Hello everybody, I just made the latest updates to my OpenWRT WRT 32X Router, all works great, just one thing I noted, under the WireGuardStatus Menu in Luci, before update, I could see the little client icon gettting black when an connection is on to a WireGuardClient, if no client is connected to my WireguadServer, it remains grey.
Now, after update, it doesnt switch anymore the little icon to BLACK color...I see, the connection is working and OK, all fine, its just that the little icon doesnt switch anymore, not a big thing...but would be nice it gets fixed again, as it was before I did the update.
Hi, and Thanks everyone, The Icon Stays in status inactive, light grey color...not like before, blue color when a client is connected, I cleaned already Firefox cache, will reboot Router, and see, if its still the same, as I said, no BIG issue, as I can see, Wireguard is working perfect, its just nice, to see this little icon in connect state color blue...and if no connection its get grey dimmed blue...
Thanks, maybe a reboot will fix, Firefox caches are cleaned out...so nothing shoudl remain that could irritate Luci by reading maybe old or outdated caches...
made a screenshot, left side LUCI, the right side my Terminal which Im logged in into and di a wg show, so you see, the first peer, is ON, the one that begins with PB Key e1cE ..... but, in Luci Interface, it deosnt switch the little icon anymore to blue if client is connected.....
Im using a update shell script, that I execute manually ..so I cehck manually every 3-4 days.... and it made last night an update.
Did you happen to just add that pre-shared key to the e1cE peer?
Yes, the setup hasnt changed and has worked over month without trouble, I even, tonight, created new pubkey and privkey to see, if that was necesarry, umask 077 and then they keys been vreated with the know commands, updated my clients, and they connect and data goes sucesfully through the wireguard tunel, checked that with bmon.
If so, did you use the genpsk argument to generate that key
All Ok with the keys
You don't have a "Latest Handshake"
That wonders me too!!! No clue...why this is, as its working well...wireguard and my clients...no clue why it says no handshake if data is flowing and all working fine, even cryptorouting all worls fine!
Now.... some hours before, there was an FireFox update to v65.0 ...I dont want blame, and maybe Im stupid...but maybe its casue that FireFox update...that Luci deosnt display...connectionstas via the little icon that is used to show if a client is up or not...fast withotu need to monitor datastreams...
How does this script work? Would you mind sharing it?
Usually, upgrading OpenWrt should only be done by using the sysupgrade method (web or terminal). While it is possible to preserve settings, this should be used with care anytime you are running a major upgrade (maintenance updates are okay). In the process, though, packages not part of the base image you are using for installation will be erased and need to be re-installed. A script could be created to perform such upgrades and package installations, but it is often better to have a human in the loop.
If your script is using the opkg upgrade commands, this is probably a very bad idea (there were literally 3 different posts yesterday where people messed up their installations by using this method).
Like @psherman, I'm completely lost at what this might mean. My intention was to ask you what version of OpenWrt did you previously use prior to upgrading; but it seems you were on 18.06.1 and ran some opkg script. I highly advise against that; as it can render a system unstable. I'd suggest:
Upgrade to 18.06.2
Install needed software packages
Do not run scripts to update or upgrade software
Are you sure...?
Did you install the new Public Key and Pre-Shared Key on the peer?
You don't have a Latest Handshake. I'd blame the update shell script - save further evidence.
I wiped all, installed 18.02 OpenWRT, and installed and setup all new, will not use anymmore the UpdateScript... will do in future manually, Thanks psherman =D
Now, my clients show up again well as normal, asap they connect to my WireguardServer running on OpenWRT WRT32X ...all wonderfull, also the Handshake shows up nice now, all, like it should be.... we can close this case, Thank you lleachii and also Thanks psherman .. I didnt knew, there came out a new version after 18.01...my fault...should check more..after I wiped all, and went up to 18.02... all again OK!
I confess, I found it "somewhere" in the net, the updateScript, it worked many month well, had no trouble, but will now do it manually, every week once, with commands:
and then, manually make opkg upgrade
That is a lit bothering, making one by one...but hey, if it doesnt brak anythingm and is a better way, then I will swollow this extrawork
How do you make updates? is manually, like I decribed, the only way to do it? Or is there a way, that executes as cronjob and makes an update by iteself on scheduled bases?
Im glad now, I did the update to OpenWrt 18.06.2 --was worth the hassle setting up all again, Thank you for helping and Tips!
No, the point is that opkg upgrade should (almost) never be used, at all, ever. There may be some very specific cases where it is safe and useful, but in many cases it presents a significant risk of messing things up. This is because the package system doesn't (currently) have checks to ensure proper compatibility with kernel versions and various other dependencies. A package that is upgraded can therefore cause a conflict -- sometimes just breaking that one package, other times it can mess up the entire system.
I asked where it came from because it might be good to post the above warnings on the site(s)/thread(s) where that script is found.
@MooMan - If you want to work with stable release builds (not development builds), those only need to be updated every few months or so. Currently we're on 18.06.2, so you'll wait until 18.06.3 comes out. Do not try to upgrade individual components.
To run these updates, you use the sysupgrade features baked into OpenWrt (command line or via LuCI web interface).
If you have a specific need to keep things in a constantly upgraded path, you'll want to work with the snapshot (development) builds and/or perform builds locally on your own (using the build system), but this may result in various issues and additional work in maintenance.
Otherwise, you rarely need to worry about updating/upgrading packages, and using the opkg upgrade commands will likely cause more harm than good.
lleachi, how do you handle upgrading packages in OpenWRT, you using a update Script? Or doing it via opkg command opkg list-upgradable , and then upgrade manually package by package ? psherman mentioned, that updatescripts may break the whole installation... and also says, that even opkg upgrade shouldnt be used, Im kinda confused now
Its a big doubt I have, what is a secure and correct way to upgrade packages ?