Accueil Explorer Aide
Connexion
labriqueinternet
/
vpnclient_ynh
miroir de https://github.com/labriqueinternet/vpnclient_ynh
3
0
Fork 0
Fichiers
Aborescence: 01b44d9dcb
Branches Tags
vpnclient_ynh
/
conf
/
scripts
/
route-up.d
/
30-vpnclient-set-server-ipv6-route

30-vpnclient-set-server-ipv6-route 3.0 KB
Historique Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. #!/bin/bash
    2. 

  2. 

  3. has_nativeip6() {
    4. 

  4.   ip -6 route | grep -q "default via"
    5. 

  5. }
    6. 

  6. 

  7. is_serverip6route_set() {
    8. 

  8.   local server_ip6s=${1}
    9. 

  9. 

  10.   if [[ -z "${server_ip6s}" ]]; then
    11. 

  11.     return 0
    12. 

  12.   fi
    13. 

  13. 

  14.   for server_ip6 in ${server_ip6s}; do
    15. 

  15.     if ! ip -6 route | grep -q "^${server_ip6}"; then
    16. 

  16.       return 1
    17. 

  17.     fi
    18. 

  18.   done
    19. 

  19. }
    20. 

  20. 

  21. set_serverip6route() {
    22. 

  22.   local server_ip6s=${1}
    23. 

  23.   local ip6_gw=${2}
    24. 

  24.   local wired_device=${3}
    25. 

  25. 

  26.   for server_ip6 in ${server_ip6s}; do
    27. 

  27.     ip route add "${server_ip6}/128" via "${ip6_gw}" dev "${wired_device}"
    28. 

  28.   done
    29. 

  29. }
    30. 

  30. 

  31. unset_serverip6route() {
    32. 

  32.   local server_ip6s=${1}
    33. 

  33.   local ip6_gw=${2}
    34. 

  34.   local wired_device=${3}
    35. 

  35. 

  36.   for server_ip6 in ${server_ip6s}; do
    37. 

  37.     ip route delete "${server_ip6}/128" via "${ip6_gw}" dev "${wired_device}"
    38. 

  38.   done
    39. 

  39. }
    40. 

  40. 

  41. old_ip6_gw=$(yunohost app setting vpnclient ip6_gw)
    42. 

  42. old_wired_device=$(yunohost app setting vpnclient wired_device)
    43. 

  43. old_server_ip6=$(yunohost app setting vpnclient server_ip6)
    44. 

  44. 

  45. new_ip6_gw=$(ip -6 route | awk '/default via/ { print $3 }')
    46. 

  46. new_wired_device=$(ip route | awk '/default via/ { print $5; }')
    47. 

  47. ynh_server_names=$(grep -o -P '^\s*remote\s+\K([^\s]+)' /etc/openvpn/client.conf | sort | uniq)
    48. 

  48. 

  49. # In case an ip has been provided in ovpn conf
    50. 

  50. new_server_ip6=""
    51. 

  51. new_server_ip4=""
    52. 

  52. for i in $ynh_server_names; do
    53. 

  53.   if [[ "${i}" =~ : ]]; then
    54. 

  54.     new_server_ip6+=" ${i}"
    55. 

  55.   elif [[ "${i}" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
    56. 

  56.     new_server_ip4+=" ${i}"
    57. 

  57.   fi
    58. 

  58. done
    59. 

  59. 

  60. if [[ -z "${new_server_ip6}" && -z "${new_server_ip4}" ]]; then
    61. 

  61.   new_server_ip6=$(dig AAAA +short $ynh_server_names @127.0.0.1 | grep -v '\.$' | grep -v "timed out" | sort | uniq)
    62. 

  62. fi
    63. 

  63. 

  64. echo "[INFO] Autodetected internet interface: ${new_wired_device} (last start: ${old_wired_device})"
    65. 

  65. echo "[INFO] Autodetected IPv6 address for the VPN server: ${new_server_ip6} (last start: ${old_server_ip6})"
    66. 

  66. 

  67. # Check old state of the server ipv6 route
    68. 

  68. if [[ -n "${old_server_ip6}" && -n "${old_ip6_gw}" && -n "${old_wired_device}" ]]; then
    69. 

  69.   if [[ "${new_server_ip6}" != "${old_server_ip6}" || "${new_ip6_gw}" != "${old_ip6_gw}" || "${new_wired_device}" != "${old_wired_device}" ]]; then
    70. 

  70.     if is_serverip6route_set "${old_server_ip6}"; then
    71. 

  71.       unset_serverip6route "${old_server_ip6}" "${old_ip6_gw}" "${old_wired_device}"
    72. 

  72.     fi
    73. 

  73.   fi
    74. 

  74. fi
    75. 

  75. 

  76. # Set the new server ipv6 route
    77. 

  77. if has_nativeip6; then
    78. 

  78.   if ! is_serverip6route_set "${new_server_ip6}"; then
    79. 

  79.     set_serverip6route "${new_server_ip6}" "${new_ip6_gw}" "${new_wired_device}"
    80. 

  80.   fi
    81. 

  81. 

  82.   echo "[INFO] Native IPv6 detected"
    83. 

  83.   echo "[INFO] Autodetected native IPv6 gateway: ${new_ip6_gw} (last start: ${old_ip6_gw})"
    84. 

  84. 

  85.   if is_serverip6route_set "${new_server_ip6}"; then
    86. 

  86.     echo "[ OK ] IPv6 server route correctly set"
    87. 

  87.   else
    88. 

  88.     echo "[FAIL] No IPv6 server route set" >&2
    89. 

  89.     exit 1
    90. 

  90.   fi
    91. 

  91. else
    92. 

  92.   echo "[INFO] No native IPv6 detected"
    93. 

  93.   echo "[INFO] No IPv6 server route to set"
    94. 

  94. fi
    95. 

  95. 

  96. yunohost app setting vpnclient server_ip6 --value "${new_server_ip6}"
    97. 

  97. yunohost app setting vpnclient ip6_gw --value "${new_ip6_gw}"
    98. 

  98. yunohost app setting vpnclient wired_device --value "${new_wired_device}"
    99.