diff options
Diffstat (limited to 'covpn/conf/openvpn-up.sh')
-rwxr-xr-x | covpn/conf/openvpn-up.sh | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/covpn/conf/openvpn-up.sh b/covpn/conf/openvpn-up.sh new file mode 100755 index 0000000..0f017a1 --- /dev/null +++ b/covpn/conf/openvpn-up.sh @@ -0,0 +1,47 @@ +#!/bin/sh + +# OpenVPN up.sh script, part of covpn +# Filters input from OpenVPN, usefull for checking IPs/ranges/DNS pushed by an +# OpenVPN server +# 2013 Laurent Ghigonis <laurent@gouloum.fr> + +# Reads its configuration (EXPECTED_* vars) from $covpn_conf + +# Some env vars also available: +# script_context=init +# script_type=up + +if [ ! -f $covpn_conf ]; then + echo "covpn openvpn-up.sh: ERROR: $covpn_conf not found !" + exit 99 +fi +. $covpn_conf + +dns=`echo $foreign_option_1 |cut -d' ' -f3` +if [ X"$dns" != X"" -a X"$EXPECTED_DNS" != X"disable" ]; then + echo $dns |egrep -q "^$EXPECTED_DNS$" ||exit 10 +else + dns="none" +fi +echo $dev |egrep -q "^tun[0-9]$" ||exit 11 +test $tun_mtu -gt 200 -a $tun_mtu -lt 2000 ||exit 12 +echo $ifconfig_local |egrep -q "^$EXPECTED_IP_RANGE$" ||exit 13 +echo $ifconfig_remote |egrep -q "^$EXPECTED_IP_RANGE$" ||exit 14 +echo $route_network_1 |egrep -q "^$EXPECTED_ROUTE_RANGE$" ||exit 15 +echo $route_netmask_1 |egrep -q "^$EXPECTED_ROUTE_MASK$" ||exit 16 +echo $route_network_2 |egrep -q "^$EXPECTED_GATEWAY$" ||exit 17 + +/usr/sbin/ip addr add $ifconfig_local peer $ifconfig_remote dev $dev ||exit 20 +/usr/sbin/ip link set $dev mtu $tun_mtu ||exit 21 +/usr/sbin/ip link set $dev up ||exit 22 +/usr/sbin/ip route add ${route_network_1}/${route_netmask_1} dev $dev ||exit 23 +if [ X"$openvpn_gateway" = X"1" ]; then + /usr/sbin/ip route add $remote_1 via $route_net_gateway + /usr/sbin/ip route delete default + /usr/sbin/ip route add 0/1 via $route_network_2 + /usr/sbin/ip route add 128/1 via $route_network_2 +fi +if [ $dns != "none" ]; then + cp /etc/resolv.conf /etc/resolv.conf.bak-covpn + echo "nameserver $dns" > /etc/resolv.conf ||exit 24 +fi |