Add wireguard luci app

- Pulled from GoldenOrb

ipk-source/luci-app-GO-wireguard/root/usr/lib/wireguard/conf.sh

@@ -0,0 +1,134 @@
+#!/bin/sh
+
+log() {
+	modlog "Wireguard Conf" "$@"
+}
+
+name=$1
+file=$2
+auto=$3
+if [ -z $auto ]; then
+	auto="0"
+fi
+
+extract() {
+	line=$1
+	PD=$(echo "$line" | grep "#")
+	if [ ! -z "$PD" ]; then
+		return
+	fi
+	PRK=$(echo "$line" | grep "PrivateKey" | tr " " ",")
+	if [ ! -z "$PRK" ]; then
+		PrivateKey=$(echo $PRK | cut -d, -f3)
+	fi
+	PRK=$(echo "$line" | grep "PublicKey" | tr " " ",")
+	if [ ! -z "$PRK" ]; then
+		PublicKey=$(echo $PRK | cut -d, -f3)
+	fi
+	PRK=$(echo "$line" | grep "PresharedKey" | tr " " ",")
+	if [ ! -z "$PRK" ]; then
+		PreSharedKey=$(echo $PRK | cut -d, -f3)
+	fi
+	INTER=$(echo "$line" | grep "WGinterface" | tr " " ",")
+	if [ ! -z "$INTER" ]; then
+		wginter=$(echo $INTER | cut -d, -f3)
+		if [ "$wginter" -gt 1 ]; then
+			wginter="1"
+		fi
+	fi
+	PRK=$(echo "$line" | grep "Address" | tr " " "#")
+	if [ ! -z "$PRK" ]; then
+		if [ -z $Address ]; then
+			Address=$(echo $PRK | cut -d# -f3)
+		else
+			Address=$Address","$(echo $PRK | cut -d# -f3)
+		fi
+	fi
+	PRK=$(echo "$line" | grep "dns" | tr " " "#")
+	if [ ! -z "$PRK" ]; then
+		dns=$(echo $PRK | cut -d# -f3)
+	fi
+	PRK=$(echo "$line" | grep "DNS" | tr " " "#")
+	if [ ! -z "$PRK" ]; then
+		dns=$(echo $PRK | cut -d# -f3)
+	fi
+	PRK=$(echo "$line" | grep "ListenPort" | tr " " ",")
+	if [ ! -z "$PRK" ]; then
+		listenport=$(echo $PRK | cut -d, -f3)
+	fi
+	PRK=$(echo "$line" | grep "AllowedIPs" | tr " " "#")
+	if [ ! -z "$PRK" ]; then
+		if [ -z $allowedips ]; then
+			allowedips=$(echo $PRK | cut -d# -f3)
+		else
+			allowedips=$allowedips","$(echo $PRK | cut -d# -f3)
+		fi
+	fi
+	PRK=$(echo "$line" | grep "Endpoint" | tr " " ",")
+	if [ ! -z "$PRK" ]; then
+		endpoint=$(echo $PRK | cut -d, -f3)
+	fi
+	MTU=$(echo "$line" | grep "MTU" | tr " " ",")
+	if [ ! -z "$MTU" ]; then
+		mtu=$(echo $MTU | cut -d, -f3)
+	fi
+}
+
+listenport="51280"
+dns=""
+sed -i -e "s!PrivateKey= !PrivateKey=!g" $file
+sed -i -e "s!PrivateKey=!PrivateKey = !g" $file
+sed -i -e "s!PublicKey= !PublicKey=!g" $file
+sed -i -e "s!PublicKey=!PublicKey = !g" $file
+sed -i -e "s!PresharedKey= !PresharedKey=!g" $file
+sed -i -e "s!PresharedKey=!PresharedKey = !g" $file
+sed -i -e "s!Address= !Address=!g" $file
+sed -i -e "s!Address=!Address = !g" $file
+sed -i -e "s!WGinterface=!WGinterface = !g" $file
+sed -i -e "s!WGinterface= !WGinterface = !g" $file
+sed -i -e "s!dns= !dns=!g" $file
+sed -i -e "s!dns=!dns = !g" $file
+sed -i -e "s!DNS= !DNS=!g" $file
+sed -i -e "s!DNS=!DNS = !g" $file
+sed -i -e "s!ListenPort= !ListenPort=!g" $file
