[4883]: [#] ip -4 route add 10.100.0.0/16 dev netmaker-vpn
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7352] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7352] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7353] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7354] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7356] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7356] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7357] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7357] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7357] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7357] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7357] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7358] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7426] vpn-connection[0x56013c5c6320,66915794-7af0-4320-9210-e9c30628981f,"netmaker->
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7508] device (netmaker-vpn): state change: ip-check -> secondaries (reason 'none', >
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7510] device (netmaker-vpn): state change: secondaries -> activated (reason 'none',>
Jan 22 16:38:22 rivulet NetworkManager[1098]: <info>  [1642865902.7513] device (netmaker-vpn): Activation: successful, device activated.
Jan 22 16:39:53 rivulet NetworkManager[1098]: <inf

from the NetworkManager logs, you can see how they are actually set, the right routes to make the vpn work at all. Once this is through, the routes are gone, leaving the vpn in a broken state, at least for my use case.

Since it's already doing the right thing (setting the right routes) it seems weird having to add this same again, manually.