In this thread, I already complained about this problem
And today it happened again.
In this thread, I tried to set up WireGuard with a whitelist on YouTube
I didn't succeed. And I tried to find out what was the reason by the method of elimination. To understand if WireGuard works at all, I went into the interface settings and cleared Allowed IP addresses.
After restarting the router, the Internet disappeared and I can no longer access the router page.
What happened? Is OpenWRT so easy to break? What have I done wrong? Let's say I messed up with the interface settings, shouldn't Internet access just disappear after this? Why did the router stop responding? I did not change the configs through the console and not through the file manager, I did it through the graphical interface. And this somehow broke the firmware?
I have backups, but such parsley will continue to happen, then I will generally be afraid to change at least something in the settings without the most precise instructions. Which are not on the Internet!
It sounds like you forward traffic thru Wireguard, then removed the Internet (i.e. all IPs or 0.0.0.0/0) from the allowed IPs setting of your Wireguard interface. Not sure why you blame OpenWrt when you clearly removed a needed setting. This would happen on any device.
Seems you figured out it worked, but became upset after you discovered it did?
If you'reconnecting thru Wireguard and remove allowed IPs you effectively blocked the SRC client from reaching the router's web GUI. You're describing the issue you created; but seem confused why your router stopped working?
Perhaps I'm misunderstanding why you removed a [necessary] Wireguard config; but then called the OpenWrt "easily broken".
You may want to learn basic networking, then.
BTW, if you disable Wireguard, remove/revert the: firewall, related IP Routes and Rules as well.
I don't advise making WG config changes via the tunnel itself.
Allowed IP addresses
Not necessary. The IP addresses and prefixes that this node is allowed to use inside the tunnel. Typically, these are the tunnel IP addresses of this host and the network that it routes through the tunnel.
It turns out that the settings are lying? If it is NOT necessary. So why did I lose access to the router by deleting this OPTIONAL setting?
So I don't see any specific issues here. I do hope that you made some changes to the keys to make what you posted invalid, otherwise you have just shared sensitive data that should have been redacted (and if that is the case, destroy the keys and start over).
The configuration file is the primary reference for how things are actually configured. Luci is a layer of abstraction that might be incorrect. Also should you post screenshots of Luci please set the language to English first.
Saving and restoring a configuration is done file by file. If there are settings in a file like /etc/config/network (where Wireguard is set up), the entire file will be saved and restored. Any changes anywhere in the file that you did before the restore will be removed. The save/restore does not merge configurations block by block or line by line.
What did I change? I unplugged the router's power cable and plugged it back in. There is no on/off button on the router. What else have I changed? Added the warp_old.conf file to the interface tunnel. Didn't change anything else.
I wrote at the very beginning. In the "WARP" interface, the tunnels tab had a lot of AllowedIPs. I removed them all. I thought that when AllowedIPs are registered, then WireGuard will only work for these IPs. And if the IP is not specified, it will work for all connections. I deleted them, applied the settings and the router went into reboot. After the reboot, I waited about 10 minutes but could not connect to the router. Then I created this thread.
And only then I just manually restarted the router and was able to connect to it.
What for? You wrote that I did everything wrong and broke the router myself. Therefore, I took a known-good config in which AllowedIPs was not registered, loaded it into the router and compared how it differs from mine.
In the browser interface, the AllowedIPs fields are empty. In the config file it says
AllowedIPs = 0.0.0.0/0
AllowedIPs = ::/0
By the fact that I would be convinced and uploaded the second file. What if in the second file, the AllowedIPs fields would not be empty, but would contain the values "0.0.0.0/0". I had to check...
One more time from the beginning. I downloaded the warp.conf configuration file that I use on PC and smartphone. And I wanted to set it up on the router. I have a Chromecast device on one TV and a smart TV in the kitchen. I would like to watch YouTube on both. But after recent events, it has been blocked for me for an unknown reason. On chromecast and on smart TV, neither VPN nor proxy can be installed. I did not find a working option. That's why I decided to put WireGuard on the router. But with one difference, I wanted WireGuard to work only for blocked resources.
Therefore, I opened the configuration file warp.conf, and replaced the lines in it
AllowedIPs = 0.0.0.0/0
AllowedIPs = ::/0
IP addresses of YouTube that I found on the network. I set up WireGuard on the router according to the instructions on the network. But YouTube still wouldn't open. All other sites worked, YouTube did not. Then I decided to check if WireGuard works at all, or did I configure it incorrectly? To do this, I needed to remove the white list from its settings, so that it would work for all addresses and not for those that I specified. To do this, I opened the router settings in the browser, the WireGuard interface, the (peers) tab, the warp.conf file and deleted all the fields with IP addresses that were there. The AllowedIPs field has become empty. I applied the settings and the router itself went into a reboot after which it never came out.
Then I manually restarted it and after that it turned on, I did not notice any changes in the WireGuard interface, because I only changed it before restarting.
Further, they wrote here that I did something wrong on that router and turned it off. What did I do? Removed IP addresses from the AllowedIPs list. If the router turned off, did I delete them incorrectly?
To check "it's right" I loaded the original warp.conf file, before that renaming it to warp_old.conf so that there would be no conflict. I downloaded it, opened the tab (peers), found a new file, and looked at how the fields with AllowedIPs were registered in it. They registered in the same way, just an empty field without any values. The result is exactly the same as mine. So what did I do wrong?
Now, if it were not necessary to delete all fields, but instead it was necessary to leave one field with a value of 0.0.0.0/0, then yes. Then I removed AllowedIPs incorrectly. But I did everything right
And I don't know what that means. I have all my settings here.