#!/bin/bash # OpenMPTCProuter VPS service script # This script configure 6in4, multipath and firewall for current VPN if [ "$1" = "stop" ] && [ "$(ip link show omr-6in4 up 2>/dev/null)" ]; then ip route del fd00::/8 via fe80::a00:2 dev omr-6in4 ip link set omr-6in4 down ip tunnel del omr-6in4 exit 0 fi _multipath() { # Force multipath status source /etc/shorewall/params.net for intf in `ls -1 /sys/class/net`; do if [ "$intf" = "$NET_IFACE" ]; then multipath $intf on else multipath $intf off fi done } # Add IPv6 tunnel if [ "$(ip link show omr-6in4 up 2>/dev/null)" ]; then ip tunnel change omr-6in4 mode sit remote 10.255.255.2 local 10.255.255.1 else ip tunnel add omr-6in4 mode sit remote 10.255.255.2 local 10.255.255.1 ip addr add fe80::a00:1/64 dev omr-6in4 >/dev/null 2>&1 fi ip link set omr-6in4 up ip route replace fd00::/8 via fe80::a00:2 dev omr-6in4 _ping() { local host=$1 ret=$(ping -4 "${host}" \ -W 5 \ -c 1 \ -q ) [ -n "$ret" ] && echo "$ret" | grep -s " 0% packet loss" > /dev/null && { return } false } _ping_range() { local network=$1 for i in {2..50} ;do _ping $network$i pingr=$? if $(exit $pingr); then ipd=$network$i return fi done false } while true; do source /etc/shorewall/params.vpn iface="" currentaddr=$(ip addr show omr-6in4 | grep link/sit | awk '{print $2}' | tr -d "\n") currentpeer=$(ip addr show omr-6in4 | grep link/sit | awk '{print $4}' | tr -d "\n") if [ -n "$currentpeer" ]; then _ping $currentpeer status=$? if ! $(exit $status) || [ "$currentpeer" != "$OMR_ADDR" ]; then allip_tcp=$(ip -4 addr show gt-tun0 2>/dev/null | grep inet) allip_udp=$(ip -4 addr show gt-udp-tun0 2>/dev/null | grep inet) [ -d "/sys/class/net/mlvpn0" ] && allip_mlvpn=$(ip -4 addr show mlvpn0 2>/dev/null | grep inet) [ -d "/sys/class/net/tun0" ] && allip_openvpn=$(ip -4 addr show tun0 2>/dev/null | grep inet) [ -d "/sys/class/net/dsvpn0" ] && allip_dsvpn=$(ip -4 addr show dsvpn0 2>/dev/null | grep inet) if [ -f /etc/openmptcprouter-vps-admin/current-vpn ]; then current_vpn="$(cat /etc/openmptcprouter-vps-admin/current-vpn)" [ "$current_vpn" = "glorytun_tcp" ] && allip="$allip_tcp" [ "$current_vpn" = "glorytun_udp" ] && allip="$allip_udp" [ "$current_vpn" = "mlvpn" ] && allip="$allip_mlvpn" [ "$current_vpn" = "openvpn" ] && allip="$allip_openvpn" [ "$current_vpn" = "dsvpn" ] && allip="$allip_dsvpn" fi if [ -z "$allip" ]; then allip="$allip_tcp $allip_udp $allip_openvpn $allip_dsvpn $allip_mlvpn" fi while IFS= read -r inet; do ip=$(echo $inet | awk '{print $2}' | cut -d/ -f1 | tr -d "\n") if [ "$ip" != "" ]; then _ping_range $(echo $ip | sed 's/.1$/./' | tr -d "\n") statusr=$? if $(exit $statusr); then _ping $ipd statusp=$? if $(exit $statusp); then logger -t "OMR-Service" "Set new 6in4 tunnel IPs" ip tunnel change omr-6in4 mode sit remote $ipd local $ip echo "VPS_ADDR=$ip" > /etc/shorewall/params.vpn echo "OMR_ADDR=$ipd" >> /etc/shorewall/params.vpn iface=$(ip -4 addr | grep $ip | awk '{print $7}' | tr -d "\n") echo "VPS_IFACE=$iface" >> /etc/shorewall/params.vpn systemctl reload shorewall _multipath break fi fi fi done < <(printf '%s\n' "$allip") [ -z "$iface" ] && [ -f /etc/openmptcprouter-vps-admin/current-vpn ] && { logger -t "OMR-Service" "Restart Glorytun and networkd" current_vpn="$(cat /etc/openmptcprouter-vps-admin/current-vpn)" [ "$current_vpn" = "glorytun_tcp" ] && systemctl -q restart glorytun-tcp@tun0 [ "$current_vpn" = "glorytun_udp" ] && systemctl -q restart glorytun-udp@tun0 systemctl -q restart systemd-networkd _multipath sleep 10 } fi fi #result="$(curl -Isk -m 30 https://127.0.0.1:65500/status | head -n 1 | grep 405)" #if [ "$result" = "" ]; then # logger -t "OMR-Service" "Restart OMR Admin" # systemctl -q restart omr-admin # sleep 10 #fi sleep 10 done