this post was submitted on 15 Nov 2024
11 points (86.7% liked)

Linux

8522 readers
257 users here now

Welcome to c/linux!

Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!

Rules:

  1. Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.

  2. Be respectful: Treat fellow community members with respect and courtesy.

  3. Quality over quantity: Share informative and thought-provoking content.

  4. No spam or self-promotion: Avoid excessive self-promotion or spamming.

  5. No NSFW adult content

  6. Follow general lemmy guidelines.

founded 2 years ago
MODERATORS
 

I am building a Wireguard tool for myself and I would like to receive events when a peer connects or disconnects. Does someone know if this is possible through some kernel API or EBPF?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 2 points 2 months ago (1 children)

Aren't the keep-alive settings declared in the connection itself? Or are you saying some clients may not respect that?

If OP controls both endpoints, it may be easier, but still: I know of no Wireguard implementation that provides hooks for something like this.

Their best bet is probably their own SYN/ACK client-server solution - a dead-man's switch, separate from Wireguard but connected only over that interface.

[โ€“] [email protected] 2 points 2 months ago

Persistent keep alive is configured per connection by all peers (server and client typically). As I understand it, Wireguard's peer-based architecture will let both client and server peers define an optional persistent keep alive timer in order to send heartbeat packets on interval. Otherwise Wireguard on either peer may keep opening and closing connections for inactivity (or get its connections forcefully closed externally) if traffic isn't being regularly sent. This can occur even though the network interfaces for Wireguard on both communicating peers remain up.

I do agree that running some kind of health-check handshake service over the Wireguard tunnel is an easy enough way to periodically check the state of the connection between peers.