netbird/plugins
0
0
Fork 0
mirror of https://github.com/netbirdio/plugins.git synced 2026-05-22 18:44:07 -07:00
Code Issues Packages Projects Releases Wiki Activity

net/wireguard - missed the time constraint in the previous bash script for reresolve-dns

Browse Source
This commit is contained in:
Ad Schellevis
2023-08-30 16:19:39 +02:00
parent a5131fe214
commit 20533c6651
1 changed files with 28 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
net/wireguard/src/opnsense/scripts/Wireguard/reresolve-dns.py
+28 -14
View File
@@ -29,33 +29,47 @@
# https://github.com/WireGuard/wireguard-tools/tree/master/contrib/reresolve-dns
import glob
import os
import time
import subprocess
sp = subprocess.run(['/usr/bin/wg', 'show', 'all', 'latest-handshakes'], capture_output=True, text=True)
ts_now = time.time()
handshakes = {}
for line in sp.stdout.split('\n'):
parts = line.split()
if len(parts) == 3 and parts[2].isdigit():
handshakes["%s-%s" % (parts[0], parts[1])] = ts_now - int(parts[2])
for filename in glob.glob('/usr/local/etc/wireguard/*.conf'):
this_peer = {}
ifname = os.path.basename(filename).split('.')[0]
with open(filename, 'r') as fhandle:
for line in fhandle:
if line.startswith('[Peer]'):
this_peer = {}
this_peer = {'ifname': ifname}
elif line.startswith('PublicKey'):
this_peer['PublicKey'] = line.split('=', 1)[1].strip()
elif line.startswith('Endpoint'):
this_peer['Endpoint'] = line.split('=', 1)[1].strip()
if 'Endpoint' in this_peer and 'PublicKey' in this_peer:
subprocess.run(
[
'/usr/bin/wg',
'set',
ifname,
'peer',
this_peer['PublicKey'],
'endpoint',
this_peer['Endpoint']
],
capture_output=True,
text=True
)
peer_key = "%(ifname)s-%(PublicKey)s" % this_peer
if handshakes.get(peer_key, 999) > 135:
# skip if there has been a handshake recently
subprocess.run(
[
'/usr/bin/wg',
'set',
ifname,
'peer',
this_peer['PublicKey'],
'endpoint',
this_peer['Endpoint']
],
capture_output=True,
text=True
)
this_peer = {}