Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- filedir=/etc/openvpn/dns
- filebase=$(echo $filedir/$dev | sed 's/\(tun\|tap\)1/client/;s/\(tun\|tap\)2/server/')
- conffile=$filebase\.conf
- resolvfile=$filebase\.resolv
- dnsscript=$(echo /etc/openvpn/fw/$(echo $dev)-dns\.sh | sed 's/\(tun\|tap\)1/client/;s/\(tun\|tap\)2/server/')
- fileexists=
- instance=$(echo $dev | sed "s/tun1//;s/tun2*/0/")
- for argument in "$@"
- do
- logger -t "openvpn-updown-codyqx4-main" "Argument Passed: $argument"
- done
- logger -t "openvpn-updown-codyqx4-main" "FileDir: $filedir"
- logger -t "openvpn-updown-codyqx4-main" "FileBase: $filebase"
- logger -t "openvpn-updown-codyqx4-main" "ConfFile: $conffile"
- logger -t "openvpn-updown-codyqx4-main" "ResolvFile: $resolvfile"
- logger -t "openvpn-updown-codyqx4-main" "DNSScript: $dnsscript"
- logger -t "openvpn-updown-codyqx4-main" "Instance: $instance"
- create_client_list(){
- server=$1
- VPN_IP_LIST=$(nvram get vpn_client$(echo $instance)_clientlist)
- logger -t "openvpn-updown-codyqx4-create_client_list" "VPN IP List: $VPN_IP_LIST"
- IFS="<"
- for ENTRY in $VPN_IP_LIST
- do
- logger -t "openvpn-updown-codyqx4-create_client_list" "Entry: $ENTRY"
- if [ "$ENTRY" = "" ]
- then
- continue
- fi
- TARGET_ROUTE=$(echo $ENTRY | cut -d ">" -f 4)
- logger -t "openvpn-updown-codyqx4-create_client_list" "Target Route: $TARGET_ROUTE"
- if [ "$TARGET_ROUTE" = "VPN" ]
- then
- VPN_IP=$(echo $ENTRY | cut -d ">" -f 2)
- logger -t "openvpn-updown-codyqx4-create_client_list" "VPN IP: $VPN_IP"
- if [ "$VPN_IP" != "0.0.0.0" ]
- then
- logger -t "openvpn-updown-codyqx4-create_client_list" "Doing IP Tables Echo: Instance=$instance, VPN IP=$VPN_IP, Server=$server, DNSScript=$dnsscript"
- echo iptables -t nat -A DNSVPN$instance -s $VPN_IP -j DNAT --to-destination $server >> $dnsscript
- fi
- logger -t "openvpn-updown" "Forcing $VPN_IP to use DNS server $server"
- fi
- done
- IFS=$OLDIFS
- }
- if [ ! -d $filedir ]; then mkdir $filedir; fi
- if [ -f $conffile ]; then rm $conffile; fileexists=1; fi
- if [ -f $resolvfile ]; then rm $resolvfile; fileexists=1; fi
- if [ $script_type == 'up' ]
- then
- logger -t "openvpn-updown-codyqx4-main" "Up Script"
- logger -t "openvpn-updown-codyqx4-main" "Doing IP Tables Echo: Instance=$instance, DNSScript=$dnsscript"
- echo iptables -t nat -N DNSVPN$instance > $dnsscript
- if [ $instance != 0 -a $(nvram get vpn_client$(echo $instance)_rgw) == 2 -a $(nvram get vpn_client$(echo $instance)_adns) == 3 ]
- then
- logger -t "openvpn-updown-codyqx4-main" "Set DNS: 0"
- setdns=0
- else
- logger -t "openvpn-updown-codyqx4-main" "Set DNS: 1"
- setdns=-1
- fi
- for optionname in $(set | grep "^foreign_option_" | sed "s/^\(.*\)=.*$/\1/g")
- do
- option=$(eval "echo \\$$optionname")
- logger -t "openvpn-updown-codyqx4-main" "Option $optionname: $option"
- if echo $option | grep "dhcp-option WINS "; then echo $option | sed "s/ WINS /=44,/" >> $conffile; fi
- if echo $option | grep "dhcp-option DNS"
- then
- logger -t "openvpn-updown-codyqx4-main" "Echoing Option $option to $resolvfile"
- echo $option | sed "s/dhcp-option DNS/nameserver/" >> $resolvfile
- if [ $setdns == 0 ]
- then
- logger -t "openvpn-updown-codyqx4-main" "Preparing to Call Create Client DNS and Flip SetDNS"
- create_client_list $(echo $option | sed "s/dhcp-option DNS//")
- setdns=1
- fi
- fi
- if echo $option | grep "dhcp-option DOMAIN"; then echo $option | sed "s/dhcp-option DOMAIN/search/" >> $resolvfile; fi
- done
- if [ $setdns == 1 ]
- then
- logger -t "openvpn-updown-codyqx4-main" "Doing IP Table Echo: DNS Instance=$instance, DNSScript=$dnsscript"
- echo iptables -t nat -A PREROUTING -p udp -m udp --dport 53 -j DNSVPN$instance >> $dnsscript
- echo iptables -t nat -A PREROUTING -p tcp -m tcp --dport 53 -j DNSVPN$instance >> $dnsscript
- fi
- fi
- if [ $script_type == 'down' -a $instance != 0 ]
- then
- logger -t "openvpn-updown-codyqx4-main" "Down Script With Valid Instance: $instance"
- /usr/sbin/iptables -t nat -D PREROUTING -p udp -m udp --dport 53 -j DNSVPN$instance
- /usr/sbin/iptables -t nat -D PREROUTING -p tcp -m tcp --dport 53 -j DNSVPN$instance
- /usr/sbin/iptables -t nat -F DNSVPN$instance
- /usr/sbin/iptables -t nat -X DNSVPN$instance
- fi
- if [ -f $conffile -o -f $resolvfile -o -n "$fileexists" ]
- then
- logger -t "openvpn-updown-codyqx4-main" "Conf+Resolve Files Exist Check Passed"
- if [ $script_type == 'up' ] ; then
- logger -t "openvpn-updown-codyqx4-main" "Up Script"
- if [ -f $dnsscript ]
- then
- logger -t "openvpn-updown-codyqx4-main" "Up Script: Running DNS Script: $dnsscript"
- sh $dnsscript
- fi
- service updateresolv
- elif [ $script_type == 'down' ]; then
- logger -t "openvpn-updown-codyqx4-main" "Down Script: Deleting DNS Script: $dnsscript"
- rm $dnsscript
- logger -t "openvpn-updown-codyqx4-main" "Down Script: Update Resolv"
- service updateresolv
- logger -t "openvpn-updown-codyqx4-main" "Down Script: Restarting DNSMasq"
- service restart_dnsmasq
- fi
- fi
- rmdir $filedir
- rmdir /etc/openvpn
- if [ -f /jffs/scripts/openvpn-event ]
- then
- logger -t "custom script" "Running /jffs/scripts/openvpn-event (args: $*)"
- sh /jffs/scripts/openvpn-event $*
- fi
- exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement