allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

Merge branch 'private_subnet'

Browse Source 
Closes #5
This commit is contained in:
Kyle Manna 2014-07-09 11:10:54 -07:00
commit c38b412dc6
2 changed files with 27 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
bin/ovpn_genconfig
View File

@ -36,9 +36,11 @@ usage() {
echo " -u SERVER_PUBLIC_URL" echo " -u SERVER_PUBLIC_URL"
echo " [-s SERVER_SUBNET]" echo " [-s SERVER_SUBNET]"
echo " [-r ROUTE ...]" echo " [-r ROUTE ...]"
echo " [-p PUSH ...]"
echo echo
echo "optional arguments:" echo "optional arguments:"
echo " -d Disable NAT routing and default route" echo " -d Disable NAT routing and default route"
echo " -c Enable client-to-client option"
} }
set -ex set -ex
@ -46,22 +48,17 @@ set -ex
OVPN_ENV=$OPENVPN/ovpn_env.sh OVPN_ENV=$OPENVPN/ovpn_env.sh
OVPN_SERVER=192.168.255.0/24 OVPN_SERVER=192.168.255.0/24
OVPN_DEFROUTE=1 OVPN_DEFROUTE=1
OVPN_ROUTES=()
OVPN_PUSH=()
# Import defaults if present # Import defaults if present
[ -r "$OVPN_ENV" ] && source "$OVPN_ENV" [ -r "$OVPN_ENV" ] && source "$OVPN_ENV"
ORIG_OVPN_ROUTES=$OVPN_ROUTES
OVPN_ROUTES=""
# Parse arguments # Parse arguments
while getopts ":r:s:du:" opt; do while getopts ":r:s:du:cp:" opt; do
case $opt in case $opt in
r) r)
if [ -n "$OVPN_ROUTES" ]; then OVPN_ROUTES+=("$OPTARG")
OVPN_ROUTES+=" $OPTARG"
else
OVPN_ROUTES+="$OPTARG"
fi
;; ;;
s) s)
OVPN_SERVER=$OPTARG OVPN_SERVER=$OPTARG
@ -72,6 +69,12 @@ while getopts ":r:s:du:" opt; do
u) u)
OVPN_SERVER_URL=$OPTARG OVPN_SERVER_URL=$OPTARG
;; ;;
c)
OVPN_CLIENT_TO_CLIENT=1
;;
p)
OVPN_PUSH+=("$OPTARG")
;;
\?) \?)
set +x set +x
echo "Invalid option: -$OPTARG" >&2 echo "Invalid option: -$OPTARG" >&2
@ -103,17 +106,11 @@ fi
# Apply defaults # Apply defaults
[ -z "$OVPN_PROTO" ] && OVPN_PROTO=udp [ -z "$OVPN_PROTO" ] && OVPN_PROTO=udp
[ -z "$OVPN_PORT" ] && OVPN_PORT=1194 [ -z "$OVPN_PORT" ] && OVPN_PORT=1194
[ ${#OVPN_ROUTES[@]} -eq 0 ] && OVPN_ROUTES=("192.168.254.0/24")
if [ -z "$OVPN_ROUTES" ]; then
if [ -n "$ORIG_OVPN_ROUTES" ]; then
OVPN_ROUTES=$ORIG_OVPN_ROUTES
else
OVPN_ROUTES=192.168.254.0/24
fi
fi
export OVPN_SERVER OVPN_ROUTES OVPN_DEFROUTE export OVPN_SERVER OVPN_ROUTES OVPN_DEFROUTE
export OVPN_SERVER_URL OVPN_ENV OVPN_PROTO OVPN_CN OVPN_PORT export OVPN_SERVER_URL OVPN_ENV OVPN_PROTO OVPN_CN OVPN_PORT
export OVPN_CLIENT_TO_CLIENT OVPN_PUSH
# Preserve config # Preserve config
if [ -f "$OVPN_ENV" ]; then if [ -f "$OVPN_ENV" ]; then
@ -155,13 +152,22 @@ status /tmp/openvpn-status.log
client-config-dir $OPENVPN/ccd client-config-dir $OPENVPN/ccd
EOF EOF
[ -n "$OVPN_CLIENT_TO_CLIENT" ] && echo "client-to-client" >> "$conf"
# Append Routes # Append Routes
for i in ${OVPN_ROUTES[@]}; do for i in "${OVPN_ROUTES[@]}"; do
# If user passed "0" skip this, assume no extra routes # If user passed "0" skip this, assume no extra routes
[ "$i" = "0" ] && break; [ "$i" = "0" ] && break;
echo route $(getroute $i) >> "$conf" echo route $(getroute "$i") >> "$conf"
done
# Append push commands
for i in "${OVPN_PUSH[@]}"; do
echo push \"$i\" >> "$conf"
done done
# Clean-up duplicate configs (always return success) # Clean-up duplicate configs (always return success)
diff -q "$bak_env" "$OVPN_ENV" 2> /dev/null && rm "$bak_env" || true diff -q "$bak_env" "$OVPN_ENV" 2> /dev/null && rm "$bak_env" || true
diff -q "$bak" "$conf" 2> /dev/null && rm "$bak" || true diff -q "$bak" "$conf" 2> /dev/null && rm "$bak" || true
echo "Successfully generated config"

4
bin/ovpn_run
View File

@ -21,8 +21,8 @@ fi
if [ "$OVPN_DEFROUTE" != "0" ];then if [ "$OVPN_DEFROUTE" != "0" ];then
iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE
for i in ${OVPN_ROUTES[@]}; do for i in "${OVPN_ROUTES[@]}"; do
iptables -t nat -A POSTROUTING -s $i -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -s "$i" -o eth0 -j MASQUERADE
done done
fi fi