forked from freifunk-franken/firmware
Reconfigure vpn-select for keyxchangev2
we need some little changes and copy some things to fff-hood later Signed-off-by: Christian Dresel <fff@chrisi01.de> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This commit is contained in:
parent
1d4dd25341
commit
b18bfb193d
|
@ -1,6 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
|
|
||||||
sleep 3
|
|
||||||
/usr/sbin/vpn-select
|
|
||||||
}
|
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select
|
|
|
@ -5,21 +5,19 @@ test -f /tmp/started || exit
|
||||||
make_config() {
|
make_config() {
|
||||||
# remove old config
|
# remove old config
|
||||||
>/etc/config/tunneldigger
|
>/etc/config/tunneldigger
|
||||||
rm /tmp/fastd_${project}_peers/*
|
rm /tmp/fastd_fff_peers/*
|
||||||
count=0
|
count=0
|
||||||
# get fastd peers
|
# get fastd peers
|
||||||
pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable)
|
filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_fff_output)
|
||||||
wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
|
|
||||||
filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
|
|
||||||
for file in $filecounts; do
|
for file in $filecounts; do
|
||||||
awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
|
awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_fff_output | sed 's/ float;/;/g' > /etc/fastd/fff/peers/$file
|
||||||
echo 'float yes;' >> /etc/fastd/$project/peers/$file
|
echo 'float yes;' >> /etc/fastd/fff/peers/$file
|
||||||
|
|
||||||
# ask for Broker and select the tunnel
|
# ask for Broker and select the tunnel
|
||||||
IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/${project}/peers/$file)
|
IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/fff/peers/$file)
|
||||||
if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then
|
if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then
|
||||||
# Gateway offers l2tp
|
# Gateway offers l2tp
|
||||||
FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/${project}/peers/$file)
|
FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/fff/peers/$file)
|
||||||
L2PORT=$((FDPORT + 10000))
|
L2PORT=$((FDPORT + 10000))
|
||||||
UUID=$hostname
|
UUID=$hostname
|
||||||
|
|
||||||
|
@ -32,43 +30,28 @@ for file in $filecounts; do
|
||||||
uci -c /tmp commit tunneldigger
|
uci -c /tmp commit tunneldigger
|
||||||
count=$((count + 1))
|
count=$((count + 1))
|
||||||
# remove this fastd-peer
|
# remove this fastd-peer
|
||||||
rm /etc/fastd/${project}/peers/$file
|
rm /etc/fastd/fff/peers/$file
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
# main
|
# main
|
||||||
test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
|
|
||||||
test_ipv4_host2="8.8.8.8" # Google DNS
|
|
||||||
test_ipv6_host1="heise.de" # heise Zeitschriftenverlag
|
|
||||||
|
|
||||||
# Only do something when the router has internet connection
|
# Only do something when file is here and greater 0 byte
|
||||||
if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
|
if [ -s /tmp/fastd_fff_output ]; then
|
||||||
ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
|
|
||||||
ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
|
|
||||||
|
|
||||||
# set some vars
|
# set some vars
|
||||||
. /etc/community.cfg
|
|
||||||
project="$VPN_PROJECT"
|
|
||||||
mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
|
|
||||||
lat=$(uci get system.@system[0].latitude)
|
|
||||||
long=$(uci get system.@system[0].longitude)
|
|
||||||
hostname=$(cat /proc/sys/kernel/hostname)
|
hostname=$(cat /proc/sys/kernel/hostname)
|
||||||
|
mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
|
||||||
[ "$hostname" = "OpenWrt" ] && hostname=""
|
[ "$hostname" = "OpenWrt" ] && hostname=""
|
||||||
[ "$hostname" = "" ] && hostname="$mac"
|
[ "$hostname" = "" ] && hostname="$mac"
|
||||||
|
|
||||||
if [ ! -d /tmp/fastd_${project}_peers ]; then
|
if [ ! -d /tmp/fastd_fff_peers ]; then
|
||||||
# first run after reboot
|
# first run after reboot
|
||||||
mkdir /tmp/fastd_${project}_peers
|
mkdir /tmp/fastd_fff_peers
|
||||||
# do we have a fastd secret
|
|
||||||
if ! egrep "option secret '[0-9a-f]{64}'" /etc/config/fastd &>/dev/null; then
|
|
||||||
secret=$(fastd --generate-key 2>&1 | awk '/[Ss]ecret/ { print $2 }')
|
|
||||||
uci set fastd.${project}.secret="$secret"
|
|
||||||
uci commit fastd
|
|
||||||
fi
|
|
||||||
make_config
|
make_config
|
||||||
# start fastd only if there are some peers left
|
# start fastd only if there are some peers left
|
||||||
[ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start
|
[ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start
|
||||||
/etc/init.d/tunneldigger start
|
/etc/init.d/tunneldigger start
|
||||||
else
|
else
|
||||||
# check if new tunneldigger conf is different
|
# check if new tunneldigger conf is different
|
||||||
|
@ -79,8 +62,8 @@ if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
|
||||||
/etc/init.d/fastd reload
|
/etc/init.d/fastd reload
|
||||||
|
|
||||||
# fastd start/stop for various situations
|
# fastd start/stop for various situations
|
||||||
pidfile="/tmp/run/fastd.${project}.pid"
|
pidfile="/tmp/run/fastd.fff.pid"
|
||||||
if [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ]; then
|
if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then
|
||||||
([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
|
([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
|
||||||
else
|
else
|
||||||
([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
|
([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
|
||||||
|
|
Loading…
Reference in New Issue