diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/db/configuration/migrate/wireguard smeserver-wireguard-1.0/root/etc/e-smith/db/configuration/migrate/wireguard
--- smeserver-wireguard-1.0.old/root/etc/e-smith/db/configuration/migrate/wireguard	2021-10-26 23:15:10.000000000 -0400
+++ smeserver-wireguard-1.0/root/etc/e-smith/db/configuration/migrate/wireguard	2021-10-27 17:28:48.614000000 -0400
@@ -18,7 +18,7 @@
 my $minimum=16; 
 my $maximum=32; 
 my $x = $minimum + int(rand($maximum - $minimum)); 
-$DB->set_prop('wg-quick@wg0', 'ip', "172.$x.0.0") ;
+$DB->set_prop('wg-quick@wg0', 'ip', "172.$x.0.1") ;
 }
 
 }
diff -Nur --no-dereference smeserver-wireguard-1.0.old/createlink smeserver-wireguard-1.0/createlink
--- smeserver-wireguard-1.0.old/createlink	2021-10-25 23:38:29.000000000 -0400
+++ smeserver-wireguard-1.0/createlink	2021-10-27 21:20:46.985000000 -0400
@@ -69,5 +69,5 @@
 ));
 
 
-
+panel_link("wireguard", "manager");
 
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/db/configuration/migrate/wireguard smeserver-wireguard-1.0/root/etc/e-smith/db/configuration/migrate/wireguard
--- smeserver-wireguard-1.0.old/root/etc/e-smith/db/configuration/migrate/wireguard	2021-10-27 21:17:33.367000000 -0400
+++ smeserver-wireguard-1.0/root/etc/e-smith/db/configuration/migrate/wireguard	2021-10-27 21:18:24.898000000 -0400
@@ -6,7 +6,7 @@
   $DB->set_prop('wg-quick@wg0', 'private', $value ) ;
 }
 # recreate public if empty or not the same
-$private=${'wg-quick@wg0'}{'private'};
+$private=$DB->get_prop('wg-quick@wg0', 'private') ;
 $public=`/usr/bin/echo $private | /usr/bin/wg pubkey`;
 chomp $public;
 if ( ! defined ${'wg-quick@wg0'}{'public'} ||  ${'wg-quick@wg0'}{'public'} ne $public) {
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard
--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard	1969-12-31 19:00:00.000000000 -0500
+++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/49-koozali.preset/70wireguard	2021-06-28 03:17:15.000000000 -0400
@@ -0,0 +1,12 @@
+# wireguard specific configuration
+{
+$wg = $wireguard{status} || 'disabled';
+$wg0 = ${'wg-quick@wg0'}{status} || 'disabled';
+if ($wg0 eq 'enabled') {
+        $OUT .= "enable wg-quick\@wg0.service\n";
+} else {
+        $OUT .= "disable wg-quick\@wg0.service\n";
+}
+
+}
+
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard
--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard	2021-06-28 03:17:15.000000000 -0400
+++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/systemd/system-preset/70wireguard	1969-12-31 19:00:00.000000000 -0500
@@ -1,12 +0,0 @@
-# wireguard specific configuration
-{
-$wg = $wireguard{status} || 'disabled';
-$wg0 = ${'wg-quick@wg0'}{status} || 'disabled';
-if ($wg0 eq 'enabled') {
-        $OUT .= "enable wg-quick\@wg0.service\n";
-} else {
-        $OUT .= "disable wg-quick\@wg0.service\n";
-}
-
-}
-
diff -Nur --no-dereference smeserver-wireguard-1.0.old/createlink smeserver-wireguard-1.0/createlink
--- smeserver-wireguard-1.0.old/createlink	2021-10-27 21:37:41.284000000 -0400
+++ smeserver-wireguard-1.0/createlink	2021-10-27 21:38:21.164000000 -0400
@@ -33,7 +33,7 @@
       ));
 event_services($event, qw(
   masq restart
-  'wg-quick@wg0' restart
+  wg-quick@wg0 restart
   ));
 event_link("wireguard-network", $event, "30");
 
