From 3b13cf99183a6f82f6260544db672baf049b41b8 Mon Sep 17 00:00:00 2001
From: Kyle Manna <kyle@kylemanna.com>
Date: Sat, 5 Jul 2014 21:39:50 -0700
Subject: [PATCH] run: Handle NAT routes dynamically

* Handle the NAT routes dynamically
* Stop caring about backwards compatibility for now
---
 bin/ovpn_run | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/bin/ovpn_run b/bin/ovpn_run
index 4ff492f..6c92c40 100755
--- a/bin/ovpn_run
+++ b/bin/ovpn_run
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 #
 # Run the OpenVPN server normally
@@ -6,6 +6,8 @@
 
 set -ex
 
+source "$OPENVPN/ovpn_env.sh"
+
 mkdir -p /dev/net
 if [ ! -c /dev/net/tun ]; then
     mknod /dev/net/tun c 10 200
@@ -15,14 +17,15 @@ if [ ! -d "$OPENVPN/ccd" ]; then
     mkdir -p /etc/openvpn/ccd
 fi
 
-# Static subnet
-iptables -t nat -A POSTROUTING -s 192.168.254.0/24 -o eth0 -j MASQUERADE
-# Dynamic subnet
-iptables -t nat -A POSTROUTING -s 192.168.255.0/24 -o eth0 -j MASQUERADE
+# Setup NAT forwarding if requested
+if [ "$OVPN_DEFROUTE" != "0" ];then
+    iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE
+
+    for i in ${OVPN_ROUTES[@]}; do
+        iptables -t nat -A POSTROUTING -s $i -o eth0 -j MASQUERADE
+    done
+fi
 
 conf="$OPENVPN/openvpn.conf"
 
-# TODO Remove after we stop caring about backwards compatibility
-[ ! -s "$conf" ] && conf="$OPENVPN/udp1194.conf"
-
 openvpn --config "$conf"