Only set net.ipv4.ip_forward if it wasn't already

2021-01-01 07:51:50 -07:00
parent 727aa097bf
commit 956304a78e
1 changed files with 12 additions and 3 deletions
--- a/vpnerator.sh
+++ b/vpnerator.sh
@ -46,6 +46,13 @@ deps() {
 	return 0
 }

+enable_forwarding() {
+	if sysctl net.ipv4.ip_forward | grep -q 0 ; then
+		sudo sysctl -wq net.ipv4.ip_forward=1
+		touch /tmp/vpnerator-ipfwd
+	fi
+}
+
 remove_interface() {
 	exec_sudo iptables -D FORWARD -i \$1 -j ACCEPT
 	exec_sudo iptables -D FORWARD -o \$1 -j ACCEPT
@ -54,10 +61,12 @@ remove_interface() {
 }

 cleanup() {
+	if [ -f '/tmp/vpnerator-ipfwd' ] ; then
 		sudo sysctl -wq net.ipv4.ip_forward=0
+		rm /tmp/vpnerator-ipfwd
+	fi

 	EXIST_INTERFACE=\$(ip addr show to ${SERVER_ADDR} | head -1 | awk '{ print \$2 }' | cut -d':' -f1)
-
 	if [ ! -z "\${EXIST_INTERFACE}" ] ; then
 		if [ -z "\$(ip link show "\${EXIST_INTERFACE}" type wireguard)" ] ; then
 			# bail if the existing interface isn't of type wireguard
@ -112,7 +121,7 @@ EOF
 exec_sudo wg setconf "${INTERFACE_NAME}" "\${TMP}"
 rm "\${TMP}"

-exec_sudo sysctl -wq net.ipv4.ip_forward=1
+enable_forwarding

 exec_sudo ip addr add "${SERVER_ADDR}" dev "${INTERFACE_NAME}"
 exec_sudo ip link set mtu 1420 up dev "${INTERFACE_NAME}"