| 1234567891011121314151617181920212223242526272829303132333435363738394041 |
- #!/bin/sh
- #set -e
- export RNG=PROGRAM
- if [ ${mode} == "server" ]
- then
- mv /etc/openvpn/server.conf /etc/openvpn/ovpn.conf
- echo -e "LegacySigningMDs md2 md5\nMinimumDHBits 512\n" >> /etc/pki/tls/legacy-settings
- if [[ ${dev} && ${net} && ${ip} ]]
- then
- trap cleanup SIGTERM EXIT
- cleanup()
- {
- ip addr del ${ip}/24 dev ${dev}:ovpn
- iptables -D FORWARD -m state --state NEW -s 10.10.20.0/24 -d ${net}/24 -j DROP
- }
- ip addr add ${ip}/24 brd + dev ${dev} label ${dev}:ovpn
- iptables -I FORWARD 1 -m state --state NEW -s 10.10.20.0/24 -d ${net}/24 -j DROP
- echo "push \"route ${net} 255.255.255.0\"" >> /etc/openvpn/ovpn.conf
- exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@" &
- wait
- else
- exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@"
-
- fi
-
- fi
- if [ ${mode} == "client" ]
- then
- mv /etc/openvpn/client.conf /etc/openvpn/ovpn.conf
- echo "remote ${server}" >> /etc/openvpn/ovpn.conf
- echo -e "LegacySigningMDs md2 md5\nMinimumDHBits 512\n" >> /etc/pki/tls/legacy-settings
- exec "/usr/sbin/openvpn" "--config" "/etc/openvpn/ovpn.conf" "$@"
- fi
- if [ ${mode} == "keygen" ]
- then
- echo "$SSHKEY" > /tmp/keyfile
- chmod 0400 /tmp/keyfile
- exec "$@"
- fi
|
