From c604d660ea1575a62c4a57c0b3f481d4d9a013c2 Mon Sep 17 00:00:00 2001
From: Ycarus <ycarus@zugaina.org>
Date: Wed, 6 Jun 2018 17:54:27 +0200
Subject: [PATCH] Update glorytun interface default config

---
 .../root/etc/uci-defaults/1200-luci-glorytun  | 56 +++++++++++++++
 .../root/etc/uci-defaults/40_luci-glorytun    | 68 -------------------
 2 files changed, 56 insertions(+), 68 deletions(-)
 create mode 100644 luci-app-glorytun/root/etc/uci-defaults/1200-luci-glorytun
 delete mode 100644 luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun

diff --git a/luci-app-glorytun/root/etc/uci-defaults/1200-luci-glorytun b/luci-app-glorytun/root/etc/uci-defaults/1200-luci-glorytun
new file mode 100644
index 000000000..5d13eaecc
--- /dev/null
+++ b/luci-app-glorytun/root/etc/uci-defaults/1200-luci-glorytun
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+	delete ucitrack.@glorytun[-1]
+	add ucitrack glorytun
+	set ucitrack.@glorytun[-1].init=glorytun
+	set ucitrack.@glorytun[-1].affects=glorytun-udp
+	delete ucitrack.@glorytun-udp[-1]
+	add ucitrack glorytun-udp
+	set ucitrack.@glorytun-udp[-1].init=glorytun-udp
+	commit ucitrack
+EOF
+
+if [ "$(uci -q get network.glorytun)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		delete network.glorytun
+		set network.glorytun=interface
+		set network.glorytun.ifname=tun0
+		set network.glorytun.proto=dhcp
+		set network.glorytun.ip4table=vpn
+		set network.glorytun.multipath=off
+		set network.glorytun.leasetime=12h
+		set network.glorytun.mtu=1280
+		commit network
+	EOF
+#	set network.glorytun.proto=static
+#	set network.glorytun.ipaddr=10.0.0.2
+#	set network.glorytun.netmask=255.255.255.0
+#	set network.glorytun.gateway=10.0.0.1
+fi
+
+if [ "$(uci -q show firewall | grep glorytun)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		add firewall zone
+		set firewall.@zone[-1].name=vpn
+		set firewall.@zone[-1].network=glorytun
+		set firewall.@zone[-1].masq=1
+		set firewall.@zone[-1].input=REJECT
+		set firewall.@zone[-1].forward=ACCEPT
+		set firewall.@zone[-1].output=ACCEPT
+		commit firewall
+	EOF
+fi
+if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		add firewall rule
+		set firewall.@rule[-1].enabled='1'
+		set firewall.@rule[-1].target='ACCEPT'
+		set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
+		set firewall.@rule[-1].dest='vpn'
+		set firewall.@rule[-1].src='lan'
+		commit firewall
+	EOF
+fi
+rm -f /tmp/luci-indexcache
+exit 0
diff --git a/luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun b/luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun
deleted file mode 100644
index 44195c088..000000000
--- a/luci-app-glorytun/root/etc/uci-defaults/40_luci-glorytun
+++ /dev/null
@@ -1,68 +0,0 @@
-#!/bin/sh
-
-uci -q batch <<-EOF >/dev/null
-	delete ucitrack.@glorytun[-1]
-	add ucitrack glorytun
-	set ucitrack.@glorytun[-1].init=glorytun
-	set ucitrack.@glorytun[-1].affects=glorytun-udp
-	delete ucitrack.@glorytun-udp[-1]
-	add ucitrack glorytun-udp
-	set ucitrack.@glorytun-udp[-1].init=glorytun-udp
-	commit ucitrack
-EOF
-
-uci -q batch <<-EOF >/dev/null
-	delete network.glorytun=interface
-	set network.glorytun=interface
-	set network.glorytun.ifname=tun0
-	set network.glorytun.proto=dhcp
-	set network.glorytun.ip4table=vpn
-	set network.glorytun.multipath=off
-	set network.glorytun.leasetime=12h
-	set network.glorytun.mtu=1280
-	commit network
-EOF
-#	set network.glorytun.proto=static
-#	set network.glorytun.ipaddr=10.0.0.2
-#	set network.glorytun.netmask=255.255.255.0
-#	set network.glorytun.gateway=10.0.0.1
-
-if [ "$(uci -q show firewall | grep redirect_vpn_to_lan)" = "" ]; then
-	uci -q batch <<-EOF >/dev/null
-		add firewall zone
-		set firewall.@zone[-1].name=vpn
-		set firewall.@zone[-1].network=glorytun
-		set firewall.@zone[-1].masq=1
-		set firewall.@zone[-1].input=REJECT
-		set firewall.@zone[-1].forward=REJECT
-		set firewall.@zone[-1].output=ACCEPT
-		set firewall.allow_dhcp_request_vpn=rule
-		set firewall.allow_dhcp_request_vpn.name=Allow-DHCP-Request-VPN
-		set firewall.allow_dhcp_request_vpn.src=glorytun
-		set firewall.allow_dhcp_request_vpn.proto=udp
-		set firewall.allow_dhcp_request_vpn.dest_port=67
-		set firewall.allow_dhcp_request_vpn.target=ACCEPT
-		set firewall.allow_dhcp_request_vpn.family=ipv4
-		set firewall.redirect_vpn_to_lan=redirect
-		set firewall.redirect_vpn_to_lan.name=Redirect-VPN-to-LAN
-		set firewall.redirect_vpn_to_lan.src=vpn
-		set firewall.redirect_vpn_to_lan.dest=lan
-		set firewall.redirect_vpn_to_lan.proto=all
-		set firewall.redirect_vpn_to_lan.enabled=1
-		set firewall.redirect_vpn_to_lan.src_dip=192.168.100.1
-		commit firewall
-	EOF
-fi
-if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
-	uci -q batch <<-EOF >/dev/null
-		add firewall rule
-		set firewall.@rule[-1].enabled='1'
-		set firewall.@rule[-1].target='ACCEPT'
-		set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
-		set firewall.@rule[-1].dest='vpn'
-		set firewall.@rule[-1].src='lan'
-		commit firewall
-	EOF
-fi
-rm -f /tmp/luci-indexcache
-exit 0