Only set net.ipv4.ip_forward if it wasn't already
This commit is contained in:
parent
727aa097bf
commit
956304a78e
15
vpnerator.sh
15
vpnerator.sh
@ -46,6 +46,13 @@ deps() {
|
||||
return 0
|
||||
}
|
||||
|
||||
enable_forwarding() {
|
||||
if sysctl net.ipv4.ip_forward | grep -q 0 ; then
|
||||
sudo sysctl -wq net.ipv4.ip_forward=1
|
||||
touch /tmp/vpnerator-ipfwd
|
||||
fi
|
||||
}
|
||||
|
||||
remove_interface() {
|
||||
exec_sudo iptables -D FORWARD -i \$1 -j ACCEPT
|
||||
exec_sudo iptables -D FORWARD -o \$1 -j ACCEPT
|
||||
@ -54,10 +61,12 @@ remove_interface() {
|
||||
}
|
||||
|
||||
cleanup() {
|
||||
sudo sysctl -wq net.ipv4.ip_forward=0
|
||||
if [ -f '/tmp/vpnerator-ipfwd' ] ; then
|
||||
sudo sysctl -wq net.ipv4.ip_forward=0
|
||||
rm /tmp/vpnerator-ipfwd
|
||||
fi
|
||||
|
||||
EXIST_INTERFACE=\$(ip addr show to ${SERVER_ADDR} | head -1 | awk '{ print \$2 }' | cut -d':' -f1)
|
||||
|
||||
if [ ! -z "\${EXIST_INTERFACE}" ] ; then
|
||||
if [ -z "\$(ip link show "\${EXIST_INTERFACE}" type wireguard)" ] ; then
|
||||
# bail if the existing interface isn't of type wireguard
|
||||
@ -112,7 +121,7 @@ EOF
|
||||
exec_sudo wg setconf "${INTERFACE_NAME}" "\${TMP}"
|
||||
rm "\${TMP}"
|
||||
|
||||
exec_sudo sysctl -wq net.ipv4.ip_forward=1
|
||||
enable_forwarding
|
||||
|
||||
exec_sudo ip addr add "${SERVER_ADDR}" dev "${INTERFACE_NAME}"
|
||||
exec_sudo ip link set mtu 1420 up dev "${INTERFACE_NAME}"
|
||||
|
Loading…
Reference in New Issue
Block a user