|
|
@@ -5,25 +5,28 @@ if [ ${mode} == "server" ]
|
|
|
then
|
|
|
mv /etc/openvpn/server.conf /etc/openvpn/ovpn.conf
|
|
|
echo -e "LegacySigningMDs md2 md5\nMinimumDHBits 512\n" >> /etc/pki/tls/legacy-settings
|
|
|
- if [[ ${dev} && ${net} && ${ip} ]]
|
|
|
+ if [[ ${dev} && ${ip} ]]
|
|
|
+ then
|
|
|
+ if [[ !${client_net}]]
|
|
|
then
|
|
|
- trap cleanup SIGTERM EXIT
|
|
|
- cleanup()
|
|
|
- {
|
|
|
- ip addr del ${ip}/24 dev ${dev}:ovpn
|
|
|
- iptables -D FORWARD -m state --state NEW -s 10.10.20.0/24 -o external -j DROP
|
|
|
- }
|
|
|
- ip addr add ${ip}/24 brd + dev ${dev} label ${dev}:ovpn
|
|
|
- iptables -I FORWARD 1 -m state --state NEW -s 10.10.20.0/24 -o external -j DROP
|
|
|
- echo "push \"route ${net} 255.255.255.0\"" >> /etc/openvpn/ovpn.conf
|
|
|
- exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@" &
|
|
|
- wait
|
|
|
- else
|
|
|
- exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@"
|
|
|
-
|
|
|
+ client_net = "10.10.20.0/24"
|
|
|
+ fi
|
|
|
+ trap cleanup SIGTERM EXIT
|
|
|
+ cleanup()
|
|
|
+ {
|
|
|
+ ip addr del ${ip}/24 dev ${dev}:ovpn
|
|
|
+ iptables -D FORWARD -m state --state NEW -s ${client_net} -o external -j DROP
|
|
|
+ }
|
|
|
+ ip addr add ${ip}/24 brd + dev ${dev} label ${dev}:ovpn
|
|
|
+ iptables -I FORWARD 1 -m state --state NEW -s ${client_net} -o external -j DROP
|
|
|
fi
|
|
|
-
|
|
|
-fi
|
|
|
+ if [[ ${net} ]]
|
|
|
+ then
|
|
|
+ echo "push \"route ${net} 255.255.255.0\"" >> /etc/openvpn/ovpn.conf
|
|
|
+ fi
|
|
|
+ exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@" &
|
|
|
+ wait
|
|
|
+fi
|
|
|
|
|
|
if [ ${mode} == "client" ]
|
|
|
then
|