+sed -i -e "s!ListenPort=!ListenPort = !g" $file
+sed -i -e "s!AllowedIPs= !AllowedIPs=!g" $file
+sed -i -e "s!AllowedIPs=!AllowedIPs = !g" $file
+sed -i -e "s!Endpoint= !Endpoint=!g" $file
+sed -i -e "s!Endpoint=!Endpoint = !g" $file
+sed -i -e "s!MTU= !MTU=!g" $file
+sed -i -e "s!MTU=!MTU = !g" $file
+
+while IFS= read -r linex
+do
+	extract "$linex"
+done < $file
+extract "$linex"
+PRK=$(echo "$endpoint" | tr ":" ",")
+endpoint=$(echo $PRK | cut -d, -f1)
+sport=$(echo $PRK | cut -d, -f2)
+if [ -z "$wginter" ]; then
+	wginter="0"
+fi
+uci delete wireguard.$name
+uci set wireguard.$name=wireguard
+uci set wireguard.$name.auto=$auto
+uci set wireguard.$name.client="1"
+uci set wireguard.$name.active="0"
+uci set wireguard.$name.privatekey="$PrivateKey"
+uci set wireguard.$name.presharedkey="$PreSharedKey"
+uci set wireguard.$name.port="$listenport"
+uci set wireguard.$name.addresses="$Address"	
+uci set wireguard.$name.dns="$dns"
+uci set wireguard.$name.wginter="$wginter"
+uci set wireguard.$name.publickey="$PublicKey"
+uci set wireguard.$name.endpoint_host="$endpoint"
+uci set wireguard.$name.ips="$allowedips"
+uci set wireguard.$name.name="$name"
+uci set wireguard.$name.sport="$sport"
+uci set wireguard.$name.mtu="$mtu"
+uci set wireguard.$name.persistent_keepalive='25'
+uci commit wireguard
+
+rm -f $file
+		

ipk-source/luci-app-GO-wireguard/root/usr/lib/wireguard/create.sh

@@ -0,0 +1,81 @@
+#!/bin/sh
+. /lib/functions.sh
+
+log() {
+	logger -t "Wireguard Conf" "$@"
+}
+
+WG=$(cat /tmp/wginst)
+
+do_create() {
+	local config=$1
+
+	config_get name $config name
+	if [ -z $name ]; then
+		name=$config
+	fi
+
+	echo "----Start Conf File for "$name" ----" >> ${PKI_DIR}/package/wg.conf
+	echo "[Interface]" >> ${PKI_DIR}/package/wg.conf
+	config_get privatekey $config privatekey
+	echo "PrivateKey = "$privatekey >> ${PKI_DIR}/package/wg.conf
+	config_get address $config address
+	echo "Address = "$address >> ${PKI_DIR}/package/wg.conf
+	config_get endpoint_port $config endpoint_port
+	if [ ! -z $endpoint_port ]; then
+		echo "ListenPort = "$endpoint_port >> ${PKI_DIR}/package/wg.conf
+	fi
+	config_get dns $config dns
+	if [ ! -z $dns ]; then
+		echo "DNS = "$dns >> ${PKI_DIR}/package/wg.conf
+	fi
+	config_get mtu $config mtu
+	if [ ! -z $mtu ]; then
+		echo "MTU = "$mtu >> ${PKI_DIR}/package/wg.conf
+	fi
+	config_get wginter $config wginter
+	if [ -z"$wginter"]; then
+		wginter=0
+	fi
+	#echo "PrivateKey = "$wginter >> ${PKI_DIR}/package/wg.conf
+	echo " " >> ${PKI_DIR}/package/wg.conf
+	echo "[Peer]" >> ${PKI_DIR}/package/wg.conf
+	PUB=$(uci get wireguard."$WG".publickey)
+	echo "PublicKey = "$PUB >> ${PKI_DIR}/package/wg.conf
