2024-01-18 08:33:18 +00:00
|
|
|
#! /bin/bash
|
|
|
|
# Executed by OpenVPN --up within master/OpenVPN context
|
|
|
|
|
|
|
|
source /sf/bin/funcs_net.sh
|
|
|
|
|
|
|
|
# echo "$*" >/tmp/up_args.txt
|
|
|
|
# set >/tmp/up_set.txt
|
|
|
|
|
|
|
|
[[ -z $WG_DEV ]] && WG_DEV="vpnEXIT"
|
|
|
|
|
|
|
|
# Inside this context the PATH needs to be exported:
|
|
|
|
export PATH
|
|
|
|
|
|
|
|
# Add the OpenVPN PEER as default route
|
2024-01-19 17:18:58 +00:00
|
|
|
nsenter.u1000 --setuid 0 --setgid 0 -t "${PID:?}" -n ip route add "${trusted_ip:?}" via "${SF_NET_LG_ROUTER_IP:?}" dev eth0
|
2024-01-18 08:33:18 +00:00
|
|
|
# Remove old default route.
|
2024-01-19 17:18:58 +00:00
|
|
|
|
|
|
|
cd "/tmp/lg-${LID:?}/conf"
|
|
|
|
[[ -f "route" ]] && IFS=$'\n' readarray -t R_ROUTE_ARR <"route"
|
|
|
|
|
2024-01-18 08:33:18 +00:00
|
|
|
set_route_post_up
|
|
|
|
# Remove all BLOCKING OUTPUT rules that were needed between OpenVPN starting
|
|
|
|
# and the device becoming available.
|
|
|
|
nsenter.u1000 --setuid 0 --setgid 0 -t "${PID}" -n iptables -F OUTPUT
|
2024-01-19 17:18:58 +00:00
|
|
|
rm -rf "/tmp/lg-${LID}/conf"
|
2024-01-18 08:33:18 +00:00
|
|
|
|