2019-11-15 10:01:57 +01:00
|
|
|
#!/bin/bash
|
2019-11-17 11:17:57 +01:00
|
|
|
#
|
|
|
|
|
# Updates openvpn client.conf with auth credentials,
|
|
|
|
|
# adds iptables rules to forward traffic from tun0
|
|
|
|
|
# to configured wireless interface
|
|
|
|
|
# @author billz
|
|
|
|
|
# license: GNU General Public License v3.0
|
|
|
|
|
|
|
|
|
|
file=$1
|
2019-11-17 19:20:25 +01:00
|
|
|
auth=$2
|
|
|
|
|
interface=$3
|
|
|
|
|
|
|
|
|
|
if [ "$auth" = 1 ]; then
|
2019-11-17 20:08:39 +01:00
|
|
|
echo "Enabling auth-user-pass in OpenVPN client.conf"
|
|
|
|
|
line='auth-user-pass'
|
|
|
|
|
if grep -q "$line" $file; then
|
|
|
|
|
echo "Updating $line"
|
|
|
|
|
sudo sed -i "s/$line/$line login.conf/g" $file
|
|
|
|
|
else
|
|
|
|
|
echo "Adding $line"
|
|
|
|
|
sudo sed -i "$ a $line login.conf" $file
|
|
|
|
|
fi
|
2019-11-15 10:01:57 +01:00
|
|
|
fi
|
|
|
|
|
|
2019-11-17 11:17:57 +01:00
|
|
|
# Generate iptables entries to place into rc.local file.
|
|
|
|
|
# #RASPAP is for uninstall script
|
2019-11-17 20:08:39 +01:00
|
|
|
echo "Checking iptables rules for $interface"
|
2019-11-17 19:20:25 +01:00
|
|
|
|
2019-11-17 11:17:57 +01:00
|
|
|
lines=(
|
|
|
|
|
"iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE #RASPAP"
|
|
|
|
|
"iptables -A FORWARD -i tun0 -o $interface -m state --state RELATED,ESTABLISHED -j ACCEPT #RASPAP"
|
|
|
|
|
"iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT #RASPAP"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
for line in "${lines[@]}"; do
|
2019-11-17 20:08:39 +01:00
|
|
|
if grep "$line" /etc/rc.local > /dev/null; then
|
2019-11-17 11:17:57 +01:00
|
|
|
else
|
2019-11-17 20:08:39 +01:00
|
|
|
sudo sed -i "s/^exit 0$/$line\nexit 0/" /etc/rc.local
|
|
|
|
|
echo "Adding rule: $line"
|
|
|
|
|
fi
|
2019-11-17 11:17:57 +01:00
|
|
|
done
|
|
|
|
|
|
|
|
|
|
# Force a reload of new settings in /etc/rc.local
|
|
|
|
|
sudo systemctl restart rc-local.service
|
|
|
|
|
sudo systemctl daemon-reload
|
|
|
|
|
|
