Untitled

#!/bin/bash

if [ $# != 1 ] ; then
  echo "Usage: (sudo) sh $0 {start|stop}"
  exit 1;
fi

IFACE=wlp32s0

function getIP(){
  ip addr show $1 | grep -v "127" | grep "inet " | awk '{print $2}' | sed 's:/.*::'
}

function getppp0IP(){
  ip addr show ppp0 | grep -Po "peer.*/32" | grep -Po "[0-9.]+" | grep -Po -m1 "[0-9.]+"
}

function getVPN_ADDR(){
  ping -c 1 usil-sfe.pointtoserver.com | grep -Eom1 "[0-9.]{3,}" | sed 's/\s//g'
}

function getGateWay(){
  ip route list | grep -Eom1 "via ([0-9.]{11})" | grep -Eom1 "[0-9.]{11}"
}
function getVPNGateWay(){
  ip route list | grep -m1 "$VPN_ADDR" | grep -Po "via .*" | grep -Po "[1-9.]+" | head -n 1
}

GW_ADDR=$(getGateWay)
#GW_ADDR="192.168.1.1"
VPN_ADDR=$(getVPN_ADDR)

function start(){
  sed -i "s/^lns =.*/lns = $VPN_ADDR/g" /etc/xl2tpd/xl2tpd.conf
  sed -i "s/plutoopts=.*/plutoopts=\"--interface=$IFACE\"/g" /etc/ipsec.conf
  sed -i "s/left=.*$/left=$(getIP $IFACE)/g" /etc/ipsec.conf
  sed -i "s/right=.*$/right=$VPN_ADDR/g" /etc/ipsec.conf
  sed -i "s/^.*: PSK/$(getIP $IFACE) $VPN_ADDR : PSK/g" /etc/ipsec.secrets
  systemctl start openswan
  sleep 2    #delay to ensure that IPsec is started before overlaying L2TP

  systemctl start xl2tpd
  ipsec auto --up pure-NY
  echo "c vpn-connection" > /var/run/xl2tpd/l2tp-control
  sleep 2    #delay again to make that the PPP connection is up.

  ip route save 1> $HOME/.cache/ipdump
  ip route add $VPN_ADDR via $GW_ADDR dev $IFACE
}

function stop(){
  VPN_GW=$(getVPNGateWay)
  ip route delete $VPN_ADDR via $GW_ADDR dev $IFACE
  ip route restore < $HOME/.cache/ipdump
  rm $HOME/.cache/ipdump

  ipsec auto --down pure-NY
  /bin/echo "d vpn-connection" > /var/run/xl2tpd/l2tp-control
  systemctl stop xl2tpd
  systemctl stop openswan
}

$1
exit 0