Add openvpn.conf gerneration -f fragment directive option
This commit is contained in:
parent
ed51116fb6
commit
74bfad0aac
@ -51,6 +51,7 @@ usage() {
|
|||||||
echo " -a Authenticate packets with HMAC using the given message digest algorithm (auth)."
|
echo " -a Authenticate packets with HMAC using the given message digest algorithm (auth)."
|
||||||
echo " -z Enable comp-lzo compression."
|
echo " -z Enable comp-lzo compression."
|
||||||
echo " -2 Enable two factor authentication using Google Authenticator."
|
echo " -2 Enable two factor authentication using Google Authenticator."
|
||||||
|
echo " -f Set the fragment directive."
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ "$DEBUG" == "1" ]; then
|
if [ "$DEBUG" == "1" ]; then
|
||||||
@ -80,7 +81,7 @@ OVPN_AUTH=''
|
|||||||
[ -r "$OVPN_ENV" ] && source "$OVPN_ENV"
|
[ -r "$OVPN_ENV" ] && source "$OVPN_ENV"
|
||||||
|
|
||||||
# Parse arguments
|
# Parse arguments
|
||||||
while getopts ":a:C:T:r:s:du:cp:n:DNm:tz2" opt; do
|
while getopts ":a:C:T:r:s:du:cp:n:DNmf:tz2" opt; do
|
||||||
case $opt in
|
case $opt in
|
||||||
a)
|
a)
|
||||||
OVPN_AUTH="$OPTARG"
|
OVPN_AUTH="$OPTARG"
|
||||||
@ -130,6 +131,9 @@ while getopts ":a:C:T:r:s:du:cp:n:DNm:tz2" opt; do
|
|||||||
2)
|
2)
|
||||||
OVPN_OTP_AUTH=1
|
OVPN_OTP_AUTH=1
|
||||||
;;
|
;;
|
||||||
|
f)
|
||||||
|
OVPN_FRAGMENT=$OPTARG
|
||||||
|
;;
|
||||||
\?)
|
\?)
|
||||||
set +x
|
set +x
|
||||||
echo "Invalid option: -$OPTARG" >&2
|
echo "Invalid option: -$OPTARG" >&2
|
||||||
@ -177,6 +181,7 @@ export OVPN_CLIENT_TO_CLIENT OVPN_PUSH OVPN_NAT OVPN_DNS OVPN_MTU OVPN_DEVICE
|
|||||||
export OVPN_TLS_CIPHER OVPN_CIPHER OVPN_AUTH
|
export OVPN_TLS_CIPHER OVPN_CIPHER OVPN_AUTH
|
||||||
export OVPN_COMP_LZO
|
export OVPN_COMP_LZO
|
||||||
export OVPN_OTP_AUTH
|
export OVPN_OTP_AUTH
|
||||||
|
export OVPN_FRAGMENT
|
||||||
|
|
||||||
# Preserve config
|
# Preserve config
|
||||||
if [ -f "$OVPN_ENV" ]; then
|
if [ -f "$OVPN_ENV" ]; then
|
||||||
@ -223,6 +228,8 @@ EOF
|
|||||||
[ -n "$OVPN_CLIENT_TO_CLIENT" ] && echo "client-to-client" >> "$conf"
|
[ -n "$OVPN_CLIENT_TO_CLIENT" ] && echo "client-to-client" >> "$conf"
|
||||||
[ -n "$OVPN_COMP_LZO" ] && echo "comp-lzo" >> "$conf"
|
[ -n "$OVPN_COMP_LZO" ] && echo "comp-lzo" >> "$conf"
|
||||||
|
|
||||||
|
[ -n "$OVPN_FRAGMENT" ] && echo "fragment $OVPN_FRAGMENT" >> "$conf"
|
||||||
|
|
||||||
[ "$OVPN_DNS" == "1" ] && for i in "${OVPN_DNS_SERVERS[@]}"; do
|
[ "$OVPN_DNS" == "1" ] && for i in "${OVPN_DNS_SERVERS[@]}"; do
|
||||||
echo "push dhcp-option DNS $i" >> "$conf"
|
echo "push dhcp-option DNS $i" >> "$conf"
|
||||||
done
|
done
|
||||||
|
56
tests/openvpn_conf_options.test.sh
Executable file
56
tests/openvpn_conf_options.test.sh
Executable file
@ -0,0 +1,56 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
OVPN_DATA=opvn-data
|
||||||
|
|
||||||
|
IMG=kylemanna/openvpn
|
||||||
|
IMG=rudijs/docker-openvpne:1.0.0
|
||||||
|
|
||||||
|
# Function to fail
|
||||||
|
abort() { cat <<< "$@" 1>&2; exit 1; }
|
||||||
|
|
||||||
|
#
|
||||||
|
# Create a docker container with the config data
|
||||||
|
#
|
||||||
|
sudo docker run --name $OVPN_DATA -v /etc/openvpn busybox
|
||||||
|
|
||||||
|
#
|
||||||
|
# Generate openvpn.config file
|
||||||
|
#
|
||||||
|
SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
|
||||||
|
sudo docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_genconfig -u udp://$SERV_IP -f 1400
|
||||||
|
|
||||||
|
#
|
||||||
|
# grep for config lines from openvpn.conf
|
||||||
|
# add more tests for more configs as required
|
||||||
|
#
|
||||||
|
|
||||||
|
# 1. verb config
|
||||||
|
CONFIG_REQUIRED_VERB="verb 3"
|
||||||
|
CONFIG_MATCH_VERB=$(sudo docker run --rm -it --volumes-from $OVPN_DATA busybox grep verb /etc/openvpn/openvpn.conf)
|
||||||
|
|
||||||
|
# 2. fragment config
|
||||||
|
CONFIG_REQUIRED_FRAGMENT="fragment 1400"
|
||||||
|
CONFIG_MATCH_FRAGMENT=$(sudo docker run --rm -it --volumes-from $OVPN_DATA busybox grep fragment /etc/openvpn/openvpn.conf)
|
||||||
|
|
||||||
|
#
|
||||||
|
# Clean up
|
||||||
|
#
|
||||||
|
# sudo docker rm -f $OVPN_DATA
|
||||||
|
|
||||||
|
#
|
||||||
|
# Tests
|
||||||
|
#
|
||||||
|
|
||||||
|
if [[ $CONFIG_MATCH_VERB =~ $CONFIG_REQUIRED_VERB ]]
|
||||||
|
then
|
||||||
|
echo "==> Config match found: $CONFIG_REQUIRED_VERB == $CONFIG_MATCH_VERB"
|
||||||
|
else
|
||||||
|
abort "==> Config match not found: $CONFIG_REQUIRED_VERB != $CONFIG_MATCH_VERB"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ $CONFIG_MATCH_FRAGMENT =~ $CONFIG_REQUIRED_FRAGMENT ]]
|
||||||
|
then
|
||||||
|
echo "==> Config match found: $CONFIG_REQUIRED_FRAGMENT == $CONFIG_MATCH_FRAGMENT"
|
||||||
|
else
|
||||||
|
abort "==> Config match not found: $CONFIG_REQUIRED_FRAGMENT != $CONFIG_MATCH_FRAGMENT"
|
||||||
|
fi
|
Loading…
Reference in New Issue
Block a user