+	USE=$(uci get wireguard."$WG".usepre)
+	if [ $USE = "1" ]; then
+		PRE=$(uci get wireguard."$WG".presharedkey)
+		echo "PresharedKey = "$PRE >> ${PKI_DIR}/package/wg.conf
+	fi
+	HOST=$(uci get wireguard."$WG".endpoint_host)
+	PORT=$(uci get wireguard."$WG".port)
+	if [ ! -z $PORT ]; then
+		HOST=$HOST":"$PORT
+	fi
+	echo "Endpoint = "$HOST >> ${PKI_DIR}/package/wg.conf
+	config_get allowed_ips $config allowed_ips
+	echo "AllowedIPs = "$allowed_ips >> ${PKI_DIR}/package/wg.conf
+	echo "----EndConf File for "$name" ----" >> ${PKI_DIR}/package/wg.conf
+	echo " " >> ${PKI_DIR}/package/wg.conf
+}
+
+#PKI_DIR="/tmp/wireguard"
+PKI_DIR="/www"
+#rm -rfv "$PKI_DIR"
+#mkdir -p ${PKI_DIR}
+#chmod -R 0777 ${PKI_DIR}
+cd ${PKI_DIR}
+mkdir -p package
+cd ..
+chmod -R 0777 ${PKI_DIR}/package
+#rm -rfv "/www/package"
+#ln -s ${PKI_DIR}/package /www/package
+
+
+rm -f ${PKI_DIR}/package/wg.conf
+config_load wireguard
+config_foreach do_create custom$WG
+
+cd ${PKI_DIR}/package
+
+tar -czf wgconf.tar.gz wg.conf

ipk-source/luci-app-GO-wireguard/root/usr/lib/wireguard/keygen.sh

@@ -0,0 +1,68 @@
+#!/bin/sh
+. /lib/functions.sh
+
+log() {
+	modlog "Wireguard KeyGen" "$@"
+}
+
+WG=$1
+
+ww=$(echo "$WG" | grep "https")
+if [ ! -z "$ww" ]; then
+	exit 0
+fi
+echo "$WG" > /tmp/wginst
+
+sleep 5
+
+EXST=$(uci get wireguard."$WG")
+if [ -z $EXST ]; then
+	uci set wireguard."$WG"="wireguard"
+	uci commit wireguard
+fi
+
+PRIV=$(uci get wireguard."$WG".privatekey)
+if [ -z $PRIV ]; then
+	umask u=rw,g=,o=
+	wg genkey | tee /tmp/wgserver.key | wg pubkey > /tmp/wgclient.pub
+	wg genpsk > /tmp/wg.psk
+	 
+	WG_KEY="$(cat /tmp/wgserver.key)" # private key
+	WG_PSK="$(cat /tmp/wg.psk)" # shared key
+	WG_PUB="$(cat /tmp/wgclient.pub)" # public key to be used on other end
+	rm -f /tmp/wgserver.key
+	rm -f /tmp/wg.psk
+	rm -f /tmp/wgclient.pub
+	uci set wireguard."$WG".privatekey=$WG_KEY
+	uci set wireguard."$WG".publickey=$WG_PUB
+	uci set wireguard."$WG".presharedkey=$WG_PSK
+	uci commit wireguard
+fi
+
+do_custom() {
+	local config=$1
+
+	config_get privatekey $config privatekey
+	if [ -z "$privatekey" ]; then
+		umask u=rw,g=,o=
+		wg genkey | tee /tmp/wgserver.key | wg pubkey > /tmp/wgclient.pub
+		wg genpsk > /tmp/wg.psk
+		 
+		WG_KEY="$(cat /tmp/wgserver.key)" # private key
+		WG_PSK="$(cat /tmp/wg.psk)" # shared key
+		WG_PUB="$(cat /tmp/wgclient.pub)" # public key to be used on other end
+		rm -f /tmp/wgserver.key
+		rm -f /tmp/wg.psk
+		rm -f /tmp/wgclient.pub
+				log "$WG_KEY"
+		uci set wireguard."$config".privatekey=$WG_KEY
+		uci set wireguard."$config".publickey=$WG_PUB
+		uci set wireguard."$config".presharedkey=$WG_PSK
