mptcp/openmptcprouter-vps
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-vps.git synced 2025-03-09 15:50:00 +00:00
Code Issues Releases Wiki Activity

Fix shorewall rules and omr-6in4-service

Browse source
This commit is contained in:
Ycarus (Yannick Chabanois) 2018-06-13 12:25:05 +00:00
parent fec353932b
commit a4e4149075
3 changed files with 13 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

14
omr-6in4-service
View file

@ -30,28 +30,32 @@ _ping() {
} }
while true; do while true; do
source /etc/shorewall/params.vpn
currentaddr=$(ip addr show omr-6in4 | grep link/sit | awk '{print $2}' | tr -d "\n") currentaddr=$(ip addr show omr-6in4 | grep link/sit | awk '{print $2}' | tr -d "\n")
currentpeer=$(ip addr show omr-6in4 | grep link/sit | awk '{print $4}' | tr -d "\n") currentpeer=$(ip addr show omr-6in4 | grep link/sit | awk '{print $4}' | tr -d "\n")
if [ -n "$currentpeer" ]; then if [ -n "$currentpeer" ]; then
_ping $currentpeer _ping $currentpeer
status=$? status=$?
if ! $(exit $status); then if ! $(exit $status) || [ "$currentpeer" != "$OMR_ADDR" ]; then
allip_tcp=$(ip -4 addr show gt-tun0 | grep inet) allip_tcp=$(ip -4 addr show gt-tun0 | grep inet)
allip_udp=$(ip -4 addr show gt-udp-tun0 | grep inet) allip_udp=$(ip -4 addr show gt-udp-tun0 | grep inet)
allip_mlvpn=$(ip -4 addr show mlvpn0 | grep inet) allip_mlvpn=$(ip -4 addr show mlvpn0 | grep inet)
allip_openvpn=$(ip -4 addr show tun0 | grep inet)
allip="$allip_tcp allip="$allip_tcp
$allip_udp $allip_udp
$allip_openvpn
$allip_mlvpn" $allip_mlvpn"
while IFS= read -r inet; do while IFS= read -r inet; do
ip=$(echo $inet | awk '{print $2}' | cut -d/ -f1 | tr -d "\n") ip=$(echo $inet | awk '{print $2}' | cut -d/ -f1 | tr -d "\n")
ipd=$(echo $ip | sed 's/.1/.2/' | tr -d "\n") ipd=$(echo $ip | sed 's/.1/.2/' | tr -d "\n")
_ping $ipd _ping $ipd
status=$? statusp=$?
if $(exit $status); then if $(exit $statusp); then
ip tunnel change omr-6in4 mode sit remote $ipd local $ip ip tunnel change omr-6in4 mode sit remote $ipd local $ip
echo "OMR_ADDR=$ipd" > /etc/shorewall/params.vpn echo "VPS_ADDR=$ip" > /etc/shorewall/params.vpn
echo "OMR_ADDR=$ipd" >> /etc/shorewall/params.vpn
iface=$(ip -4 addr | grep $ip | awk '{print $7}' | tr -d "\n") iface=$(ip -4 addr | grep $ip | awk '{print $7}' | tr -d "\n")
echo "OMR_IFACE=$iface" >> /etc/shorewall/params.vpn echo "VPS_IFACE=$iface" >> /etc/shorewall/params.vpn
systemctl reload shorewall systemctl reload shorewall
break break
fi fi

5
shorewall4/params.vpn
View file

@ -1,2 +1,3 @@
OMR_ADDR=10.255.255.1 VPS_ADDR=10.255.255.1
OMR_IFACE=gt-tun0 OMR_ADDR=10.255.255.2
VPS_IFACE=gt-tun0

2
shorewall4/snat
View file

@ -20,4 +20,4 @@ MASQUERADE 10.0.0.0/8,\
172.16.0.0/12,\ 172.16.0.0/12,\
192.168.0.0/16 eth0 192.168.0.0/16 eth0
# SNAT from VPN server for all VPN clients # SNAT from VPN server for all VPN clients
SNAT($OMR_ADDR) 0.0.0.0/0 $OMR_IFACE #SNAT($VPS_ADDR) 0.0.0.0/0 $VPS_IFACE