View difference between Paste ID: <a href="/kTThBV46">kTThBV46</a> and <a href="/LLysnYzG">LLysnYzG</a>

#!/bin/sh
1		#!/bin/sh
2	-	# version: 1.1.0, 26-mar-2021, by eibgrad
2	+	#DEBUG= # uncomment/comment to enable/disable debug mode
3	-	# href: https://tinyurl.com/2jenwbe5
3	+
4		# name: merlin-ovpn-sync-routes.sh
5		# version: 2.0.0, 22-jul-2022, by eibgrad
6	-	SCRIPT="$SCRIPTS_DIR/openvpn-event"
6	+	# purpose: synchronize openvpn client and server routing tables
7		# type(s): openvpn-event
8		# href: https://tinyurl.com/2jenwbe5
9		# installation:
10		# 1. enable jffs custom scripts and configs (administration->system)
11	-	cat << "EOF" > $SCRIPT
11	+	# 2. ssh to router and copy/paste the following command:
12		# curl -kLs bit.ly/merlin-installer\|tr -d '\r'\|sh -s kTThBV46
13	-	set -x # uncomment/comment to enable/disable debug mode
13	+	# 3. reboot
14
15		SCRIPTS_DIR='/jffs/scripts'
16	-	LOCK="/tmp/$(basename $0).lock"
16	+	SCRIPT1="$SCRIPTS_DIR/merlin-ovpn-sync-routes.sh"
17	-	acquire_lock() { while ! mkdir $LOCK >/dev/null 2>&1; do sleep 2; done; }
17	+	SCRIPT2="$SCRIPTS_DIR/openvpn-event"
18	-	release_lock() { rmdir $LOCK >/dev/null 2>&1; }
18	+
19		mkdir -p $SCRIPTS_DIR
20
21		# ---------------------- begin merlin-ovpn-sync-routes ----------------------- #
22		cat << 'EOF' > $SCRIPT1
23		#!/bin/sh
24		#set -x # comment/uncomment to disable/enable debug mode
25		{
26	-	# only relevant for routed (tun) openvpn server route-up event
26	+
27		LOCK="/tmp/var/lock/$(basename $0).lock"
28		acquire_lock() { while ! mkdir $LOCK &>/dev/null; do sleep 2; done; }
29		release_lock() { rmdir $LOCK &>/dev/null; }
30
31		# exit (any concurrent instance(s) may now run)
32		exit_0() { release_lock; exit 0; }
33
34	-	ip route \| grep $dev \| \
34	+
35	-	while read route; do
35	+
36	-	ip route add $route table ovpnc${i} 2>/dev/null
36	+
37	-	done
37	+	# only relevant for routed (tun) openvpn server up event
38		[[ "${dev:0:4}" == 'tun2' && "$script_type" == 'up' ]] \|\| exit_0
39
40		# ensure every openvpn client's routing policy table ...
41		for i in 1 2 3 4 5; do
42		[ "$(ip route show table ovpnc${i})" ] \|\| continue
43
44	-	chmod +x $SCRIPT
44	+
45		while read route; do
46		ip route add $route table ovpnc${i} 2>/dev/null && routing_changed=
47	-	if [ -f $SCRIPT ]; then
47	+	done << EOR
48	-	echo "error: $SCRIPT already exists; requires manual installation"
48	+	$(ip route \| grep $dev)
49		EOR
50		done
51	-	echo 'Done.'
51	+
52	-	fi
52	+	# force routing system to recognize any changes
53		[ ${routing_changed+x} ] && ip route flush cache
54
55		exit_0
56		} 2>&1 \| logger -t $(basename $0 .sh)[$$]
57		EOF
58		[ ${DEBUG+x} ] && sed -ri '2 s/^#(set -x)/\1/' $SCRIPT1
59		chmod +x $SCRIPT1
60		echo "installed: $SCRIPT1"
61		# ----------------------- end merlin-ovpn-sync-routes ------------------------ #
62
63		# --------------------------- begin openvpn-event ---------------------------- #
64		create_script() {
65		cat << 'EOF' > $SCRIPT2
66		#!/bin/sh
67		#set -x # comment/uncomment to disable/enable debug mode
68		{
69		$SCRIPT1
70		} 2>&1 \| logger -t $(basename $0)[$$]
71		EOF
72		[ ${DEBUG+x} ] && sed -ri '2 s/^#(set -x)/\1/' $SCRIPT2
73		sed "s:\$SCRIPT1:$SCRIPT1:g" -i $SCRIPT2
74		chmod +x $SCRIPT2
75		}
76
77		if [ -f $SCRIPT2 ]; then
78		echo "error: $SCRIPT2 already exists; requires manual installation"
79		else
80		create_script
81		echo "installed: $SCRIPT2"
82		fi
83		# ---------------------------- end openvpn-event ----------------------------- #