The innernet

Not a type. Innernet is an open source product for managing a community of wireguard peers.
‘Think of innernet as an opinionated configuration system on top of WireGuard that comes with some added features to make life easy, and is friendly with various sizes of networks: one for your organization, one for your project, one for your social circle to create an idealistic alternate internet universe — your imagination’s the limit.’
innernet establishes three main primitives in defining your network:
– Peers: machines on the network, – CIDRs: peer groups based on IP blocks, and – Associations: connections between CIDRs for access control.

OpenWrt Firewall Logging , single rule

You can enable logging for a single firewall rule. Reasons could be just to verify things are working as part of trouble shooting or you have some specific access to monitor. In this example all outbound traffic is allowed, but we add a specific rule for logging destination port 8443.
Here is the rule we add:

config rule
        option name 'FW  LOG TEST'
        option src 'lan'
        option proto 'tcp'
        option dest_port '8443'
        option target 'ACCEPT'
        option family 'ipv4'
        option log 'Firewall Log to port 8443'
        option dest 'vpn'

Then reload the firewall.
/etc/init.d/firewall reload

Next we visit a web site to test traffic to the rule.

Now, check the log.
logread -f

Sat Apr 15 17:21:11 2023 kern.warn kernel: [ 2533.394182] FW LOG TEST: IN=br-lan OUT=wg0 MAC=60:32:b1:2f:36:c2:74:70:fd:d0:fd:3b:08:00 SRC= DST= LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=54038 DF PROTO=TCP SPT=42292 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0
Sat Apr 15 17:21:11 2023 kern.warn kernel: [ 2533.505185] FW LOG TEST: IN=br-lan OUT=wg0 MAC=60:32:b1:2f:36:c2:74:70:fd:d0:fd:3b:08:00 SRC= DST= LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=3981 DF PROTO=TCP SPT=42302 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0

You see that we have logs with DPT=8443. The name from our rule is included in the log. You can change that by putting a text string in the option log config. It looks like this (note extra space at the end):
option log 'Firewall Log outbound to port 8443 '

Discuss it on the OpenWrt forum.

Or, check out the traffic logging doc.

Openwrt, access environment variables in CGI script

Save the below content to /www/cgi-bin/test.cgi Then access the URL You should see the environment vars.
These could be used in your script for logic.
You can take it a step further and add parameters to the get request and then parse them out of QUERY_STRING. Something like:
echo "Content-type: text/html"
echo ""
echo "<HTML><HEAD><TITLE>CGI Environment</TITLE></HEAD>"
echo "<BODY>"
echo "<pre>"
echo "</pre>"
echo "</BODY></HTML>"

Discuss on the OpenWrt forums:  Uhttpd environment/CGI variables

New Tools from Cloud DNS

– DNS tool – It can check the DNS records for a specific host and the speed of DNS queries. Also, it can create a detailed audit, which can be shared easily! And best of all – it is absolutely Free – Check it out <> ! – SPF generator – Using it, you can create your SPF records easily, even if you have no technical knowledge. It is intuitive to work with and of course, Free to use – Test it <> !