Hi, guys.
The background: I am running openvpn on port 53 because it is the only
open port at a given site. For that reason, I had to beat into
submission both dnsmasq (telling it NOT to bind 0.0.0.0:53, but lan:53)
and openvpn.
Since openvpn does not allow an interface to be specified, I had to whip
up a script that updates all openvpn config sections dynamically when
run from hotplug with the current wan ip address.
The script relies on openvpn's own initscript, to minimize code
duplication. I am sure it could be improved, but I strived hard to reuse
as much as possible of the config infrastructure.
So, here it is... say HI if you find it useful :-)
BR,
Andrea.
#!/bin/sh
# OpenVPN dynamic ip reconfiguration script
# Copyright (C) 2009 Andrea Borgia
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
. /etc/functions.sh
. /etc/init.d/openvpn
reconfig_service_with_dynamic_address() {
local section="$1"
local enable=0
local ipaddr=""
# Config read/write examples:
# config_get ipaddr vpn_name local
# config_set vpn_name local $ipaddr
# disabled?
config_get_bool enable "$section" enable 0
[ "$enable" == 0 ] && return 0
ipaddr=`ifconfig "$ifname" | grep "inet addr" | cut -d":" -f2 | cut -d"
" -f1`
[ -z "$ipaddr" ] && return 0
config_set "$section" local "$ipaddr"
}
if [ "$INTERFACE" = "wan" ]; then
local ifname=""
config_load network
config_get ifname wan ifname
[ -z "$ifname" ] && return 0
config_load openvpn
case "${ACTION:-ifup}" in
ifup)
config_foreach reconfig_service_with_dynamic_address
openvpn
config_foreach stop_service openvpn
config_foreach start_service openvpn
;;
ifdown)
config_foreach stop_service openvpn
;;
esac
fi
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
