diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-08 16:13:25 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-09 21:31:11 +0100 |
commit | ec3db2705ca4f33b4adf1f40d655abce05e5b8ed (patch) | |
tree | 1112f8756f7e9a49a3887bfff1562c11ad7d886a /contrib/examples/wg-config/tungate | |
parent | device: traditional if is cleaner than switch for this small (diff) | |
download | wireguard-monolithic-historical-ec3db2705ca4f33b4adf1f40d655abce05e5b8ed.tar.xz wireguard-monolithic-historical-ec3db2705ca4f33b4adf1f40d655abce05e5b8ed.zip |
contrib: add wg-config
Diffstat (limited to 'contrib/examples/wg-config/tungate')
-rwxr-xr-x | contrib/examples/wg-config/tungate | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/contrib/examples/wg-config/tungate b/contrib/examples/wg-config/tungate new file mode 100755 index 0000000..b537b81 --- /dev/null +++ b/contrib/examples/wg-config/tungate @@ -0,0 +1,43 @@ +#!/bin/bash + +unwind() { + ip route del "$1/32" 2>/dev/null + exit +} + +short_route() { + ip route | sed -n "s/$1 \\(.* dev [^ ]\\+\\).*/\\1/p" | head -n 1 +} + +resolve_ip() { + local filter='/^[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}$/{p;q;}' + [[ $(sed -n "$filter" <<<"$1") == "$1" ]] && echo "$1" || + host -t a "$1" | cut -d ' ' -f 4 | sed -n "$filter" +} + +set_route() { + local default_route="$(short_route default)" + [[ -n $default_route ]] || { echo "[-] Could not determine default route"; return; } + echo "[+] Adding route for $1 to be $default_route" + ip route del "$1/32" 2>/dev/null + ip route add "$1/32" $default_route +} + +check_loop() { + local ip="$(resolve_ip "$1")" + [[ -n $ip ]] || { echo "[-] Could not determine IP of '$1'" && return 1; } + echo "[+] Making sure $ip goes over the default (non-0/1,128/1) route" + + set_route "$ip" + trap unwind INT TERM EXIT + + while read; do + [[ $(short_route "$ip") != "$(short_route default)" ]] && set_route "$ip" + done < <(exec ip monitor route) +} + +[[ $# -ne 1 ]] && { echo "Usage: $0 IP|HOST" >&2; exit 1; } +[[ $UID -ne 0 ]] && exec sudo "$(readlink -f "$0")" "$@" + +check_loop "$1" +exit $? |