Luci not showing anymore active Wireguard Clients after update (package upgrade with opkg)

Hello everybody, I just made the latest updates to my OpenWRT WRT 32X Router, all works great, just one thing I noted, under the WireGuardStatus Menu in Luci, before update, I could see the little client icon gettting black when an connection is on to a WireGuardClient, if no client is connected to my WireguadServer, it remains grey.

Now, after update, it doesnt switch anymore the little icon to BLACK color...I see, the connection is working and OK, all fine, its just that the little icon doesnt switch anymore, not a big thing...but would be nice it gets fixed again, as it was before I did the update.

Thank you!

I love OpenWRT, so cool!

43|404x500

Status page looks the same on 18.06.2 as on 18.06.1:

Screenshot%20from%202019-02-01%2014-00-39

Also, I would describe the icon as blue. Can you better clarify your issue?

Hi, and Thanks everyone, The Icon Stays in status inactive, light grey color...not like before, blue color when a client is connected, I cleaned already Firefox cache, will reboot Router, and see, if its still the same, as I said, no BIG issue, as I can see, Wireguard is working perfect, its just nice, to see this little icon in connect state color blue...and if no connection its get grey dimmed blue...

Thanks, maybe a reboot will fix, Firefox caches are cleaned out...so nothing shoudl remain that could irritate Luci by reading maybe old or outdated caches...

Hi lleachii, exactly, like yours, should look mine too... but on my STATUS it shows them like OFF, even if all my 3 Clients are connected...and active...32

Hi lleachii,
made a screenshot, left side LUCI, the right side my Terminal which Im logged in into and di a wg show, so you see, the first peer, is ON, the one that begins with PB Key e1cE ..... but, in Luci Interface, it deosnt switch the little icon anymore to blue if client is connected.....

40

...you have 18.06.1.

  • From what version did you upgrade?
  • Did you happen to just add that pre-shared key to the e1cE peer?
  • If so, did you use the genpsk argument to generate that key
  • You don't have a "Latest Handshake"
1 Like

From what version did you upgrade?

Im using a update shell script, that I execute manually ..so I cehck manually every 3-4 days.... and it made last night an update.

Did you happen to just add that pre-shared key to the e1cE peer?

Yes, the setup hasnt changed and has worked over month without trouble, I even, tonight, created new pubkey and privkey to see, if that was necesarry, umask 077 and then they keys been vreated with the know commands, updated my clients, and they connect and data goes sucesfully through the wireguard tunel, checked that with bmon.

If so, did you use the genpsk argument to generate that key

All Ok with the keys

You don't have a "Latest Handshake"

That wonders me too!!! No clue...why this is, as its working well...wireguard and my clients...no clue why it says no handshake if data is flowing and all working fine, even cryptorouting all worls fine!

Now.... some hours before, there was an FireFox update to v65.0 ...I dont want blame, and maybe Im stupid...but maybe its casue that FireFox update...that Luci deosnt display...connectionstas via the little icon that is used to show if a client is up or not...fast withotu need to monitor datastreams...

How does this script work? Would you mind sharing it?

Usually, upgrading OpenWrt should only be done by using the sysupgrade method (web or terminal). While it is possible to preserve settings, this should be used with care anytime you are running a major upgrade (maintenance updates are okay). In the process, though, packages not part of the base image you are using for installation will be erased and need to be re-installed. A script could be created to perform such upgrades and package installations, but it is often better to have a human in the loop.

If your script is using the opkg upgrade commands, this is probably a very bad idea (there were literally 3 different posts yesterday where people messed up their installations by using this method).

2 Likes

Like @psherman, I'm completely lost at what this might mean. My intention was to ask you what version of OpenWrt did you previously use prior to upgrading; but it seems you were on 18.06.1 and ran some opkg script. I highly advise against that; as it can render a system unstable. I'd suggest:

  • Upgrade to 18.06.2
  • Install needed software packages
  • Do not run scripts to update or upgrade software
  • Are you sure...?
  • Did you install the new Public Key and Pre-Shared Key on the peer?

You don't have a Latest Handshake. I'd blame the update shell script - save further evidence.

Are you saying that another icon is missing too?

