|
@@ -5,11 +5,15 @@ if [ ${mode} == "server" ]
|
|
|
then
|
|
|
mv /etc/openvpn/server.conf /etc/openvpn/ovpn.conf
|
|
|
echo -e "LegacySigningMDs md2 md5\nMinimumDHBits 512\n" >> /etc/pki/tls/legacy-settings
|
|
|
+ if [[ ${net} ]]
|
|
|
+ then
|
|
|
+ echo "push \"route ${net} 255.255.255.0\"" >> /etc/openvpn/ovpn.conf
|
|
|
+ fi
|
|
|
if [[ ${dev} && ${ip} ]]
|
|
|
then
|
|
|
if [[ !${client_net} ]]
|
|
|
then
|
|
|
- client_net = "10.10.20.0/24"
|
|
|
+ client_net="10.10.20.0/24"
|
|
|
fi
|
|
|
trap cleanup SIGTERM EXIT
|
|
|
cleanup()
|
|
@@ -19,21 +23,19 @@ then
|
|
|
}
|
|
|
ip addr add ${ip}/24 brd + dev ${dev} label ${dev}:ovpn
|
|
|
iptables -I FORWARD 1 -m state --state NEW -s ${client_net} -o external -j DROP
|
|
|
+ exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@" &
|
|
|
+ wait
|
|
|
+ else
|
|
|
+ exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@"
|
|
|
fi
|
|
|
- if [[ ${net} ]]
|
|
|
- then
|
|
|
- echo "push \"route ${net} 255.255.255.0\"" >> /etc/openvpn/ovpn.conf
|
|
|
- fi
|
|
|
- exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@" &
|
|
|
- wait
|
|
|
-fi
|
|
|
+fi
|
|
|
|
|
|
if [ ${mode} == "client" ]
|
|
|
then
|
|
|
mv /etc/openvpn/client.conf /etc/openvpn/ovpn.conf
|
|
|
echo "remote ${server}" >> /etc/openvpn/ovpn.conf
|
|
|
echo -e "LegacySigningMDs md2 md5\nMinimumDHBits 512\n" >> /etc/pki/tls/legacy-settings
|
|
|
- exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@"
|
|
|
+ exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@"
|
|
|
fi
|
|
|
|
|
|
if [ ${mode} == "keygen" ]
|
|
@@ -41,4 +43,4 @@ then
|
|
|
echo "$SSHKEY" > /tmp/keyfile
|
|
|
chmod 0400 /tmp/keyfile
|
|
|
exec "$@"
|
|
|
-fi
|
|
|
+fi
|