raspap-webgui/installers/configauth.sh

#!/bin/bash
#
# Updates openvpn client.conf with auth credentials,
# adds iptables rules to forward traffic from tun0
# to configured wireless interface
# @author billz
# license: GNU General Public License v3.0

# Exit on error
set -o errexit
# Exit on error inside functions
set -o errtrace
# Turn on traces, disabled by default
#set -o xtrace

file=$1
auth=$2
interface=$3
readonly rulesv4="/etc/iptables/rules.v4"

if [ "$auth" = 1 ]; then
    echo "Enabling auth-user-pass in OpenVPN client.conf"
    line='auth-user-pass'
    if grep -q "$line" $file; then
        echo "Updating $line"
        sudo sed -i "s/$line/$line login.conf/g" $file
    else
        echo "Adding $line"
        sudo sed -i "$ a $line login.conf" $file
    fi
fi

# Configure NAT and forwarding with iptables
echo "Checking iptables rules"
rules=(
"-A POSTROUTING -o tun0 -j MASQUERADE"
"-A FORWARD -i tun0 -o ${interface} -m state --state RELATED,ESTABLISHED -j ACCEPT"
"-A FORWARD -i ${interface} -o tun0 -j ACCEPT"
)

for rule in "${rules[@]}"; do
    if grep -- "$rule" $rulesv4 > /dev/null; then
        echo "Rule already exits: ${rule}"
    else
        rule=$(sed -e 's/^\(-A POSTROUTING\)/-t nat \1/' <<< $rule)
        echo "Adding rule: ${rule}"
        sudo iptables $rule
        added=true
    fi
done

if [ "$added" = true ]; then
    echo "Persisting IP tables rules"
    sudo iptables-save | sudo tee $rulesv4 > /dev/null
fi
Initial commit 2019-11-15 10:01:57 +01:00			`#!/bin/bash`
Add iptables entries to rc.local 2019-11-17 11:17:57 +01:00			`#`
			`# Updates openvpn client.conf with auth credentials,`
			`# adds iptables rules to forward traffic from tun0`
			`# to configured wireless interface`
			`# @author billz`
			`# license: GNU General Public License v3.0`

Check existing iptables rules 2020-03-24 18:45:04 +01:00			`# Exit on error`
			`set -o errexit`
			`# Exit on error inside functions`
			`set -o errtrace`
			`# Turn on traces, disabled by default`
			`#set -o xtrace`

Add iptables entries to rc.local 2019-11-17 11:17:57 +01:00			`file=$1`
Added argument for auth-user-pass 2019-11-17 19:20:25 +01:00			`auth=$2`
			`interface=$3`
Check existing iptables rules 2020-03-24 18:45:04 +01:00			`readonly rulesv4="/etc/iptables/rules.v4"`
Added argument for auth-user-pass 2019-11-17 19:20:25 +01:00
			`if [ "$auth" = 1 ]; then`
Update iptables msgs 2019-11-17 20:08:39 +01:00			`echo "Enabling auth-user-pass in OpenVPN client.conf"`
			`line='auth-user-pass'`
			`if grep -q "$line" $file; then`
			`echo "Updating $line"`
			`sudo sed -i "s/$line/$line login.conf/g" $file`
			`else`
			`echo "Adding $line"`
			`sudo sed -i "$ a $line login.conf" $file`
			`fi`
Initial commit 2019-11-15 10:01:57 +01:00			`fi`

Replace update rc.local w/ iptables-save 2020-03-24 12:17:01 +01:00			`# Configure NAT and forwarding with iptables`
Check existing iptables rules 2020-03-24 18:45:04 +01:00			`echo "Checking iptables rules"`
			`rules=(`
			`"-A POSTROUTING -o tun0 -j MASQUERADE"`
			`"-A FORWARD -i tun0 -o ${interface} -m state --state RELATED,ESTABLISHED -j ACCEPT"`
Implement Client configuration - add mobile date network devices and configuration - add client configuration via udev - add GUI under networking tab - add scripts to handle mobile data devices 2021-03-07 18:36:48 +01:00			`"-A FORWARD -i ${interface} -o tun0 -j ACCEPT"`
Check existing iptables rules 2020-03-24 18:45:04 +01:00			`)`
Added argument for auth-user-pass 2019-11-17 19:20:25 +01:00
Check existing iptables rules 2020-03-24 18:45:04 +01:00			`for rule in "${rules[@]}"; do`
			`if grep -- "$rule" $rulesv4 > /dev/null; then`
			`echo "Rule already exits: ${rule}"`
			`else`
			`rule=$(sed -e 's/^\(-A POSTROUTING\)/-t nat \1/' <<< $rule)`
			`echo "Adding rule: ${rule}"`
			`sudo iptables $rule`
			`added=true`
			`fi`
			`done`

			`if [ "$added" = true ]; then`
			`echo "Persisting IP tables rules"`
Replace hardcoded path with var 2020-03-26 00:00:26 +01:00			`sudo iptables-save \| sudo tee $rulesv4 > /dev/null`
Check existing iptables rules 2020-03-24 18:45:04 +01:00			`fi`
Add iptables entries to rc.local 2019-11-17 11:17:57 +01:00