James8078 5 Posted January 24 Report Share Posted January 24 2 minutes ago, 19807409 said: This post made my day today 💥💥💥 🤣 Yes, thats a screenshot and they are clickable in the original post. You have to be logged in for ability to download it, you should see it like in a screenshot which you tried to click in hope to be download links IM logged yes, and here what it is when I click on the original post  Quote Link to post Share on other sites
19807409 32 Posted January 24 Author Report Share Posted January 24 4 minutes ago, James8078 said: IM logged yes, and here what it is when I click on the original post  I sent it over email, gpg encrypted, check your email Quote Link to post Share on other sites
19807409 32 Posted January 24 Author Report Share Posted January 24 6 minutes ago, James8078 said: IM logged yes, and here what it is when I click on the original post  @Support by definition, I would claim my attachment got silent banned as I clearly downloaded it and can see it, would be good if that is clarified, I would not attach a file if I could post that script as codebox which does not work due to forum claiming it has something invalid like u na m e command which if written immediately block/bans the post Quote Link to post Share on other sites
James8078 5 Posted January 24 Report Share Posted January 24 17 minutes ago, 19807409 said: I sent it over email, gpg encrypted, check your email btw. no email received. you sent to : nixxxxxxr78 @ g ma il ? Quote Link to post Share on other sites
19807409 32 Posted January 24 Author Report Share Posted January 24 8 minutes ago, James8078 said: btw. no email received. you sent to : nixxxxxxr78 @ g ma il ? Check in about 10-30 minutes again if you do not see it, I replied to your email, must be right. Quote Link to post Share on other sites
James8078 5 Posted January 24 Report Share Posted January 24 12 hours ago, 19807409 said: I already explained it in several posts. I do not know what and why you build and with which settings, for that help you should go to openwrt, once again, I suggest and suggested you to use snapshot images and not to compile. You probably added luci modified, but again, this would be fully offtopic here to talk/explain about how to build openwrt images, especially as it is done daily and found under snapshots as well as those online are upgradeable and your compiled is not compatible to them.  I posted you links to sysupgrade but your questions tell me that you did not read it which you should do. Sysupgrade documentation explains you all what I write and wrote in details and by that I feel it is a waste of time to explain what is written there if one can read it up. Read and run this script (upgradefw-wrt3200acm.zip in the attachment) and inspect it and how it works and what it does. It will flash your router. Before you run it, add tginstall, opkg backup script and other things which you might need to /etc/sysupgrade.conf # if this script IS NOT available after reboot, then delete comment sign, if it is available, leave it as it is or delete # /etc/profile.d/opkg.sh # torguard and tgapi /etc/torguard/ /etc/config/torguard /etc/init.d/tgapi /usr/bin/tgapitest /usr/bin/tginit /usr/bin/tgsetup /usr/bin/tginit-uci-basic /usr/bin/tguninstall /usr/bin/tgfunctions /usr/bin/tginstall /usr/bin/tgupgrade # root folder /root/ save upgradefw on your router, lets say as /root/bin/upgradefw. It will create restore script in /root/bin/restore (that is why I included /root in sysupgrade.conf) /root/bin/upgradefw and make it executable with chmod +x /root/bin/upgradefw Thats it, now you can upgrade only firmware and then manually restore. In my example, I run those commands from my notebook, this is just a scratch, as example, you can add a check for when your device gets up so that waiting 240 seconds can be skipped and done automatically: #!