diff --git a/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch new file mode 100644 index 0000000..09d43dd --- /dev/null +++ b/build_patches/openwrt/0201-wireguard-introduce-nohostroute-option.patch @@ -0,0 +1,47 @@ +From: Daniel Golle +Date: Tue, 19 Mar 2019 16:47:17 +0100 +Subject: wireguard: introduce 'nohostroute' option + +Use a new config option 'nohostroute' to explicitely prevent creation +of the route to the endpoint. + +Signed-off-by: Daniel Golle +[squashed with commit 1e8bb50, shorten commit message] +Signed-off-by: Adrian Schmutzler + +diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh +index 96fa7215ff..fb781070d6 100644 +--- a/package/network/services/wireguard/files/wireguard.sh ++++ b/package/network/services/wireguard/files/wireguard.sh +@@ -114,6 +114,7 @@ proto_wireguard_setup() { + config_get mtu "${config}" "mtu" + config_get fwmark "${config}" "fwmark" + config_get ip6prefix "${config}" "ip6prefix" ++ config_get nohostroute "${config}" "nohostroute" + + # create interface + ip link del dev "${config}" 2>/dev/null +@@ -176,12 +177,14 @@ proto_wireguard_setup() { + done + + # endpoint dependency +- wg show "${config}" endpoints | \ +- sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ +- while IFS=$'\t ' read -r key address port; do +- [ -n "${port}" ] || continue +- proto_add_host_dependency "${config}" "${address}" +- done ++ if [ "${nohostroute}" != "1" ]; then ++ wg show "${config}" endpoints | \ ++ sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ ++ while IFS=$'\t ' read -r key address port; do ++ [ -n "${port}" ] || continue ++ proto_add_host_dependency "${config}" "${address}" ++ done ++ fi + + proto_send_update "${config}" + } +-- +2.11.0 +