PreUp/PreDown PostUp/PostDown

[romkazor]

Hello, how about this useful features?

[zaneschepke]

Hi, can you explain this feature more?

[romkazor]

PreUp

Optionally run a command before the interface is brought up. This option can be specified multiple times, with commands executed in the order they appear in the file.

Examples

Add an IP route PreUp = ip rule add ipproto tcp dport 22 table 1234

More examples: https://github.com/pirate/wireguard-docs

[zaneschepke]

Gotcha. So it seems these are additional configuration options you can add to the interface block in your VPN config file. It looks like these are only supported in the CLI and not the wireguard-android library (which this app uses). This is still a feature that could be added from scratch to this app but I would need more direction on the most valuable use case(s). What is your specific use case?

[romkazor]

Use case:

1. Before connecting, we send several random packets to the WG-server to confuse the ISP mechanisms like DPI and other
2. Connecting to WG-server

Just now this case looks like this:

1. launching termux
2. run nping --udp --count 3 --data-length 15 --source-port 6666 --dest-port 6666 1.1.1.1
3. waiting
4. launching wg-client

[zaneschepke]

Use case:

1. Before connecting, we send several random packets to the WG-server to confuse the ISP mechanisms like DPI and other
2. Connecting to WG-server

Just now this case looks like this:

1. launching termux
2. run nping --udp --count 3 --data-length 15 --source-port 6666 --dest-port 6666 1.1.1.1
3. waiting
4. launching wg-client

Gotcha! So for this use case, because we are within the context of an Android app, we wouldn't be able to run these command line tool commands within our app itself. We could accomplish this by sending and intent to Termux. We would then wait before starting our tunnel connection. Although I can see this being useful, I feel like this is may be something better suited for an app like Tasker or Automate. I've recently added dynamic shortcuts to the app for each added tunnel. I did this specifically for automation integration purposes. We could add this functionality into the app itself if the benefit is there. I do think something like webhook integration could also be an interesting additional use case (although I'm not sure if people would find it beneficial). What are your thoughts?

[zaneschepke]

@romkazor I do still think this would be a cool feature. It would be a decent amount of work to get it working but I do see the benefits. Is there anything you are confused about that I can explain in more detail?

[rpgdev]

I've recently added dynamic shortcuts to the app for each added tunnel. I did this specifically for automation integration purposes.

Can these dynamic shortcuts be used in macrodroid? Macrodroid can't see them. Are there any intents we can send to enable the tunnels? Is this documented anywhere?

[zaneschepke]

I've recently added dynamic shortcuts to the app for each added tunnel. I did this specifically for automation integration purposes.

Can these dynamic shortcuts be used in macrodroid? Macrodroid can't see them. Are there any intents we can send to enable the tunnels? Is this documented anywhere?

So I've looked into this and I think I would consider this a bug even though I think it is technically not a bug. This should be possible, but I think because we are using dynamic shortcuts instead of static shortcuts these apps can't seem to find the WG Tunnel shortcuts. If this is the case, I may want to switch to static shortcuts instead of dynamic ones. I will do some testing on this.

[zaneschepke]

I've recently added dynamic shortcuts to the app for each added tunnel. I did this specifically for automation integration purposes.

Can these dynamic shortcuts be used in macrodroid? Macrodroid can't see them. Are there any intents we can send to enable the tunnels? Is this documented anywhere?

I've made a separate issue for this bug #38

[rpgdev]

Thank you!

[zaneschepke]

@rpgdev I ended up having to remove dynamic shortcuts and opt for static shortcuts as they seem to integrate much better with automation software. You can now use the static shortcuts to toggle your primary tunnel in release 3.1.0. This can be accomplished with a combination of Macrodroid and Shortcuts Maker.

[rpgdev]

@zaneschepke I just updated and installed shortcuts maker but it isn't clear how to use shortcuts maker to make a shortcut to the tunnel in wg tunnel. Is this documented anywhere?

[zaneschepke]

@zaneschepke I just updated and installed shortcuts maker but it isn't clear how to use shortcuts maker to make a shortcut to the tunnel in wg tunnel. Is this documented anywhere?

I saw a video somewhere on how to do it. Mscrodroid > Actions > Launch shortcut > Select shortcut (this is what links to shortcut maker and you will recognize app icon) > (it has now redirected to shortcut maker) Inner Link > and now you can see the shortcuts for WG Tunnel here.

[zaneschepke]

@romkazor I have been doing more research on this one. I do think this could potentially be doable in the future, but I would only want to support it on rooted devices.

This would require #43 to be implemented first.

[Den41k92]

Hi, is there any progress on implementing PostUp/PostDown?

That's the only reason I need to move away from the official app. I hoped to find it here, but unfortunately, this app does not support this either. The reason I would need PostUp/PostDown on my rooted Android is to set up a custom route to a LAN of another peer connected to the same WireGuard network, without touching the server configuration. It works by manually typing these commands in a terminal, but it would be much more convenient to have it done automatically by the app itself.

[rpgdev]

@Den41k92 if you're rooted is there any reason why tasker wouldn't work for this? I have since moved to tasker, mainly because of the wg support, it's very good now. You definitely could do post tasks after connecting or disconnecting from a wg network, all automatically.

[Den41k92]

@Den41k92 if you're rooted is there any reason why tasker wouldn't work for this? I have since moved to tasker, mainly because of the wg support, it's very good now. You definitely could do post tasks after connecting or disconnecting from a wg network, all automatically.

Unfortunately Tasker is not FOSS but I will look for an alternative. Thank you.

[zaneschepke]

Hi, is there any progress on implementing PostUp/PostDown?

That's the only reason I need to move away from the official app. I hoped to find it here, but unfortunately, this app does not support this either. The reason I would need PostUp/PostDown on my rooted Android is to set up a custom route to a LAN of another peer connected to the same WireGuard network, without touching the server configuration. It works by manually typing these commands in a terminal, but it would be much more convenient to have it done automatically by the app itself.

No progress on this yet, but it seems that the appetite for this is relatively high so I could look to move it up in priority.

[zaneschepke]

I just wanted to tease a bit that I currently have this working in my dev env for both userspace and kernel mode (as long as you are on a rooted phone).

A lot of the work was already done in this PR so it was actually a pretty simple one.

Stay tuned!

[zaneschepke]

Please try out this feature here. There is not in app UI for editing config scripts, but you should be able to import and use them in kernel, userspace, and amnezia modes if you are using a rooted device.

[zaneschepke]

This feature is now live in the 3.5.0. It works on any rooted device whether you are in Amnezia, Kernel, or in the default WireGuard userspace mode!

[Den41k92]

This feature is now live in the 3.5.0. It works on any rooted device whether you are in Amnezia, Kernel, or in the default WireGuard userspace mode!

Awesome work, thank you very much! I've already tested and indeed adding and removing static routes with ip route in PostUp/PostDown parameters are working correctly. It is not visible in UI and requires manual editing and re-importing the .conf file for now. Also these rows persist when exporting all configuration to ZIP file which is very nice.

[zaneschepke]

This feature is now live in the 3.5.0. It works on any rooted device whether you are in Amnezia, Kernel, or in the default WireGuard userspace mode!

Awesome work, thank you very much! I've already tested and indeed adding and removing static routes with ip route in PostUp/PostDown parameters are working correctly. It is not visible in UI and requires manual editing and re-importing the .conf file for now. Also these rows persist when exporting all configuration to ZIP file which is very nice.

Great to hear! Eventually, I'll add some fields to edit these in app.