/bin/sh LOG="upgradefw.log" ROUTERIP="IPOFYOURROUTER" ssh [email protected]${ROUTERIP} "/root/bin/upgradefw" | tee ${LOG}; echo "Wait 240 seconds until router reboots" && sleep 240 && ssh [email protected]${ROUTERIP} "/root/bin/restore" | tee -a ${LOG} echo "firmware upgrade finished"  There are also other ways of how one can keep automated upgrade but I will get not deeper into it in this thread as it is fully offtopic here, we already slide too much away from wireguard on openwrt away. If you go and read sysupgrade documentation you will know much more about it and different options. PS: I tested and did run the script on archer-c5v1, it should work with any openwrt, just edit the script var in the header of upgradefw. I do not have wrt3200acm and can not test it. upgradefw-wrt3200acm.zipUnavailable upgrade-and-restore.log-archer-c5v1-snapshot.zipUnavailable .....  [email protected]:~# chmod +x /root/bin/upgradefw chmod: /root/bin/upgradefw: No such file or directory  and yet...... :  Quote Link to post Share on other sites
19807409 32 Posted January 24 Author Report Share Posted January 24 32 minutes ago, James8078 said: .....  [email protected]:~# chmod +x /root/bin/upgradefw chmod: /root/bin/upgradefw: No such file or directory  and yet...... :   Well, pay a little bit attention in reading, will spare you time asking obvious things. Your screenshot shows that you copied it to: /bin  instead, not sure why you again did not follow instructions/guide, as you should copy it to: /root/bin  The reason why chmod gives the error is correct, there is no file. If you do not have bin folder in /root folder, then create it: mkdir /root/bin  You could run it from /bin folder too if you want, but according to my post above, change in sysupgrade.conf's entry /root/ to /bin/upgradefw and run chmod +x /bin/upgradefw /root folder is simply home folder of root user. 1 Quote Link to post Share on other sites
19807409 32 Posted January 24 Author Report Share Posted January 24 one additional note about if you use different locations etc.., if as example you for some reason want to use /bin/upgradefw, then you need to edit this part: create restore script if it does not exist in /root/bin folder which is backed up if [ ! -f /root/bin/restore ]; then cat <<"EOF_restore" | tee /root/bin/restore #!/bin/sh echo "Load /etc/profile.d/opkg.sh" . /etc/profile.d/opkg.sh opkg update opkg_restore EOF_restore chmod +x /root/bin/restore fi  to: create restore script if it does not exist in /root/bin folder which is backed up if [ ! -f /bin/restore ]; then cat <<"EOF_restore" | tee /bin/restore #!/bin/sh echo "Load /etc/profile.d/opkg.sh" . /etc/profile.d/opkg.sh opkg update opkg_restore EOF_restore chmod +x /bin/restore fi  just make sure you changed all /root/bin occurencies to /bin in script if you want to enforce other location than one which I wrote for the example script Quote Link to post Share on other sites
James8078 5 Posted January 25 Report Share Posted January 25 good, I did it, it seems everyhting works great and a log has been created in /root, : upgradefw.log but it is empty ...  Btw, wireguard was up after reboot.  Quote Link to post Share on other sites
19807409 32 Posted January 25 Author Report Share Posted January 25 10 hours ago, James8078 said: good, I did it, it seems everyhting works great and a log has been created in /root, : upgradefw.log but it is empty ... it means you did run it from the device, in my example I run those commands over ssh on my pc, where upgradefw.log is then on my notebook (not in root. The script has this commented, if you use it in any other way, then adapt settings, here is header comment from script: # How to use/upgrade from another pc: # ssh [email protected] "/root/bin/upgradefw" | tee upgradefw.log; # echo "Wait 240 seconds until router reboots"; sleep 240; # ssh [email protected] "/root/bin/restore" | tee -a upgradefw.log  10 hours ago, James8078 said: Btw, wireguard was up after reboot. This means that flash and restore worked, congrats. Quote Link to post Share on other sites
James8078 5 Posted January 26 Report Share Posted January 26 when I upgrade build, after rebooting tgapi is disabled in startup initscript.. normal? Quote Link to post Share on other sites
