diff options
| author | Peter Palfrader <peter@palfrader.org> | 2016-11-26 18:20:14 +0100 |
|---|---|---|
| committer | Peter Palfrader <peter@palfrader.org> | 2016-11-26 18:20:14 +0100 |
| commit | 1ad494571d02781603823b81026e1d74853f16d7 (patch) | |
| tree | 103e7fdb94349800c428b8123463df669418e3b7 | |
| parent | 28923965fedd8735ac0b71b83f852b5f35185f96 (diff) | |
support multiple listening ports and addresses, support redirecting the default gw
| -rwxr-xr-x | Generate | 23 |
1 files changed, 21 insertions, 2 deletions
@@ -153,6 +153,11 @@ REMOTE_IP=$5 ACTION=$6 echo 0 > /proc/sys/net/ipv4/conf/$TUN_DEV/rp_filter + +#gw=$(ip route show 0.0.0.0/0 | awk \'{print $3; exit }\'); +#ip r add 141.70.64.0/20 via "$gw" +#ip r add 10.0.0.0/8 via "$gw" +true ' ###################################################################################### @@ -645,10 +650,23 @@ hostlist.each{ |host| mtu = 1200 conffile.puts "fragment #{mtu}" conffile.puts "ifconfig %s %s"%[host['vpn_address'], peer['vpn_address']] - conffile.puts "rport #{host['inet_port'][ peer['name'] ]['remote']}" + remote_addr = [] + remote_addr << peer['host_address'] if peer['host_address'] + remote_addr += peer['host_address_extra'] if peer['host_address_extra'] + remote_port = [ host['inet_port'][ peer['name'] ]['remote'] ] + remote_port += peer['host_port_extra'] if peer['host_port_extra'] + if remote_addr.size > 0 then + remote_addr.each do |raddr| + remote_port.each do |rport| + conffile.puts "remote #{raddr} #{rport}" + end + end + else + throw "have host_port_extra but no host_address(_extra)" if peer['host_port_extra'] + conffile.puts "rport #{host['inet_port'][ peer['name'] ]['remote']}" + end conffile.puts "lport #{host['inet_port'][ peer['name'] ]['local']}" unless host['accepts'].nil? conffile.puts "nobind" if host['accepts'].nil? - conffile.puts "remote %s"%[peer['host_address']] if peer['host_address'] if host['bind_address'] conffile.puts "local %s"%[host['bind_address']] elsif host['host_address'] @@ -678,6 +696,7 @@ hostlist.each{ |host| conffile.puts "keepalive 7 30" conffile.puts "verb 3" conffile.puts "script-security 2" if host['openvpn'] == '2.1' + conffile.puts "redirect-gateway def1" if host['default-via'] and host['default-via'] == peer['name'] conffile.close ########## |