+		uci set wireguard."$config".persistent_keepalive='25'
+		uci set wireguard."$config".route_allowed_ips='1'
+	fi
+}
+
+config_load wireguard
+config_foreach do_custom custom$WG
+uci commit wireguard

ipk-source/luci-app-GO-wireguard/root/usr/lib/wireguard/startvpn.sh

@@ -0,0 +1,327 @@
+#!/bin/sh
+. /lib/functions.sh
+
+log() {
+	logger -t "Wireguard Start" "$@"
+}
+
+WG=$1
+
+chk_zone() {
+	local config=$1
+	
+	config_get src $config src
+	config_get dest $config dest
+	if [ $src = "lan" -a $dest = "wan" ]; then
+		uci set firewall."$config".dest="wg"
+		uci commit firewall
+	fi
+}
+
+do_dns() {
+	cdns=$1
+	local ifce=$2
+	ldns=$(uci -q get network.wg$ifce.dns)
+	ex=$(echo "$ldns" | grep "$cdns")
+	if [ -z $ex ]; then
+		log "Add DNS $cdns to WG$ifce"
+		uci add_list network.wg$ifce.dns="$cdns"
+		uci commit network
+		/etc/init.d/network reload
+	fi
+}
+
+do_port() {
+	PORT=$1
+	udp=$2
+	# look for rule for this port
+	INB="inbound"$PORT$udp
+	RULE=$(uci -q get firewall.$INB)
+	if [ -z $RULE ]; then
+		uci set firewall.$INB=rule
+		uci set firewall.$INB.name=$INB
+		uci set firewall.$INB.target=ACCEPT
+		uci set firewall.$INB.src=*
+		uci set firewall.$INB.proto=$udp
+		uci set firewall.$INB.dest_port=$PORT
+		uci commit firewall
+		/etc/init.d/firewall reload
+	fi
+}
+
+do_delete() {
+	local config=$1
+	
+	uci delete network.$1
+}
+
+create_speer() {
+	local config=$1
+
+	uci set network.$config="wireguard_wg1"
+
+	config_get persistent_keepalive $config persistent_keepalive
+	uci set network.$config.persistent_keepalive="$persistent_keepalive"
+	config_get route_allowed_ips $config route_allowed_ips
+	uci set network.$config.route_allowed_ips="$route_allowed_ips"
+	config_get publickey $config publickey
+	uci set network.$config.public_key="$publickey"
+	usepre=$(uci -q get wireguard.$WG.usepre)
+	log "$usepre"
+	if [ $usepre = "1" ]; then
+		presharedkey=$(uci -q get wireguard.$WG.presharedkey)
+		log "$presharedkey"
+		uci set network.$config.preshared_key="$presharedkey"
+	fi
+	config_get allowed_ips $config allowed_ips
+	allowed_ips=$allowed_ips","
+	ips=$(echo $allowed_ips | cut -d, -f1)
+	i=1
+	while [ ! -z $ips ]
+	do
+		uci add_list network.$config.allowed_ips="$ips"
+		i=$((i+1))
+		ips=$(echo $allowed_ips | cut -d, -f$i)
+	done
+
+}
+
+create_cpeer() {
+	local config=$1
+	local ifce=$2
+	
+	uci set network.$config="wireguard_wg$ifce"
+
+	publickey=$(uci -q get wireguard."$config".publickey)
+	uci set network.$config.public_key="$publickey"
+	presharedkey=$(uci -q get wireguard."$WG".presharedkey)
+	if [ ! -z $presharedkey ]; then
+		uci set network.$config.preshared_key="$presharedkey"
+	fi
