New upstream version 3.1.1
This commit is contained in:
parent
4e9934e5ec
commit
e7b41df57b
229 changed files with 57000 additions and 12055 deletions
76
scripts/n2n-gateway.sh
Executable file
76
scripts/n2n-gateway.sh
Executable file
|
|
@ -0,0 +1,76 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# This is a sample script to route all the host traffic towards a remote
|
||||
# gateway, which is reacheable via the n2n virtual interface.
|
||||
#
|
||||
# This assumes the n2n connection is already been established and the
|
||||
# VPN gateway can be pinged by this host.
|
||||
#
|
||||
|
||||
#######################################################
|
||||
# CONFIG
|
||||
#######################################################
|
||||
|
||||
# The IP address of the gateway through the n2n interface
|
||||
N2N_GATEWAY="192.168.100.1"
|
||||
|
||||
# The IP address of the supernode as configured in n2n
|
||||
N2N_SUPERNODE="1.2.3.4"
|
||||
|
||||
# The n2n interface name
|
||||
N2N_INTERFACE="n2n0"
|
||||
|
||||
# The DNS server to use. Must be a public DNS or a DNS located on the
|
||||
# N2N virtual network, otherwise DNS query information will be leaked
|
||||
# outside the VPN.
|
||||
DNS_SERVER="8.8.8.8"
|
||||
|
||||
#######################################################
|
||||
# END CONFIG
|
||||
#######################################################
|
||||
|
||||
if [[ $UID -ne 0 ]]; then
|
||||
echo "This script must be run as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! ip route get $N2N_GATEWAY | grep -q $N2N_INTERFACE ; then
|
||||
echo "Cannot reach the gateway ($N2N_GATEWAY) via $N2N_INTERFACE. Is edge running?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Determine the current internet gateway
|
||||
internet_gateway=$(ip route get 8.8.8.8 | head -n1 | awk '{ print $3 }')
|
||||
|
||||
# Backup the DNS resolver configuration and use the specified server
|
||||
cp /etc/resolv.conf /etc/resolv.conf.my_bak
|
||||
echo "Using DNS server $DNS_SERVER"
|
||||
echo "nameserver $DNS_SERVER" > /etc/resolv.conf
|
||||
|
||||
# The public IP of the supernode must be reachable via the internet gateway
|
||||
# Whereas all the other traffic will go through the new VPN gateway.
|
||||
ip route add $N2N_SUPERNODE via "$internet_gateway"
|
||||
ip route del default
|
||||
echo "Forwarding traffic via $N2N_GATEWAY"
|
||||
ip route add default via $N2N_GATEWAY
|
||||
|
||||
function stopService {
|
||||
echo "Deleting custom routes"
|
||||
ip route del default
|
||||
ip route del $N2N_SUPERNODE via "$internet_gateway"
|
||||
|
||||
echo "Restoring original gateway $internet_gateway"
|
||||
ip route add default via "$internet_gateway"
|
||||
|
||||
echo "Restoring original DNS"
|
||||
mv /etc/resolv.conf.my_bak /etc/resolv.conf
|
||||
|
||||
exit 0
|
||||
}
|
||||
|
||||
# setup signal handlers
|
||||
trap "stopService" SIGHUP SIGINT SIGTERM
|
||||
|
||||
# enter wait loop
|
||||
echo "VPN is now up"
|
||||
while :; do sleep 300; done
|
||||
Loading…
Add table
Add a link
Reference in a new issue