[FR]: Show Wireguard client state (online/offline)

[davidgdlt]

Describe the new feature or enhancement idea

Currently for each client we have a switch where (among other things) we can track its state, understanding state as whether wireguard (and possibly other VPN servers) accepts connections for that particular client / with its associated credentials.

What we don't have (that I can see) is whether there is an active connection associated with the client, ie. what we see in the wireguard widget represented as a green/red coloured network icon.

We could also track the number of active connections associated withe a server, which is also available in the widget at the top, eg. Tunnels: 4 | Online: 1 | Offline: 3

This would be great to have to, for example, trigger HA automations (eg. notifications) based on new active connections to the VPN.

Thanks in advance

Will you be building this?

• I intend to submit a PR to implement this

Additional Details

No response

[Snuffy2]

Wireguard is stateless so there isn't exactly a great definition of connected or not. However, I never even enabled the OPNsense Wireguard Widget since they went to the new version. That's a great pointer/suggestion.

Looking at their code, it looks like they count a Wireguard client as online if the last handshake was <3 min ago. I could duplicate that logic if that sounds good.

https://github.com/opnsense/core/blob/8e41be2ebe8b53d59fded39d289c5d73822c8083/src/opnsense/www/js/widgets/Wireguard.js#L89

Now to see how they are counting OpenVPN clients and may replicate that as well ....

[davidgdlt]

That matches what I've seen in the widget. When a client connects the UI shows it immediately as connected but when it disconnects then it takes a few minutes to change (turns out that 3 minutes as per your findings).

Replicating the same behaviour for the sensor makes a lot of sense. As you pointed out, due to its stateless nature it's the best we can have.

Thanks for looking into this!