allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

run: Handle NAT routes dynamically

Browse Source 
* Handle the NAT routes dynamically
* Stop caring about backwards compatibility for now
This commit is contained in:
Kyle Manna 2014-07-05 21:39:50 -07:00
parent 6ca11162a5
commit 3b13cf9918
1 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
bin/ovpn_run
View File

@ -1,4 +1,4 @@
#!/bin/sh #!/bin/bash
# #
# Run the OpenVPN server normally # Run the OpenVPN server normally
@ -6,6 +6,8 @@
set -ex set -ex
source "$OPENVPN/ovpn_env.sh"
mkdir -p /dev/net mkdir -p /dev/net
if [ ! -c /dev/net/tun ]; then if [ ! -c /dev/net/tun ]; then
mknod /dev/net/tun c 10 200 mknod /dev/net/tun c 10 200
@ -15,14 +17,15 @@ if [ ! -d "$OPENVPN/ccd" ]; then
mkdir -p /etc/openvpn/ccd mkdir -p /etc/openvpn/ccd
fi fi
# Static subnet # Setup NAT forwarding if requested
iptables -t nat -A POSTROUTING -s 192.168.254.0/24 -o eth0 -j MASQUERADE if [ "$OVPN_DEFROUTE" != "0" ];then
# Dynamic subnet iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.255.0/24 -o eth0 -j MASQUERADE
for i in ${OVPN_ROUTES[@]}; do
iptables -t nat -A POSTROUTING -s $i -o eth0 -j MASQUERADE
done
fi
conf="$OPENVPN/openvpn.conf" conf="$OPENVPN/openvpn.conf"
# TODO Remove after we stop caring about backwards compatibility
[ ! -s "$conf" ] && conf="$OPENVPN/udp1194.conf"
openvpn --config "$conf" openvpn --config "$conf"