iankelling.org
/
git
/
vpn-setup
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
469644c
)
add ifname option
author
Ian Kelling
<iank@fsf.org>
Thu, 13 Jan 2022 19:31:01 +0000
(14:31 -0500)
committer
Ian Kelling
<iank@fsf.org>
Thu, 13 Jan 2022 19:31:01 +0000
(14:31 -0500)
vpn-server-setup
patch
|
blob
|
history
diff --git
a/vpn-server-setup
b/vpn-server-setup
index 69ce5416c47fec3c13dad237930962fd1cfdddaa..a4b203bb7e6371021c1d40540df76e43377491a8 100755
(executable)
--- a/
vpn-server-setup
+++ b/
vpn-server-setup
@@
-27,6
+27,7
@@
usage: ${0##*/} [OPTIONS] [IPV6_ADDR/BITS]
-6 IP6_NETWORK Do ip6 nat for this network. ipv6 will work without nat,
but you may want it in certain circumstances.
-d Do not push dns
-6 IP6_NETWORK Do ip6 nat for this network. ipv6 will work without nat,
but you may want it in certain circumstances.
-d Do not push dns
+-i INTERFACE_NAME name of tun interface
-n NAME default = server. 2 servers on the same host need different names.
-p PORT default 1194
-r Do not push default route
-n NAME default = server. 2 servers on the same host need different names.
-p PORT default 1194
-r Do not push default route
@@
-58,13
+59,14
@@
route=true
start=true
ip4=10.8.0
name=server
start=true
ip4=10.8.0
name=server
-temp=$(getopt -l help 4:6:dn:p:rsh "$@") || usage 1
+temp=$(getopt -l help 4:6:d
i:
n:p:rsh "$@") || usage 1
eval set -- "$temp"
while true; do
case $1 in
-4) ip4=$2; shift 2 ;;
-6) ip6net=$2; shift 2 ;;
-d) dns=false; shift ;;
eval set -- "$temp"
while true; do
case $1 in
-4) ip4=$2; shift 2 ;;
-6) ip6net=$2; shift 2 ;;
-d) dns=false; shift ;;
+ -i) ifname=$2; shift 2 ;;
-n) name=$2; shift 2 ;;
-p) port=$2; shift 2 ;;
-r) route=false; shift ;;
-n) name=$2; shift 2 ;;
-p) port=$2; shift 2 ;;
-r) route=false; shift ;;
@@
-160,8
+162,12
@@
if ! $keys_exist; then
fi
fi
fi
fi
-
-gzip -dc /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz >$conf
+if [[ -e /usr/share/doc/openvpn/examples/sample-config-files/server.conf ]]; then
+ cat /usr/share/doc/openvpn/examples/sample-config-files/server.conf >$conf
+else
+ # pre-bullsye name
+ gzip -dc /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz >$conf
+fi
cafile=$server_dir/ca-$name.crt
cp $ca_origin $cafile
cafile=$server_dir/ca-$name.crt
cp $ca_origin $cafile
@@
-222,6
+228,12
@@
push "dhcp-option DNS $ip4.1"
EOF
fi
EOF
fi
+if [[ $ifname ]]; then
+ cat >>$conf <<EOF
+dev $ifname
+EOF
+fi
+
if [[ $ip6 ]]; then
cat >>$conf <<EOF
push tun-ipv6 # legacy option that flidas needs, has no harm.
if [[ $ip6 ]]; then
cat >>$conf <<EOF
push tun-ipv6 # legacy option that flidas needs, has no harm.