+	persistent_keepalive=$(uci -q get wireguard."$config".persistent_keepalive)
+	if [ -z $persistent_keepalive ]; then
+		persistent_keepalive=25
+	fi
+	uci set network.$config.persistent_keepalive="$persistent_keepalive"
+	route_allowed_ips=1
+	uci set network.$config.route_allowed_ips="$route_allowed_ips"
+	
+	if [ $UDP = 1 ]; then
+		endpoint_host="127.0.0.1"
+		uci set network.$config.endpoint_host="$endpoint_host"
+		sport=$(uci -q get wireguard."$config".port)
+		if [ -z $sport ]; then
+			sport="54321"
+		fi
+		uci set network.$config.endpoint_port="$sport"
+	else
+		endpoint_host=$(uci -q get wireguard."$config".endpoint_host)
+		uci set network.$config.endpoint_host="$endpoint_host"
+		sport=$(uci -q get wireguard."$config".sport)
+		if [ -z $sport ]; then
+			sport="51280"
+		fi
+		uci set network.$config.endpoint_port="$sport"
+	fi
+	
+	ips=$(uci -q get wireguard."$config".ips)","
+	cips=$(echo $ips | cut -d, -f1)
+	i=1
+	while [ ! -z $cips ]
+	do
+		uci add_list network.$config.allowed_ips="$cips"
+		i=$((i+1))
+		cips=$(echo $ips | cut -d, -f$i)
+	done
+}
+
+handle_server() {
+	config_foreach do_delete wireguard_wg1
+	
+	uci delete network.wg1
+	uci set network.wg1="interface"
+	uci set network.wg1.proto="wireguard"
+	
+	auto=$(uci -q get wireguard."$WG".auto)
+	if [ -z $auto ]; then
+		auto="0"
+	fi
+	uci set network.wg1.auto="$auto"
+	
+	port=$(uci -q get wireguard."$WG".port)
+	if [ -z $port ]; then
+		port="51280"
+	fi
+	uci set network.wg1.listen_port="$port"
+	do_port $port udp
+	
+	privatekey=$(uci -q get wireguard."$WG".privatekey)
+	uci set network.wg1.private_key="$privatekey"
+
+	ips=$(uci -q get wireguard."$WG".addresses)","
+	cips=$(echo $ips | cut -d, -f1)
+	i=1
+	while [ ! -z $cips ]
+	do
+		uci add_list network.wg1.addresses="$cips"
+		i=$((i+1))
+		cips=$(echo $ips | cut -d, -f"$i")
+		if [ -z $cips ]; then
+			break
+		fi
+	done
+	
+	config_load wireguard
+	config_foreach create_speer custom$WG
+	
+	uci commit network
+}
+
+handle_client() {
+	ifce=$1
+	config_foreach do_delete wireguard_wg$ifce
+	
+	uci delete network.wg$ifce
+	uci set network.wg$ifce="interface"
+	uci set network.wg$ifce.proto="wireguard"
+	uci set network.wg$ifce.metric="1"
+	
+	auto=$(uci -q get wireguard."$WG".auto)
+	if [ -z $auto ]; then
+		auto="0"
+	fi
+	uci set network.wg$ifce.auto="$auto"
+	mtu=$(uci -q get wireguard."$WG".mtu)
+	if [ ! -z $mtu ]; then
+		uci set network.wg$ifce.mtu="$mtu"
+	fi
+	dns=$(uci -q get wireguard."$WG".dns)
+	if [ ! -z $dns ]; then
+		do_dns $dns $ifce
+	fi
+	port=$(uci -q get wireguard."$WG".port)
+	if [ -z $port ]; then
+		port="51280"
+	fi
+	uci set network.wg$ifce.listen_port="$port"