19807409 32 Posted January 26 Author Report Share Posted January 26 2 hours ago, James8078 said: when I upgrade build, after rebooting tgapi is disabled in startup initscript.. normal?  yes. Yesterday I explained it in separate post, read please once again: #!/bin/sh LOG="upgradefw.log" ROUTERIP="IPOFYOURROUTER" ssh [email protected]${ROUTERIP} "/root/bin/upgradefw" | tee ${LOG}; echo "Wait 240 seconds until router reboots" && sleep 240 && ssh [email protected]${ROUTERIP} "/root/bin/restore" | tee -a ${LOG} echo "Run Torguard api on router to make sure that settings are valid" ssh [email protected]${ROUTERIP} "/etc/init.d/tgapi enable;/etc/init.d/tgapi restart" | tee -a ${LOG} echo "firmware upgrade finished" echo "Reboot your router" ssh [email protected]${ROUTERIP} "reboot -f" | tee -a ${LOG}  Quote Link to post Share on other sites
James8078 5 Posted January 27 Report Share Posted January 27 @19807409 EDIT : on my other router, still working ) script +tginstall hi, have there been any changes in your script? I installed the script on a another router and in log, it is pretty weird, look the public key , it is a non sense, I restart from scratch 3x.. everytime the same result. Im gonna reset the router and restart to be sure. Make init script executable: /etc/init.d/tgapi Public key: 1611719983390 Peer server: 500 IP Addresses: Internal Server Error Allowd IPs: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1 DNS1: /api/v1/setup} DNS2: Endpoint host: Endpoint Port: Expiration date epoch: create new wireguard interface with torguards server: 173.244.200.119:1443 add new network interface (torguard wireguard interface) cfg066d96 rename new interface to: wg0 set new interface's proto: wireguard set new interface's private key: 2LJIwm4njMnbZ+FMO7PzXXXXXXXXXXXXXXXXXXXXElA7CMKeaGg= set new interface's listen port: 51820 set new interface's addresses: Internal Server Error set new interface's MTU (default 1420): 1420 set new interface's fwmark (default 0xFE): 0xfe use of builtin IPv6-management (disabled by default, 0): 0 set new interface's nohostrouter (disabled by default, 0): 0 add wireguard peer wg0 cfg0796fc add wireguard peer wg0 description: wg0 (TorGuard) add wireguard peer wg0 public key: 1611719983390 add wireguard peer wg0 allowed ip's: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1 add wireguard peer wg0 Endpoint host: add wireguard peer wg0 Endpoint port: add wireguard peer wg0 Keepalive: 25 add wireguard peer wg0 Route allowed ip's: 1 commit network ... Add created wireguard interface to lan zone (this will overwrite any other [email protected][0].network setting, please recheck if using non default settings) 'radio1' is disabled TGINIT - RESULTS Show Network inteface: wg0 network.wg0=interface network.wg0.proto='wireguard' network.wg0.private_key='2LJIwm4njMnbZ+FMO7PXXXXXXXXXX7CMKeaGg=' network.wg0.listen_port='51820' network.wg0.addresses='Internal Server Error' network.wg0.mtu='1420' network.wg0.fwmark='0xfe' network.wg0.delegate='0' network.wg0.nohostroute='0' network.cfg0796fc=wireguard_wg0 network.cfg0796fc.description='wg0 (TorGuard)' network.cfg0796fc.public_key='1611719983390' network.cfg0796fc.allowed_ips='Can not add peer with public key '\''zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg='\'' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1' network.cfg0796fc.persistent_keepalive='25' network.cfg0796fc.route_allowed_ips='1' wait 10 seconds before checking for current IP... IP ADDRESS - 24XXXXXX.3 Torguard wireguard initialization finished, please reboot to complete install speedperf: no apifix: enabled apifixtimeout: 1d Enable apifixtimeout service: yes tgapi status: running tginstall script finished ### â„¹ï¸ How to FAQ - Torguard wireguard server ### How to show your configs - Show full torguard config: uci show torguard - Show only default server: uci show [email protected]_tg0[0] How to set your configs - Set/edit/change server: uci set [email protected]_tg0[0].endpoint_host='173.244.200.119' - Set/edit/change description: uci set [email protected]_tg0[0].description='wg0 (TorGuard)' - Set/edit/change allowed ips: uci set [email protected]_tg0[0].allowed_ips='0.0.0.0/0' - Set/edit/change endpoint port: uci set [email protected]_tg0[0].endpoint_port='1443' - Set/edit/change keepalive: uci set [email protected]_tg0[0].persistent_keepalive='25' - Set/edit/change route allowed ip's: uci set [email protected]  Quote Link to post Share on other sites
