New interface for Glorytun UDP VPN

2025-03-09 15:40:03 +00:00 · 2020-12-03 11:23:57 +01:00 · 2020-12-03 11:23:57 +01:00 · e4103cea03
commit e4103cea03
parent 9ceaa526a5
8 changed files with 239 additions and 14 deletions
--- a/luci-app-glorytun-udp/root/etc/config/glorytun-udp
+++ b/luci-app-glorytun-udp/root/etc/config/glorytun-udp
@ -0,0 +1,10 @@
+config glorytun-udp 'vpn'
+	option enable '0'
+	option host '127.0.0.1'
+	option port '65001'
+	option dev 'tun0'
+	option key ''
+	option chacha '1'
+	option localip '10.255.254.2'
+	option remoteip '10.255.254.1'
+	option mode 'to'
--- a/luci-app-glorytun-udp/root/etc/hotplug.d/iface/30-glorytun-udp
+++ b/luci-app-glorytun-udp/root/etc/hotplug.d/iface/30-glorytun-udp
@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# Load the glorytun config
+#
+# Author: Ycarus (Yannick Chabanois) <ycarus@zugaina.org>
+# Released under GPL 3 or later
+
+[ "$ACTION" = ifup -o "$ACTION" = ifupdate ] || exit 0
+
+. /lib/functions.sh
+. /lib/functions/network.sh
+
+set_default() {
+    local localip
+    local remoteip
+    local config="$1"
+    local iface
+    config_get enable "$config" enable
+    config_get iface "$config" dev
+    [ "$iface" = "$DEVICE" ] && [ "$enable" = "1" ] && {
+	config_get localip "$config" localip
+	config_get remoteip "$config" remoteip
+	[ "$remoteip" != "" ] && [ "$localip" != "" ] &&  ifconfig $DEVICE $localip pointopoint $remoteip up
+    }
+}
+
+config_load glorytun-udp
+config_foreach set_default glorytun-udp
--- a/luci-app-glorytun-udp/root/etc/uci-defaults/1201-luci-glorytun-udp
+++ b/luci-app-glorytun-udp/root/etc/uci-defaults/1201-luci-glorytun-udp
@ -0,0 +1,47 @@
+#!/bin/sh
+
+uci -q batch <<-EOF >/dev/null
+	delete glorytun-udp[-1]
+	add ucitrack glorytun-udp
+	set ucitrack.@glorytun-udp[-1].init=glorytun-udp
+	commit ucitrack
+EOF
+
+if [ "$(uci -q get network.glorytun-udp)" = "" ] && [ "$(uci -q get network.omrvpn)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		delete network.glorytun-udp
+		set network.glorytun-udp=interface
+		set network.glorytun-udp.ifname=tun0
+		set network.glorytun-udp.proto=dhcp
+		set network.glorytun-udp.ip4table=vpn
+		set network.glorytun-udp.multipath=off
+		set network.glorytun-udp.leasetime=12h
+		commit network
+	EOF
+fi
+
+if [ "$(uci -q show firewall | grep glorytun-udp)" = "" ] && [ "$(uci -q get network.omrvpn)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		set firewall.zone_vpn=zone
+		set firewall.zone_vpn.name=vpn
+		set firewall.zone_vpn.network=glorytun-udp
+		set firewall.zone_vpn.masq=1
+		set firewall.zone_vpn.input=REJECT
+		set firewall.zone_vpn.forward=ACCEPT
+		set firewall.zone_vpn.output=ACCEPT
+		commit firewall
+	EOF
+fi
+if [ "$(uci -q show firewall | grep Allow-All-LAN-to-VPN)" = "" ]; then
+	uci -q batch <<-EOF >/dev/null
+		add firewall rule
+		set firewall.@rule[-1].enabled='1'
+		set firewall.@rule[-1].target='ACCEPT'
+		set firewall.@rule[-1].name='Allow-All-LAN-to-VPN'
+		set firewall.@rule[-1].dest='vpn'
+		set firewall.@rule[-1].src='lan'
+		commit firewall
+	EOF
+fi
+rm -f /tmp/luci-indexcache
+exit 0
--- a/luci-app-glorytun-udp/root/usr/share/luci/menu.d/luci-app-glorytun-udp.json
+++ b/luci-app-glorytun-udp/root/usr/share/luci/menu.d/luci-app-glorytun-udp.json
@ -0,0 +1,13 @@
+{
+	"admin/vpn/glorytun-udp": {
+		"title": "Glorytun UDP",
+		"order": 60,
+		"action": {
+			"type": "view",
+			"path": "services/glorytun-udp"
+		},
+		"depends": {
+			"acl": [ "luci-app-glorytun-udp" ]
+		}
+	}
+}
--- a/luci-app-glorytun-udp/root/usr/share/rpcd/acl.d/luci-app-glorytun-udp.json
+++ b/luci-app-glorytun-udp/root/usr/share/rpcd/acl.d/luci-app-glorytun-udp.json
@ -0,0 +1,11 @@
+{
+    "luci-app-glorytun-udp": {
+	"description": "Grant access to glorytun UDP",
+	"read": {
+	    "uci": [ "glorytun-udp" ]
+	},
+	"write": {
+	    "uci": [ "glorytun-udp" ]
+	}
+    }
+}