openmptcprouter-feeds/openmptcprouter/files/etc/uci-defaults/2020-omr-vpn

#!/bin/sh

if [ "$(uci -q get network.omrvpn)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		delete network.glorytun
		delete network.omrvpn
		set network.omrvpn=interface
		set network.omrvpn.ifname=tun0
		set network.omrvpn.proto=dhcp
		set network.omrvpn.ip4table=vpn
		set network.omrvpn.multipath=off
		set network.omrvpn.leasetime=12h
		set network.omrvpn.type=tunnel
		set network.omrvpn.txqueuelen=1000
		set network.omrvpn.metric=1200
		commit network
	EOF
fi

if [ "$(uci -q get glorytun.vpn.localip)" = "10.0.0.2" ]; then
	uci -q batch <<-EOF >/dev/null
		delete glorytun.vpn.localip
		delete glorytun.vpn.remoteip
	EOF
fi

if [ "$(uci -q get openvpn.omr.proto)" != "tcp-client" ]; then
	uci -q batch <<-EOF >/dev/null
		set openvpn.omr=openvpn
		set openvpn.omr.dev=tun0
		set openvpn.omr.port=65301
		set openvpn.omr.cipher=AES-256-CBC
		set openvpn.omr.proto=tcp-client
		set openvpn.omr.enabled=0
		set openvpn.omr.ncp_disable=1
		set openvpn.omr.auth_nocache=1
		set openvpn.omr.client=1
		set openvpn.omr.tls_client=1
		set openvpn.omr.reneg_sec=0
		set openvpn.omr.allow_recursive_routing=1
		set openvpn.omr.sndbuf=0
		set openvpn.omr.rcvbuf=0
		set openvpn.omr.route_delay=5
		commit openvpn
	EOF
fi

uci -q delete openvpn.omr.secret

#if [ "$(uci -q get openvpn.omr.com_lzo)" = "" ]; then
#	uci -q batch <<-EOF >/dev/null
#		set openvpn.omr.comp_lzo=adaptive
#	EOF
#fi
if [ "$(uci -q get ipsec.ipsec.password)" = "myvpn" ]; then
	uci -q batch <<-EOF >/dev/null
		set ipsec.ipsec.enabled='0'
		commit ipsec
	EOF
	chmod u+x /etc/init.d/ipsec
fi

if [ "$(uci -q get dsvpn.vpn)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		set dsvpn.vpn=dsvpn
		set dsvpn.vpn.dev=tun0
		set dsvpn.vpn.port=65011
		set dsvpn.vpn.localip=10.255.251.2
		set dsvpn.vpn.remoteip=10.255.251.1
		set dsvpn.vpn.enable=0
		commit dsvpn
	EOF
fi


if [ "$(uci -q show firewall | grep omrvpn)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		add_list firewall.zone_vpn.network=omrvpn
		delete firewall.allow_dhcp_request_vpn
		set firewall.allow_dhcp_request_vpn=rule
		set firewall.allow_dhcp_request_vpn.name=Allow-DHCP-Request-VPN
		set firewall.allow_dhcp_request_vpn.src=vpn
		set firewall.allow_dhcp_request_vpn.proto=udp
		set firewall.allow_dhcp_request_vpn.dest_port=67
		set firewall.allow_dhcp_request_vpn.target=ACCEPT
		set firewall.allow_dhcp_request_vpn.family=ipv4
		commit firewall
	EOF
fi
if [ "$(uci -q get ucitrack.@network[-1].affects | grep glorytun)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		add_list ucitrack.@network[-1].affects="glorytun"
		commit ucitrack
	EOF
fi
if [ "$(uci -q get ucitrack.@network[-1].affects | grep dsvpn)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		add_list ucitrack.@network[-1].affects="dsvpn"
		commit ucitrack
	EOF
fi
if [ "$(uci -q get ucitrack.@glorytun[-1].affects | grep openmptcprouter-vps)" = "" ]; then
	uci -q batch <<-EOF >/dev/null
		add_list ucitrack.@glorytun[-1].affects="openmptcprouter-vps"
		commit ucitrack
	EOF
fi


rm -f /tmp/luci-indexcache
exit 0
Add omrvpn interface 2018-06-06 15:56:39 +00:00			`#!/bin/sh`

			`if [ "$(uci -q get network.omrvpn)" = "" ]; then`
			`uci -q batch <<-EOF >/dev/null`
			`delete network.glorytun`
			`delete network.omrvpn`
			`set network.omrvpn=interface`
			`set network.omrvpn.ifname=tun0`
			`set network.omrvpn.proto=dhcp`
			`set network.omrvpn.ip4table=vpn`
			`set network.omrvpn.multipath=off`
			`set network.omrvpn.leasetime=12h`
Add tls support in openmptcprouter vps script and small changes 2019-04-15 20:17:11 +00:00			`set network.omrvpn.type=tunnel`
			`set network.omrvpn.txqueuelen=1000`
			`set network.omrvpn.metric=1200`
Add omrvpn interface 2018-06-06 15:56:39 +00:00			`commit network`
			`EOF`
			`fi`

Remove static ip of Glorytun if already set 2018-06-12 20:43:12 +00:00			`if [ "$(uci -q get glorytun.vpn.localip)" = "10.0.0.2" ]; then`
			`uci -q batch <<-EOF >/dev/null`
			`delete glorytun.vpn.localip`
			`delete glorytun.vpn.remoteip`
			`EOF`
			`fi`