+	do_port $port udp
+	
+	privatekey=$(uci -q get wireguard."$WG".privatekey)
+	uci set network.wg$ifce.private_key="$privatekey"
+
+	ips=$(uci -q get wireguard."$WG".addresses)","
+	cips=$(echo $ips | cut -d, -f1)
+	i=1
+	while [ ! -z "$cips" ]
+	do
+		uci add_list network.wg$ifce.addresses="$cips"
+		i=$((i+1))
+		cips=$(echo "$ips" | cut -d, -f"$i")
+		if [ -z "$cips" ]; then
+			break
+		fi
+	done
+	uci add_list network.wg$ifce.addresses="::/0"
+	
+	create_cpeer $WG $ifce
+	
+	uci commit network
+}
+
+udp_server() {
+	local config=$1
+	udpport=$(uci -q get wireguard."$WG".udpport)
+	if [ -z $udpport ]; then
+		udpport="54321"
+	fi
+	port=$(uci -q get wireguard."$WG".port)
+	if [ -z $port ]; then
+		port="54321"
+	fi
+	do_port $udpport tcp
+	udptunnel -s -v "0.0.0.0:"$udpport "127.0.0.1:"$port &
+	#log "udptunnel -s -v 0.0.0.0:$udpport 127.0.0.1:$port"
+}
+
+udp_client() {
+	local config=$1
+	port=$(uci -q get wireguard."$WG".port)
+	if [ -z $port ]; then
+		port="54321"
+	fi
+	endpoint_host=$(uci -q get wireguard.$WG.endpoint_host)
+	sport=$(uci -q get wireguard.$WG.sport)
+	if [ -z $sport ]; then
+		sport="51280"
+	fi
+	
+	udptunnel "127.0.0.1:"$port $endpoint_host":"$sport &
+	#log "udptunnel 127.0.0.1:$port $endpoint_host:$sport"
+}
+
+forward=$(uci -q get wireguard."$WG".forward)
+if [ "$forward" != "0" ]; then
+	config_load firewall
+	config_foreach chk_zone forwarding
+else
+	uci set firewall.wgwforward=forwarding
+	uci set firewall.wgwforward.dest="wan"
+	uci set firewall.wgwforward.src="wg"
+	
+	uci set firewall.wwgforward=forwarding
+	uci set firewall.wwgforward.dest="wg"
+	uci set firewall.wwgforward.src="wan"
+	
+	uci set firewall.lwgforward=forwarding
+	uci set firewall.lwgforward.dest="wg"
+	uci set firewall.lwgforward.src="lan"
+	
+	uci set firewall.wglforward=forwarding
+	uci set firewall.wglforward.dest="lan"
+	uci set firewall.wglforward.src="wg"
+	uci commit firewall
+fi
+/etc/init.d/firewall restart
+
+config_load network
+SERVE=$(uci -q get wireguard."$WG".client)
+if [ $SERVE = "0" ]; then
+	running=$(uci -q get wireguard.settings.server)
+	if [ $running = 1 ]; then
+		exit 0
+	fi
+	UDP=$(uci -q get wireguard."$WG".udptunnel)
+	if [ $UDP = 1 ]; then
+		udp_server $WG
+	fi
+	handle_server
+	uci commit network
+	ifup wg1
+	sleep 2
+	uci set wireguard.settings.server="1"
+else
+	running=$(uci -q get wireguard.settings.client)
+	log "Client running $running"
+	
+	INTER=$(uci -q get wireguard."$WG".wginter)
+	if [ -z "$INTER" ]; then
+		INTER=0
+	fi
+	UDP=$(uci -q get wireguard."$WG".udptunnel)
+	if [ $UDP = 1 ]; then
+		udp_client $WG
+	fi
+	handle_client $INTER
+	uci commit network