19807409 32 Posted January 27 Author Report Share Posted January 27 2 hours ago, James8078 said: @19807409 EDIT : on my other router, still working ) script +tginstall hi, have there been any changes in your script? I installed the script on a another router and in log, it is pretty weird, look the public key , it is a non sense, I restart from scratch 3x.. everytime the same result. Im gonna reset the router and restart to be sure. Make init script executable: /etc/init.d/tgapi Public key: 1611719983390 Peer server: 500 IP Addresses: Internal Server Error Allowd IPs: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1 DNS1: /api/v1/setup} DNS2: Endpoint host: Endpoint Port: Expiration date epoch: create new wireguard interface with torguards server: 173.244.200.119:1443 add new network interface (torguard wireguard interface) cfg066d96 rename new interface to: wg0 set new interface's proto: wireguard set new interface's private key: 2LJIwm4njMnbZ+FMO7PzXXXXXXXXXXXXXXXXXXXXElA7CMKeaGg= set new interface's listen port: 51820 set new interface's addresses: Internal Server Error set new interface's MTU (default 1420): 1420 set new interface's fwmark (default 0xFE): 0xfe use of builtin IPv6-management (disabled by default, 0): 0 set new interface's nohostrouter (disabled by default, 0): 0 add wireguard peer wg0 cfg0796fc add wireguard peer wg0 description: wg0 (TorGuard) add wireguard peer wg0 public key: 1611719983390 add wireguard peer wg0 allowed ip's: Can not add peer with public key 'zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1 add wireguard peer wg0 Endpoint host: add wireguard peer wg0 Endpoint port: add wireguard peer wg0 Keepalive: 25 add wireguard peer wg0 Route allowed ip's: 1 commit network ... Add created wireguard interface to lan zone (this will overwrite any other [email protected][0].network setting, please recheck if using non default settings) 'radio1' is disabled TGINIT - RESULTS Show Network inteface: wg0 network.wg0=interface network.wg0.proto='wireguard' network.wg0.private_key='2LJIwm4njMnbZ+FMO7PXXXXXXXXXX7CMKeaGg=' network.wg0.listen_port='51820' network.wg0.addresses='Internal Server Error' network.wg0.mtu='1420' network.wg0.fwmark='0xfe' network.wg0.delegate='0' network.wg0.nohostroute='0' network.cfg0796fc=wireguard_wg0 network.cfg0796fc.description='wg0 (TorGuard)' network.cfg0796fc.public_key='1611719983390' network.cfg0796fc.allowed_ips='Can not add peer with public key '\''zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg='\'' and IP 10.13.46.145/32. /usr/bin/wg returned with exit value 1' network.cfg0796fc.persistent_keepalive='25' network.cfg0796fc.route_allowed_ips='1' wait 10 seconds before checking for current IP... IP ADDRESS - 24XXXXXX.3 Torguard wireguard initialization finished, please reboot to complete install speedperf: no apifix: enabled apifixtimeout: 1d Enable apifixtimeout service: yes tgapi status: running tginstall script finished ### â„¹ï¸ How to FAQ - Torguard wireguard server ### How to show your configs - Show full torguard config: uci show torguard - Show only default server: uci show [email protected]_tg0[0] How to set your configs - Set/edit/change server: uci set [email protected]_tg0[0].endpoint_host='173.244.200.119' - Set/edit/change description: uci set [email protected]_tg0[0].description='wg0 (TorGuard)' - Set/edit/change allowed ips: uci set [email protected]_tg0[0].allowed_ips='0.0.0.0/0' - Set/edit/change endpoint port: uci set [email protected]_tg0[0].endpoint_port='1443' - Set/edit/change keepalive: uci set [email protected]_tg0[0].persistent_keepalive='25' - Set/edit/change route allowed ip's: uci set [email protected]  your log clearly tells me that your router is not online, you have again no internet connection and you need to have working internet connection for scripts to work. Quote Link to post Share on other sites
