I am making a randomization script for the vpn that I am using, which is using both wireguard and openvpn. To achieve this, I am thinking of having the wireguard network load a file with the settings it should have.
wgclientn's contents would have information such as the public_key, end_point_host, etc.
I am going to have a lot of files in one folder. In this folder there will be many different wireguard interface configurations for each vpn location. What my script is going to do is disable the wireguard interface, and then replace wireguardn with the contents of the file that was picked at random.
This is something I am going to do with openvpn as well, but with openvpn I don't need to have a "load config" line. I just need to replace the file so I have no questions there.
I want to know, is it possible to load a config for a network interface as shown by my example? I would also appreciate any advice any of you would wish to offer. I hear using uci is recommended when doing any configuration changes, but I am not sure if that is possible here (it would take a lot more lines to type each change in the config, instead of copying and replacing files).
I don't think that would delete/replace the previous wireguard configuration, and I don't know why you would want to replace network with network.org (that would overwrite your changes). It's good for a backup in case something goes wrong though
How exactly do you plan to achieve randomization? The two sides of the VPN must remain in sync with respect to the keys/certs, and in the case of Wireguard, also the interface address. You can't randomize your interface definitions unless you are randomizing on the 'server' side and then distributing the resultant configuration (keys) to the 'client' side. If that is your plan, how would you be exchanging the keys/config to the 'client'?
It's pretty simple, I had done it before on Ubuntu. I am not sure if I understand your question though. What's being randomized is which server I connect to. My vpn provides a configuration file for all their servers, each server has a different address and key. My script would update both the wgclient and the wg interface to have the same information as the configuration file.
Oh... ok. I thought you were trying to randomize a server type config.
You can use a script with UCI syntax to delete the current VPN config, and then add a new one based on the randomizer.
Not sure if I understand. If you are saying I can automate it by replacing the whole network config file, I don't which to do that since that would mean every config file for wireguard has to have that network config file, and these wireguard files can't be updated by luci.
If you are suggesting I can use Frollic's idea, it sounds like a good idea to just use cat, but it doesn't delete the previous wireguard information
When I started to deconstruct what each line of your script is doing, I realized that you only ran "/etc/init.d/network restart" once, which is used to apply changes. This means that when you replace the network file with network.org, wireguard is still using the configuration my script provided.
That actually works pretty well. I would need to use uci on random.wireguard.conf (since if I didn't use uci, a lot of complications would arise)
I wonder, is there a way to do this without restarting the whole network config? This is something I just thought about. Every device in the network will lose connection if I do this. This is something I can live with, but it provides much less flexibility because I am not the only user in this network. It would be nice if there was a way, even if that made the script more complicated or lenghty.
It's very cool how we came to a solution in such a short amount of time (ignoring the time I was absent). Now I just have to hope it works when I finish it and there's no obstacles along the way
Suggestion... start with 2 known good WG configurations and toggle between them. If that works properly, you can expand to the randomized version of it.