An OPNsense plugin that runs actions when a gateway changes state - built to restart all WireGuard tunnels on multi-WAN failover/failback, so tunnels re-establish over the new uplink instead of staying pinned to a dead WAN.
Adds Services -> Gateway Actions with:
- Status - live gateway states, WireGuard handshakes, event history (+ clear)
- Rules - watch gateways -> trigger (any/down/up) -> action, with a delay (wait before acting) and a cooldown (rate-limit against flapping); plus a Run now button to test an action without forcing a failover
- Settings - master enable switch
Built-in action presets: restart all WireGuard tunnels, restart IPsec, restart Unbound (DNS), flush firewall states - or a custom command / configd action.
# build on the OPNsense box (FreeBSD + pkg + python3):
./build-pkg.sh 1.0.1
# install:
pkg add -f dist/os-gwactions-1.0.1.pkgThen create a rule (e.g. watch your WAN gateways -> Restart all WireGuard, cooldown 30s) and flip the master switch on.
src/- plugin files, mirroring/usr/localon the firewallbuild-pkg.sh- reproduciblepkg createbuilddist/- built packages
Note: a self-built local package shows as "(misconfigured)" in the OPNsense plugin list - that's expected and harmless (checksums/deps pass; it's just not from the official mirror).
BSD-2-Clause.