Changes with OpenVPN TCP 2019-11-06 17:10:30 +00:00			`if [ "$(uci -q get openvpn.omr.proto)" != "tcp-client" ]; then`
Add OpenVPN support 2018-06-12 17:22:55 +00:00			`uci -q batch <<-EOF >/dev/null`
			`set openvpn.omr=openvpn`
			`set openvpn.omr.dev=tun0`
			`set openvpn.omr.port=65301`
			`set openvpn.omr.cipher=AES-256-CBC`
			`set openvpn.omr.proto=tcp-client`
OpenVPN is disabled by default 2018-06-14 05:07:29 +00:00			`set openvpn.omr.enabled=0`
Add setting to remove some dirty log for OpenVPN 2018-07-02 15:17:58 +00:00			`set openvpn.omr.ncp_disable=1`
			`set openvpn.omr.auth_nocache=1`
Changes with OpenVPN TCP 2019-11-06 17:10:30 +00:00			`set openvpn.omr.client=1`
			`set openvpn.omr.tls_client=1`
No key renew for openvpn 2020-03-04 18:34:40 +00:00			`set openvpn.omr.reneg_sec=0`
Changes with OpenVPN TCP 2019-11-06 17:10:30 +00:00			`set openvpn.omr.allow_recursive_routing=1`
Change default OpenVPN settings and disable ipsec at start 2020-01-21 18:29:28 +00:00			`set openvpn.omr.sndbuf=0`
			`set openvpn.omr.rcvbuf=0`
Add a delay before adding route for openvpn 2020-02-24 19:03:09 +00:00			`set openvpn.omr.route_delay=5`
Add OpenVPN support 2018-06-12 17:22:55 +00:00			`commit openvpn`
			`EOF`
			`fi`
Fix openvpn after update from old config 2020-03-19 19:36:00 +00:00
			`uci -q delete openvpn.omr.secret`

Remove comp-lzo 2020-02-13 18:20:12 +00:00			`#if [ "$(uci -q get openvpn.omr.com_lzo)" = "" ]; then`
			`# uci -q batch <<-EOF >/dev/null`
			`# set openvpn.omr.comp_lzo=adaptive`
			`# EOF`
			`#fi`
Change default OpenVPN settings and disable ipsec at start 2020-01-21 18:29:28 +00:00			`if [ "$(uci -q get ipsec.ipsec.password)" = "myvpn" ]; then`
			`uci -q batch <<-EOF >/dev/null`
			`set ipsec.ipsec.enabled='0'`
			`commit ipsec`
			`EOF`
			`chmod u+x /etc/init.d/ipsec`
			`fi`
Add OpenVPN support 2018-06-12 17:22:55 +00:00
Add A Dead Simple VPN 2019-08-02 20:37:45 +00:00			`if [ "$(uci -q get dsvpn.vpn)" = "" ]; then`
			`uci -q batch <<-EOF >/dev/null`
			`set dsvpn.vpn=dsvpn`
			`set dsvpn.vpn.dev=tun0`
			`set dsvpn.vpn.port=65011`
			`set dsvpn.vpn.localip=10.255.251.2`
Fix and new settings for dsvpn 2019-08-05 14:56:05 +00:00			`set dsvpn.vpn.remoteip=10.255.251.1`
Restart DSVPN if down 2019-09-08 17:13:04 +00:00			`set dsvpn.vpn.enable=0`
Add A Dead Simple VPN 2019-08-02 20:37:45 +00:00			`commit dsvpn`
			`EOF`
			`fi`

Change VPN settings 2020-01-09 19:48:08 +00:00
Add omrvpn interface 2018-06-06 15:56:39 +00:00			`if [ "$(uci -q show firewall \| grep omrvpn)" = "" ]; then`
			`uci -q batch <<-EOF >/dev/null`
Use firewall zone name 2018-06-07 14:53:32 +00:00			`add_list firewall.zone_vpn.network=omrvpn`
Add omrvpn interface 2018-06-06 15:56:39 +00:00			`delete firewall.allow_dhcp_request_vpn`
			`set firewall.allow_dhcp_request_vpn=rule`
			`set firewall.allow_dhcp_request_vpn.name=Allow-DHCP-Request-VPN`
			`set firewall.allow_dhcp_request_vpn.src=vpn`
			`set firewall.allow_dhcp_request_vpn.proto=udp`
			`set firewall.allow_dhcp_request_vpn.dest_port=67`
			`set firewall.allow_dhcp_request_vpn.target=ACCEPT`
			`set firewall.allow_dhcp_request_vpn.family=ipv4`
			`commit firewall`
			`EOF`
			`fi`
Add glorytun in restart when network changes 2019-07-11 17:57:16 +00:00			`if [ "$(uci -q get ucitrack.@network[-1].affects \| grep glorytun)" = "" ]; then`
			`uci -q batch <<-EOF >/dev/null`
			`add_list ucitrack.@network[-1].affects="glorytun"`
			`commit ucitrack`
			`EOF`
			`fi`
Reload dsvpn if network change 2019-09-02 16:00:33 +00:00			`if [ "$(uci -q get ucitrack.@network[-1].affects \| grep dsvpn)" = "" ]; then`
			`uci -q batch <<-EOF >/dev/null`
			`add_list ucitrack.@network[-1].affects="dsvpn"`
			`commit ucitrack`
			`EOF`
			`fi`
Shadowsocks and glorytun restart openmptcprouter-vps 2019-09-11 20:03:11 +00:00			`if [ "$(uci -q get ucitrack.@glorytun[-1].affects \| grep openmptcprouter-vps)" = "" ]; then`
			`uci -q batch <<-EOF >/dev/null`
			`add_list ucitrack.@glorytun[-1].affects="openmptcprouter-vps"`
			`commit ucitrack`
			`EOF`
			`fi`


Add omrvpn interface 2018-06-06 15:56:39 +00:00			`rm -f /tmp/luci-indexcache`
			`exit 0`