19807409 32 Posted January 27 Author Report Share Posted January 27 or, if you are online, then your public key (has special signs: zr5NyAAXu6ZPkHIJyTnH13J1Zqyfh L VdcMwfYUZVg=), encode it here: https://convertstring.com/EncodeDecode/UrlEncode then save the result and rerun tginstall # set your public key uci set [email protected]_tg0[0].wgapipubkey="YOURURLENCODEDPUBLICKEY" uci commit torguard # run tginstall tginstall  Quote Link to post Share on other sites
James8078 5 Posted January 27 Report Share Posted January 27 5 minutes ago, 19807409 said: your log clearly tells me that your router is not online, you have again no internet connection and you need to have working internet connection for scripts to work. I will test later, but I always check if im online... so I'll let you know Quote Link to post Share on other sites
19807409 32 Posted January 27 Author Report Share Posted January 27 Just now, James8078 said: I will test later, but I always check if im online... so I'll let you know Probably its your public key, check my previous post Quote Link to post Share on other sites
James8078 5 Posted February 23 Report Share Posted February 23 @19807409 hi, these days I have some problems with the script, it woeked very well but dont know why, now I can run it 10x and nothing happens, sometimes, the interface is created sometimes not, sometimes the interface is just complete at 50%  and I can run the script 3-4 times and there is no wireguard interface created.. (and yes Im online 😉 )  thanks  (and it works, but I have to run it many times....)  e number: 0 do not create host routes to peers: 0 UDP port for out-/incoming packets: 51820 Maximum Transmission Unit of tunnel: 1420 32-bit mark for outgoing packets: 0xFE Seconds between keep alive messages: 25 Use builtin IPv6-management: 0 Route allowed IPs: 1 TorGuard firewall zone: 1 TorGuard wireguard private key: API Fix /usr/bin/tgapitest API Fix timeout 1d Sevice file path /etc/init.d/tgapi TorGuard Server List: 173.244.200.119:1443 --- uci: Entry not found create new private and public keys... genwgkey... generating private key ... OK: WGR1XXXXXXXXXXXXXXXXXXXXXXXXXXXXvlF0= createwgpubkey... generating public key ... OK: weo6fqT8EIzHm5qtHhrdmb66u/FtGKVPCA0oWcHjcXQ= set vars for server for ip: 173.244.200.119:1443 ... PORT: 51820 FWMARK: fe Wireguard interface number: 0 Description: wg0 (TorGuard) Firewall zone: wan wan6 Endpoint host: 173.244.200.119 Endpoint port: 1443 delete wireguard interface with same name... (173.244.200.119:1443) delete existing default peer 0 and commit changes... uci: Entry not found delete existing wireguard interface and commit changes... uci: Entry not found restart network... 'radio2' is disabled curl: (6) Couldn't resolve host 'updates.torguard.biz' create new private and public keys... genwgkey... generating private key ... OK: 2LzjAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXY= createwgpubkey... generating public key ... OK: T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8= USED PUBLIC AND API KEYS: Private: 2LzjAlv0QpXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXkY= Public: T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8= API Public key:T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8= API: https://NXXXXXX:[email protected]:1443/api/v1/setup?public-key=T2/zOatt+8k5ATckJiz6NqjTbQaye8Adfv89M5RIOA8= % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- 0:01:26 --:--:--  Quote Link to post Share on other sites
19807409 32 Posted March 5 Author Report Share Posted March 5 @James8078 sorry for late reply and thanks for reporting. I am quite busy with life and work and could not find time to check this forum, hope you are well. If your issue is already resolved, then ignore following: as far as I can see, curl tries to resolve updates.torguard.biz and you get a reply that updates.torguard.biz can not be resolved as well as few uci not found commands. On my routers it still works and have no issues at, check if you changed something on your router which might have caused this. Would be good if you could create an issue on github as it makes it easier to track and fix existing issues for me. 1 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.