@@ -44,7 +44,7 @@
   /etc/wireguard/server_public.key
 ));
 event_services($event, qw(
-  'wg-quick@wg0' restart
+  wg-quick@wg0 restart
 ));
 
 #wireguard-user-create
@@ -65,7 +65,7 @@
   /etc/wireguard/server_public.key
 ));
 event_services($event, qw(
-  'wg-quick@wg0' restart
+  wg-quick@wg0 restart
 ));
 
 
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard smeserver-wireguard-1.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard
--- smeserver-wireguard-1.0.old/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard	2021-10-26 23:15:11.000000000 -0400
+++ smeserver-wireguard-1.0/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/wireguard	2021-10-27 21:41:45.296000000 -0400
@@ -239,6 +239,10 @@
    <trans>You can not alter the server ip, mask, private and public key as there are already some clients configured.</trans>
   </entry>
 
+  <entry>
+   <base>NO_CONF</base>
+   <trans>No configured client</trans>
+  </entry>
 
 
 </lexicon>
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface
--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface	2021-06-28 04:41:57.000000000 -0400
+++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/10interface	2021-10-27 17:41:12.223000000 -0400
@@ -4,7 +4,6 @@
 PrivateKey = {${'wg-quick@wg0'}{private}}
 
 # this should be added to masq with correct interfaces
-#eth0 should be rempalced by external interface if available or internal
-#PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
-#PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
+PostUp = iptables -I FORWARD -i %i -j ACCEPT; iptables -I FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o {$outernet = ($SystemMode eq "serveronly") ? $InternalInterface{Name} : $ExternalInterface{Name}; return $InternalInterface{Name} } -j MASQUERADE
+PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o {$outernet = ($SystemMode eq "serveronly") ? $InternalInterface{Name} : $ExternalInterface{Name}; return $InternalInterface{Name} } -j MASQUERADE
 
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers
--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers	2021-06-28 04:46:01.000000000 -0400
+++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/50usersPeers	2021-10-27 17:41:12.429000000 -0400
@@ -1,33 +1,36 @@
 {
-$OUT = "";
+use esmith::AccountsDB;
 
-return;
-my $wg =  esmith::ConfigDB->open_ro('/etc/e-smith/db/wireguard') or return "#no peers";
-# for each user
+my $wg =  esmith::ConfigDB->open_ro('/home/e-smith/db/wireguard');
 my $accounts = esmith::AccountsDB->open_ro;
-for my $user ( $accounts->get_all_by_prop(type => 'wg0') ) {
+
+# for each user
+my @users = ( $accounts->users );
+push(@users, $accounts->get('admin'));
+for my $user ( @users ) {
   my $username = $user->key;
+  my $count = 0;
   for my $cnx ( $wg->get_all_by_prop(user => $username) ) {
+     $count++;
      my $public = $cnx->prop('public');
-     my $ip = $cnx->prop('ip');
+     my $ip = $cnx->key; 
      my $info = $cnx->prop('info');
+     my $status = $cnx->prop('status') || "enabled";
+     if ( $status eq "disabled" ) {
+	$OUT .= "\n# $username : $info DISABLED (PublicKey = $public ; AllowedIPs = $ip)\n";
+	next;
+     }
 
-# wireguard
-#private;public;ips;info#private;public;ips;info
-#private and public is base64 : +/= could be in it
-#ips can be v4 or v6 with subnet ./:,
-#info could have letters, digit and space
-# to separate multiple #
-
-    $OUT .= "
+     $OUT .= "
 [Peer]
 # $username : $info
 PublicKey = $public
 AllowedIPs = $ip\n";
-  }
 
+
+  } 
+  $OUT .= "# no entry for user $username\n" if $count <1;
 }
 
 
 }
-
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers
--- smeserver-wireguard-1.0.old/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers	2021-06-08 03:56:43.000000000 -0400
+++ smeserver-wireguard-1.0/root/etc/e-smith/templates/etc/wireguard/wg0.conf/60serversPeers	1969-12-31 19:00:00.000000000 -0500
@@ -1,3 +0,0 @@
-
-#TODO
-