• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

WireGuard Widget?

Scheduled Pinned Locked Moved WireGuard
6 Posts 4 Posters 1.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    sae
    last edited by Mar 5, 2021, 2:16 AM

    Is there a WireGuard widget for the dashboard in the works? I would love something like the ipsec or openvpn widgets letting me know the status of those tunnels if possible.

    C 1 Reply Last reply Mar 5, 2021, 1:26 PM Reply Quote 0
    • C
      cmcdonald Netgate Developer @sae
      last edited by cmcdonald Mar 5, 2021, 1:30 PM Mar 5, 2021, 1:26 PM

      @sae There isn't much status that can't already be deduced through other widgets (i.e. interface stats for traffic stats, gateway monitoring for checking if the peer endpoint is pingable, etc.) WireGuard is stateless so besides the latest handshake time, there really isn't much status information to display.

      Run wg show via Diagnostics>Command Prompt and you'll see for yourself that there isn't anything useful there. Albeit the wg(8) command is currently not feature complete and is missing several metrics that are available on the mainline linux implementation.

      Need help fast? https://www.netgate.com/support

      1 Reply Last reply Reply Quote 1
      • J
        jimp Rebel Alliance Developer Netgate
        last edited by Mar 5, 2021, 5:07 PM

        WireGuard is connectionless so there really isn't any "status" in the traditional sense.

        Even if wg on FreeBSD output what it does on Linux its usefulness is minimal. It can't tell you if a peer is connected now (since there is no "connection") only that it sent some traffic at some point in the past.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        L 1 Reply Last reply Mar 5, 2021, 8:23 PM Reply Quote 2
        • L
          lra @jimp
          last edited by Mar 5, 2021, 8:23 PM

          @jimp Our Linux project generates a "WireGuard VPN Status" in PHP as follows.

          First, using wg show wg0 latest-handshakes and classify by the lastest-handshake difference from the current Unix Epoch.

          1. "stale" if current Unix Epoch is greater than 3600 seconds of lastest-handshake
          2. "inactive" if current Unix Epoch is greater than 135 seconds of lastest-handshake
          3. "active" for the rest

          Next preform a wg show wg0 to display useful goodies and merge with the "stale/inactive/active" state by matching with common public peer keys.

          The "Peer" can be replaced with a matching label or use the first 6 characters if there is no matching label to the public peer key.

          Finally, display the combined results, we chose not to show "stale" tunnels, only "active" and "inactive".

          pfSense supports multiple wg+ interfaces, so iterate over all of them.

          Here is a sanitized example:

          WireGuard-Status.png

          This has worked well for our project.

          Lonnie

          1 Reply Last reply Reply Quote 2
          • J
            jimp Rebel Alliance Developer Netgate
            last edited by Mar 5, 2021, 9:13 PM

            None of that is available on FreeBSD yet.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 1
            • S
              sae
              last edited by Mar 5, 2021, 11:33 PM

              Thanks for the info guys. I didn't realize how different WG is compared to the more traditional vpn.

              1 Reply Last reply Reply Quote 0
              2 out of 6
              • First post
                2/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received