1 Like

The keys are OK lleeachii, definitly, the still working....Ill upgtade to 18.02 and setup everything new...that bothers me, but what will we do...lol, the only issues I have is:

The icon doesnt go in STATUS Online
The Message NO HANDSHAKE in Status Page is strange, as Wireguard is working !!

Hello psherman,

Im using this script:

#!/bin/ash
opkg update
PACKAGES="$(opkg list-upgradable |awk '{print $1}')"
if [ -n "${PACKAGES}" ]; then
opkg upgrade ${PACKAGES}
if [ "$?" -eq 0 ]; then
echo "$(date -I"seconds") - update success, rebooting" \
>> /www/update.result
exec reboot
else
echo "$(date -I"seconds") - update failed" >> /www/update.result
fi
else
echo "$(date -I"seconds") - nothing to update" >> /www/update.result
fi

@MooMan - don’t use this script. Ever. It will break your install.

1 Like

Hello Friends,

I wiped all, installed 18.02 OpenWRT, and installed and setup all new, will not use anymmore the UpdateScript... will do in future manually, Thanks psherman =D

Now, my clients show up again well as normal, asap they connect to my WireguardServer running on OpenWRT WRT32X ...all wonderfull, also the Handshake shows up nice now, all, like it should be.... we can close this case, Thank you lleachii and also Thanks psherman .. I didnt knew, there came out a new version after 18.01...my fault...should check more..after I wiped all, and went up to 18.02... all again OK!

31

@MooMan - Glad to hear it is now working properly again.

Out of curiosity, where did that script come from? Did you make it yourself or did you find it somewhere on the web or on these forums?

EDIT: even if you wrote the script yourself, did you find the idea of using opkg upgrade somewhere, or was this something you decided to do on your own?

1 Like

Hi psherman,
I confess, I found it "somewhere" in the net, the updateScript, it worked many month well, had no trouble, but will now do it manually, every week once, with commands:
opkg list-upgradable

and then, manually make opkg upgrade

That is a lit bothering, making one by one...but hey, if it doesnt brak anythingm and is a better way, then I will swollow this extrawork :grinning:

How do you make updates? is manually, like I decribed, the only way to do it? Or is there a way, that executes as cronjob and makes an update by iteself on scheduled bases?

Im glad now, I did the update to OpenWrt 18.06.2 --was worth the hassle setting up all again, Thank you for helping and Tips!

@MooMan -

No, the point is that opkg upgrade should (almost) never be used, at all, ever. There may be some very specific cases where it is safe and useful, but in many cases it presents a significant risk of messing things up. This is because the package system doesn't (currently) have checks to ensure proper compatibility with kernel versions and various other dependencies. A package that is upgraded can therefore cause a conflict -- sometimes just breaking that one package, other times it can mess up the entire system.

I asked where it came from because it might be good to post the above warnings on the site(s)/thread(s) where that script is found.

1 Like

psherman,

but how to update in a way its correct then ?? How do you do it?

Any Tip, or hint would be apreciated...will read tomorrow more about it and hope to find a viable solution... Thank in advance!

Found the source where I found it ->

https://blog.christophersmart.com/2018/03/18/auto-apply-latest-package-updates-on-openwrt-lede-project/

@MooMan - If you want to work with stable release builds (not development builds), those only need to be updated every few months or so. Currently we're on 18.06.2, so you'll wait until 18.06.3 comes out. Do not try to upgrade individual components.

To run these updates, you use the sysupgrade features baked into OpenWrt (command line or via LuCI web interface).

If you have a specific need to keep things in a constantly upgraded path, you'll want to work with the snapshot (development) builds and/or perform builds locally on your own (using the build system), but this may result in various issues and additional work in maintenance.

Otherwise, you rarely need to worry about updating/upgrading packages, and using the opkg upgrade commands will likely cause more harm than good.

1 Like

lleachi, how do you handle upgrading packages in OpenWRT, you using a update Script? Or doing it via opkg command opkg list-upgradable , and then upgrade manually package by package ? psherman mentioned, that updatescripts may break the whole installation... and also says, that even opkg upgrade shouldnt be used, Im kinda confused now :frowning:

Its a big doubt I have, what is a secure and correct way to upgrade packages ?