From f07343eed07d7e551f164e3e0b16a05bf6e74c30 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 11 Jan 2017 18:58:28 +0100
Subject: Handle ipv6 default gateway redirection

---
 Generate | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/Generate b/Generate
index 29c3ce4..a7b7195 100755
--- a/Generate
+++ b/Generate
@@ -292,6 +292,8 @@ $config['hosts'].each_pair{ |name, host|
 	if host['ipv6']
 		host['networks6'][host['vpn_address6']+"/128"] = host['groups'].join(',')
 	end
+	host['default6'] = false unless host.has_key?('default6')
+	host['openvpn_ge_23'] = true if host['openvpn_ge_24']
 	host['inet_port'] = {}
 }
 throw "Duplicate iface names" unless hostlist.collect{ |host| host['ifacename'] }.uniq.size == $config['hosts'].size
@@ -642,6 +644,9 @@ hostlist.each{ |host|
 		upscriptname = "#{dir}/"+upscriptnamebase
 
 		conffile = File.new("#{dir}/#{$NAMESPACE}-%s.conf"%[peer['name']], "w")
+		upscript = File.new(upscriptname, "w")
+
+
 		conffile.puts "dev %s"%[peer['ifacename']]
 		conffile.puts "tun-ipv6" if host['ipv6'] and peer['ipv6']
 		#mtu = 1434
@@ -709,17 +714,27 @@ hostlist.each{ |host|
 		conffile.puts "keepalive 7 30"
 		conffile.puts "verb 3"
 		conffile.puts "script-security 2"
-		conffile.puts "redirect-gateway def1" if host['default-via'] and host['default-via'] == peer['name']
-		conffile.close
+		if host['default-via'] and host['default-via'] == peer['name']
+			if host['default6'] and host['ipv6'] and host['openvpn_ge_24']
+				conffile.puts "redirect-gateway def1 ipv6"
+			else
+				conffile.puts "redirect-gateway def1"
+			end
+		end
 
 		##########
-		upscript = File.new(upscriptname, "w")
 		upscript.puts UPSCRIPT
 		if host['ipv6'] and peer['ipv6']
-			upscript.puts "ip -6 addr add #{ host['link-local'][ peer['name'] ]['me']  }/64 dev $TUN_DEV"
+			if host['openvpn_ge_24']
+				conffile.puts "ifconfig-ipv6 %s %s"%[host['link-local'][ peer['name'] ]['me'], host['link-local'][ peer['name'] ]['peer'] ]
+			else
+				upscript.puts "ip -6 addr add #{ host['link-local'][ peer['name'] ]['me']  }/64 dev $TUN_DEV"
+			end
 			upscript.puts "ip -6 addr add #{ host['vpn_address6']  }/128 dev $TUN_DEV"
 		end
 		upscript.puts "true"
+
+		conffile.close
 		upscript.close
 		File.chmod(0755, upscriptname) == 1 or throw "Cannot chmod #{upscriptname}"
 
-- 
cgit v1.2.3