mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Update glorytun interface default config
This commit is contained in:
Ycarus
parent
f32e27da88
commit
c604d660ea
2 changed files with 56 additions and 68 deletions
56
luci-app-glorytun/root/etc/uci-defaults/1200-luci-glorytun
Normal file
56
luci-app-glorytun/root/etc/uci-defaults/1200-luci-glorytun
Normal file
|
|
@ -0,0 +1,56 @@
|
|||
#!/bin/sh
|
||||
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete ucitrack.@glorytun[-1]
|
||||
add ucitrack glorytun
|
||||
set ucitrack.@glorytun[-1].init=glorytun
|
||||
set ucitrack.@glorytun[-1].affects=glorytun-udp
|
||||
delete ucitrack.@glorytun-udp[-1]
|
||||
add ucitrack glorytun-udp
|
||||
set ucitrack.@glorytun-udp[-1].init=glorytun-udp
|
||||
commit ucitrack
|
||||
EOF
|
||||
|
||||
if [ "$(uci -q get network.glorytun)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete network.glorytun
|
||||
set network.glorytun=interface
|
||||
set network.glorytun.ifname=tun0
|
||||
set network.glorytun.proto=dhcp
|
||||
set network.glorytun.ip4table=vpn
|
||||
set network.glorytun.multipath=off
|
||||
set network.glorytun.leasetime=12h
|
||||
set network.glorytun.mtu=1280
|
||||
commit network
|
||||
EOF
|
||||
# set network.glorytun.proto=static
|
||||
# set network.glorytun.ipaddr=10.0.0.2
|
||||
# set network.glorytun.netmask=255.255.255.0
|
||||
# set network.glorytun.gateway=10.0.0.1
|
||||
fi
|
||||
|
||||
if [ "$(uci -q show firewall | grep glorytun)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add firewall zone
|
||||
set firewall.@zone[-1].name=vpn
|
||||
set firewall.@zone[-1].network=glorytun
|
||||
set firewall.@zone[-1].masq=1
|
||||
set firewall.@zone[-1].input=REJECT
|
||||
set firewall.@zone[-1].forward=ACCEPT
|
||||
set firewall.@zone[-1].output=ACCEPT
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add firewall rule
|
||||
set firewall.@rule[-1].enabled='1'
|
||||
set firewall.@rule[-1].target='ACCEPT'
|
||||
set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
|
||||
set firewall.@rule[-1].dest='vpn'
|
||||
set firewall.@rule[-1].src='lan'
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
rm -f /tmp/luci-indexcache
|
||||
exit 0
|
||||
|
|
@ -1,68 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete ucitrack.@glorytun[-1]
|
||||
add ucitrack glorytun
|
||||
set ucitrack.@glorytun[-1].init=glorytun
|
||||
set ucitrack.@glorytun[-1].affects=glorytun-udp
|
||||
delete ucitrack.@glorytun-udp[-1]
|
||||
add ucitrack glorytun-udp
|
||||
set ucitrack.@glorytun-udp[-1].init=glorytun-udp
|
||||
commit ucitrack
|
||||
EOF
|
||||
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
delete network.glorytun=interface
|
||||
set network.glorytun=interface
|
||||
set network.glorytun.ifname=tun0
|
||||
set network.glorytun.proto=dhcp
|
||||
set network.glorytun.ip4table=vpn
|
||||
set network.glorytun.multipath=off
|
||||
set network.glorytun.leasetime=12h
|
||||
set network.glorytun.mtu=1280
|
||||
commit network
|
||||
EOF
|
||||
# set network.glorytun.proto=static
|
||||
# set network.glorytun.ipaddr=10.0.0.2
|
||||
# set network.glorytun.netmask=255.255.255.0
|
||||
# set network.glorytun.gateway=10.0.0.1
|
||||
|
||||
if [ "$(uci -q show firewall | grep redirect_vpn_to_lan)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add firewall zone
|
||||
set firewall.@zone[-1].name=vpn
|
||||
set firewall.@zone[-1].network=glorytun
|
||||
set firewall.@zone[-1].masq=1
|
||||
set firewall.@zone[-1].input=REJECT
|
||||
set firewall.@zone[-1].forward=REJECT
|
||||
set firewall.@zone[-1].output=ACCEPT
|
||||
set firewall.allow_dhcp_request_vpn=rule
|
||||
set firewall.allow_dhcp_request_vpn.name=Allow-DHCP-Request-VPN
|
||||
set firewall.allow_dhcp_request_vpn.src=glorytun
|
||||
set firewall.allow_dhcp_request_vpn.proto=udp
|
||||
set firewall.allow_dhcp_request_vpn.dest_port=67
|
||||
set firewall.allow_dhcp_request_vpn.target=ACCEPT
|
||||
set firewall.allow_dhcp_request_vpn.family=ipv4
|
||||
set firewall.redirect_vpn_to_lan=redirect
|
||||
set firewall.redirect_vpn_to_lan.name=Redirect-VPN-to-LAN
|
||||
set firewall.redirect_vpn_to_lan.src=vpn
|
||||
set firewall.redirect_vpn_to_lan.dest=lan
|
||||
set firewall.redirect_vpn_to_lan.proto=all
|
||||
set firewall.redirect_vpn_to_lan.enabled=1
|
||||
set firewall.redirect_vpn_to_lan.src_dip=192.168.100.1
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
add firewall rule
|
||||
set firewall.@rule[-1].enabled='1'
|
||||
set firewall.@rule[-1].target='ACCEPT'
|
||||
set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
|
||||
set firewall.@rule[-1].dest='vpn'
|
||||
set firewall.@rule[-1].src='lan'
|
||||
commit firewall
|
||||
EOF
|
||||
fi
|
||||
rm -f /tmp/luci-indexcache
|
||||
exit 0
|
||||
Loading…
Add table
Add a link
Reference in a new issue