+	log "Start Interface"
+	ifup wg$INTER
+	sleep 2
+	uci set wireguard.settings.client="1"
+	if [ -e /usr/lib/wireguard/wiremwan3.sh ]; then
+		/usr/lib/wireguard/wiremwan3.sh start
+	fi
+fi
+
+uci set wireguard."$WG".active="1"
+uci commit wireguard
+

ipk-source/luci-app-GO-wireguard/root/usr/lib/wireguard/stopvpn.sh

@@ -0,0 +1,75 @@
+#!/bin/sh
+. /lib/functions.sh
+
+log() {
+	logger -t "Wireguard Stop" "$@"
+}
+
+chk_zone() {
+	local config=$1
+	
+	config_get src $config src
+	config_get dest $config dest
+	if [ $src = "lan" -a $dest = "wg" ]; then
+		uci set firewall."$config".dest="wan"
+		uci commit firewall
+	fi
+}
+
+WG=$1
+
+forward=$(uci -q get wireguard."$WG".forward)
+if [ "$forward" != "0" ]; then
+	config_load firewall
+	config_foreach chk_zone forwarding
+else
+	uci delete firewall.wgwforward
+	uci delete firewall.wwgforward
+	uci delete firewall.lwgforward
+	uci delete firewall.wglforward
+	uci commit firewall
+fi
+/etc/init.d/firewall restart
+
+SERVE=$(uci get wireguard."$WG".client)
+if [ $SERVE = "0" ]; then
+	ifdown wg1
+	uci set wireguard.settings.server="0"
+	uci delete network.wg1
+	uci set network.wg1=interface
+	uci set network.wg1.proto="wireguard"
+	uci set network.wg1.auto="0"
+	uci set network.wg1.private_key=""
+	uci set network.wg1.listen_port=""
+	uci add_list network.wg1.addresses=""
+	uci commit network
+else
+	INTER=$(uci -q get wireguard."$WG".wginter)
+	if [ -z "$INTER" ]; then
+		INTER=0
+	fi
+	ifdown wg$INTER
+	uci set wireguard.settings.client="0"
+	uci delete network.wg$INTER
+	uci set network.wg$INTER=interface
+	uci set network.wg$INTER.proto="wireguard"
+	uci set network.wg$INTER.auto="0"
+	uci set network.wg$INTER.private_key=""
+	uci set network.wg$INTER.listen_port=""
+	uci add_list network.wg$INTER.addresses=""
+	uci commit network
+	if [ -e /usr/lib/wireguard/wiremwan3.sh ]; then
+		/usr/lib/wireguard/wiremwan3.sh stop
+	fi
+	ifup wan
+fi
+UDP=$(uci get wireguard."$WG".udptunnel)
+if [ $UDP = 1 ]; then
+	PID=$(ps |grep "udptunnel" | grep -v grep |head -n 1 | awk '{print $1}')
+	kill -9 $PID
+fi
+
+uci set wireguard."$WG".active="0"
+uci commit wireguard
+
+/etc/init.d/wireguard stop

ipk-source/luci-app-GO-wireguard/root/usr/lib/wireguard/text.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+. /lib/functions.sh
+
+log() {
+	logger -t "Wireguard TextConf" "$@"
+}
+
+conf1=$1
+conf=$(echo $conf1)
+conf=$(echo "$conf" | tr "?" "~")
+
+boot=$(echo "$conf" | cut -d~ -f1)
+iname=$(echo "$conf" | cut -d~ -f2)
+conf=$(echo "$conf1" | tr "?" "~")
+confile=$(echo "$conf" | cut -d~ -f3)
+
+echo "$confile" > /tmp/confile
+
+/usr/lib/wireguard/conf.sh $iname /tmp/confile $boot