You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

56 lines
1.4 KiB

#!/bin/bash
#
# Updates openvpn client.conf with auth credentials,
# adds iptables rules to forward traffic from tun0
# to configured wireless interface
# @author billz
# license: GNU General Public License v3.0
# Exit on error
set -o errexit
# Exit on error inside functions
set -o errtrace
# Turn on traces, disabled by default
#set -o xtrace
file=$1
auth=$2
interface=$3
readonly rulesv4="/etc/iptables/rules.v4"
if [ "$auth" = 1 ]; then
echo "Enabling auth-user-pass in OpenVPN client.conf"
line='auth-user-pass'
if grep -q "$line" $file; then
echo "Updating $line"
sudo sed -i "s/$line/$line login.conf/g" $file
else
echo "Adding $line"
sudo sed -i "$ a $line login.conf" $file
fi
fi
# Configure NAT and forwarding with iptables
echo "Checking iptables rules"
rules=(
"-A POSTROUTING -o tun0 -j MASQUERADE"
"-A FORWARD -i tun0 -o ${interface} -m state --state RELATED,ESTABLISHED -j ACCEPT"
"-A FORWARD -i ${interface} -o tun0 -j ACCEPT"
)
for rule in "${rules[@]}"; do
if grep -- "$rule" $rulesv4 > /dev/null; then
echo "Rule already exits: ${rule}"
else
rule=$(sed -e 's/^\(-A POSTROUTING\)/-t nat \1/' <<< $rule)
echo "Adding rule: ${rule}"
sudo iptables $rule
added=true
fi
done
if [ "$added" = true ]; then
echo "Persisting IP tables rules"
sudo iptables-save | sudo tee $rulesv4 > /dev/null
fi