mirror of
https://github.com/Ysurac/openmptcprouter-feeds.git
synced 2025-03-09 15:40:03 +00:00
Fix GRE tunnel
This commit is contained in:
Ycarus (Yannick Chabanois)
parent
cd57425370
commit
dc0b1a766f
1 changed files with 20 additions and 3 deletions
|
|
@ -6,7 +6,7 @@ START=99
|
|||
|
||||
USE_PROCD=1
|
||||
|
||||
EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key"
|
||||
EXTRA_COMMANDS="set_pihole backup_send backup_get backup_list set_vps_firewall get_openvpn_key set_gre_tunnel"
|
||||
|
||||
. /usr/lib/unbound/iptools.sh
|
||||
|
||||
|
|
@ -503,6 +503,7 @@ _get_vps_config() {
|
|||
}
|
||||
|
||||
_get_gre_tunnel() {
|
||||
[ -z "$servername" ] && servername=$1
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
gre_tunnel_state="$(echo "$vps_config" | jsonfilter -q -e '@.gre_tunnel.enabled')"
|
||||
|
|
@ -515,7 +516,7 @@ _get_gre_tunnel() {
|
|||
peeraddr="$(echo $tunnel | jsonfilter -q -e '@.remote_ip')"
|
||||
ipaddr="$(echo $tunnel | jsonfilter -q -e '@.local_ip')"
|
||||
publicaddr="$(echo $tunnel | jsonfilter -q -e '@.public_ip')"
|
||||
if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && ([ "$(uci -q get network.oip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.oip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.oip${i}gre.ipaddr)" != "$vpnip_local" ]); then
|
||||
if [ "$peeraddr" != "" ] && [ "$ipaddr" != "" ] && [ "$publicaddr" != "" ] && [ "$vpnip_local" != "" ] && ([ "$(uci -q get network.oip${i}.ipaddr)" != "$peeraddr" ] || [ "$(uci -q get network.oip${i}.ipaddr)" != "$ipaddr" ] || [ "$(uci -q get network.oip${i}gre.ipaddr)" != "$vpnip_local" ]); then
|
||||
uci -q batch <<-EOF >/dev/null
|
||||
set network.oip${i}gre=interface
|
||||
set network.oip${i}gre.label="GRE tunnel for $publicaddr"
|
||||
|
|
@ -529,6 +530,7 @@ _get_gre_tunnel() {
|
|||
set network.oip${i}gre.ip4table='vpn'
|
||||
set network.oip${i}gre.peeraddr="$publicaddr"
|
||||
set network.oip${i}gre.ipaddr="$vpnip_local"
|
||||
set network.oip${i}gre.tunlink='omrvpn'
|
||||
set network.oip${i}=interface
|
||||
set network.oip${i}.label="Tunnel for $publicaddr"
|
||||
set network.oip${i}.proto=static
|
||||
|
|
@ -594,6 +596,12 @@ _get_gre_tunnel() {
|
|||
fi
|
||||
}
|
||||
|
||||
set_gre_tunnel() {
|
||||
config_load openmptcprouter
|
||||
config_foreach _get_gre_tunnel server
|
||||
}
|
||||
|
||||
|
||||
_get_pihole() {
|
||||
[ -z "$vps_config" ] && vps_config=$(_get_json "config")
|
||||
[ -z "$vps_config" ] && return
|
||||
|
|
@ -1044,7 +1052,16 @@ _set_vps_firewall() {
|
|||
fw3 -q print | grep 'vpn.* -d' |
|
||||
while IFS=$"\n" read -r c; do
|
||||
eval $(echo $c | sed 's/iptables/iptables -w/' | sed 's/-A/-D/') 2>&1 >/dev/null
|
||||
newrule=$(echo $c | sed 's/iptables/iptables -w/' | sed -E -e 's/ -d ([^ ])*//' -e 's/ -s ([^ ])*//')
|
||||
publicip=$(echo $c | awk -F'-d' '{print $2}' | cut -d '/' -f1 | sed 's/ //g')
|
||||
[ -n "$publicip" ] && {
|
||||
greintf=$(uci show network | grep "Tunnel for $publicip" | cut -d '.' -f2 | tr -d "\n")
|
||||
[ -n "$greintf" ] && greip=$(uci -q get network.${greintf}.ipaddr)
|
||||
}
|
||||
if [ -z "$greip" ]; then
|
||||
newrule=$(echo $c | sed 's/iptables/iptables -w/' | sed -E -e 's/ -d ([^ ])*//' -e 's/ -s ([^ ])*//')
|
||||
else
|
||||
newrule=$(echo $c | sed 's/iptables/iptables -w/' | sed -E -e "s/ -d ([^ ])*/ -d ${greip}\/255.255.255.252/" -e 's/ -s ([^ ])*//')
|
||||
fi
|
||||
eval $(echo $newrule | sed 's/-A/-D/') || true
|
||||
eval $newrule
|
||||
done
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue