mlow/vpnerator
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Only set net.ipv4.ip_forward if it wasn't already

Browse Source
This commit is contained in:
Matt Low
2021-01-01 07:51:50 -07:00
parent 727aa097bf
commit 956304a78e
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
vpnerator.sh
View File

@ -46,6 +46,13 @@ deps() {
return 0 return 0
} }
enable_forwarding() {
if sysctl net.ipv4.ip_forward | grep -q 0 ; then
sudo sysctl -wq net.ipv4.ip_forward=1
touch /tmp/vpnerator-ipfwd
fi
}
remove_interface() { remove_interface() {
exec_sudo iptables -D FORWARD -i \$1 -j ACCEPT exec_sudo iptables -D FORWARD -i \$1 -j ACCEPT
exec_sudo iptables -D FORWARD -o \$1 -j ACCEPT exec_sudo iptables -D FORWARD -o \$1 -j ACCEPT
@ -54,10 +61,12 @@ remove_interface() {
} }
cleanup() { cleanup() {
sudo sysctl -wq net.ipv4.ip_forward=0 if [ -f '/tmp/vpnerator-ipfwd' ] ; then
sudo sysctl -wq net.ipv4.ip_forward=0
rm /tmp/vpnerator-ipfwd
fi
EXIST_INTERFACE=\$(ip addr show to ${SERVER_ADDR} | head -1 | awk '{ print \$2 }' | cut -d':' -f1) EXIST_INTERFACE=\$(ip addr show to ${SERVER_ADDR} | head -1 | awk '{ print \$2 }' | cut -d':' -f1)
if [ ! -z "\${EXIST_INTERFACE}" ] ; then if [ ! -z "\${EXIST_INTERFACE}" ] ; then
if [ -z "\$(ip link show "\${EXIST_INTERFACE}" type wireguard)" ] ; then if [ -z "\$(ip link show "\${EXIST_INTERFACE}" type wireguard)" ] ; then
# bail if the existing interface isn't of type wireguard # bail if the existing interface isn't of type wireguard
@ -112,7 +121,7 @@ EOF
exec_sudo wg setconf "${INTERFACE_NAME}" "\${TMP}" exec_sudo wg setconf "${INTERFACE_NAME}" "\${TMP}"
rm "\${TMP}" rm "\${TMP}"
exec_sudo sysctl -wq net.ipv4.ip_forward=1 enable_forwarding
exec_sudo ip addr add "${SERVER_ADDR}" dev "${INTERFACE_NAME}" exec_sudo ip addr add "${SERVER_ADDR}" dev "${INTERFACE_NAME}"
exec_sudo ip link set mtu 1420 up dev "${INTERFACE_NAME}" exec_sudo ip link set mtu 1420 up dev "${INTERFACE_NAME}"