Home Explore Help
Sign In
labriqueinternet
/
vpnclient_ynh
mirror of https://github.com/labriqueinternet/vpnclient_ynh
3
0
Fork 0
Files
Tree: c86c653298
Branches Tags
vpnclient_ynh
/
conf
/
scripts
/
route-up.d
/
30-vpnclient-set-server-ipv6-route

30-vpnclient-set-server-ipv6-route 2.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990 
  1. #!/bin/bash
    2. 

  2. 

  3. has_nativeip6() {
    4. 

  4.   ip -6 route | grep -q "default via"
    5. 

  5. }
    6. 

  6. 

  7. is_serverip6route_set() {
    8. 

  8.   local server_ip6s=${1}
    9. 

  9. 

  10.   if [[ -z "${server_ip6s}" ]]; then
    11. 

  11.     return 0
    12. 

  12.   fi
    13. 

  13. 

  14.   for server_ip6 in ${server_ip6s}; do
    15. 

  15.     if ! ip -6 route | grep -q "^${server_ip6}"; then
    16. 

  16.       return 1
    17. 

  17.     fi
    18. 

  18.   done
    19. 

  19. }
    20. 

  20. 

  21. set_serverip6route() {
    22. 

  22.   local server_ip6s=${1}
    23. 

  23.   local ip6_gw=${2}
    24. 

  24.   local wired_device=${3}
    25. 

  25. 

  26.   for server_ip6 in ${server_ip6s}; do
    27. 

  27.     ip route add "${server_ip6}/128" via "${ip6_gw}" dev "${wired_device}"
    28. 

  28.   done
    29. 

  29. }
    30. 

  30. 

  31. unset_serverip6route() {
    32. 

  32.   local server_ip6s=${1}
    33. 

  33.   local ip6_gw=${2}
    34. 

  34.   local wired_device=${3}
    35. 

  35. 

  36.   for server_ip6 in ${server_ip6s}; do
    37. 

  37.     ip route delete "${server_ip6}/128" via "${ip6_gw}" dev "${wired_device}"
    38. 

  38.   done
    39. 

  39. }
    40. 

  40. 

  41. old_ip6_gw=$(yunohost app setting vpnclient ip6_gw)
    42. 

  42. old_wired_device=$(yunohost app setting vpnclient wired_device)
    43. 

  43. old_server_ip6=$(yunohost app setting vpnclient server_ip6)
    44. 

  44. 

  45. new_ip6_gw=$(ip -6 route | awk '/default via/ { print $3 }')
    46. 

  46. new_wired_device=$(ip route | awk '/default via/ { print $5; }')
    47. 

  47. ynh_server_names=$(grep -o -P '^\s*remote\s+\K([^\s]+)' /etc/openvpn/client.conf | sort | uniq)
    48. 

  48. new_server_ip6=$(dig AAAA +short $ynh_server_names @127.0.0.1 | grep -v '\.$' | grep -v "timed out" | sort | uniq)
    49. 

  49. 

  50. for i in $ynh_server_names; do
    51. 

  51.   if [[ "${i}" =~ : ]] && [[ ! "$new_server_ip6" == *"${i}"* ]] ; then
    52. 

  52.     new_server_ip6+=" ${i}"
    53. 

  53.   fi
    54. 

  54. done
    55. 

  55. 

  56. echo "[INFO] Autodetected internet interface: ${new_wired_device} (last start: ${old_wired_device})"
    57. 

  57. echo "[INFO] Autodetected IPv6 address for the VPN server: ${new_server_ip6} (last start: ${old_server_ip6})"
    58. 

  58. 

  59. # Check old state of the server ipv6 route
    60. 

  60. if [[ -n "${old_server_ip6}" && -n "${old_ip6_gw}" && -n "${old_wired_device}" ]]; then
    61. 

  61.   if [[ "${new_server_ip6}" != "${old_server_ip6}" || "${new_ip6_gw}" != "${old_ip6_gw}" || "${new_wired_device}" != "${old_wired_device}" ]]; then
    62. 

  62.     if is_serverip6route_set "${old_server_ip6}"; then
    63. 

  63.       unset_serverip6route "${old_server_ip6}" "${old_ip6_gw}" "${old_wired_device}"
    64. 

  64.     fi
    65. 

  65.   fi
    66. 

  66. fi
    67. 

  67. 

  68. # Set the new server ipv6 route
    69. 

  69. if has_nativeip6; then
    70. 

  70.   if ! is_serverip6route_set "${new_server_ip6}"; then
    71. 

  71.     set_serverip6route "${new_server_ip6}" "${new_ip6_gw}" "${new_wired_device}"
    72. 

  72.   fi
    73. 

  73. 

  74.   echo "[INFO] Native IPv6 detected"
    75. 

  75.   echo "[INFO] Autodetected native IPv6 gateway: ${new_ip6_gw} (last start: ${old_ip6_gw})"
    76. 

  76. 

  77.   if is_serverip6route_set "${new_server_ip6}"; then
    78. 

  78.     echo "[ OK ] IPv6 server route correctly set"
    79. 

  79.   else
    80. 

  80.     echo "[FAIL] No IPv6 server route set" >&2
    81. 

  81.     exit 1
    82. 

  82.   fi
    83. 

  83. else
    84. 

  84.   echo "[INFO] No native IPv6 detected"
    85. 

  85.   echo "[INFO] No IPv6 server route to set"
    86. 

  86. fi
    87. 

  87. 

  88. yunohost app setting vpnclient server_ip6 --value "${new_server_ip6}"
    89. 

  89. yunohost app setting vpnclient ip6_gw --value "${new_ip6_gw}"
    90. 

  90. yunohost app setting vpnclient wired_device --value "${new_wired_device}"
    91.