#!/bin/sh
# vpn handler called by travelmate
-# Copyright (c) 2020-2021 Dirk Brenken (dev@brenken.org)
+# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.
# set (s)hellcheck exceptions
trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")"
trm_logger="$(command -v logger)"
trm_fetch="$(command -v curl)"
+trm_vpnfile="/var/state/travelmate.vpn"
f_net() {
local json_rc result="net nok"
}
vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')"
-case "${vpn_service}" in
- "wireguard")
- if [ "${vpn_action}" = "enable" ] && [ "${vpn_status:-"false"}" != "true" ]; then
- ubus call network.interface."${vpn_iface}" up
- fi
- if { [ "${vpn}" = "0" ] && [ "${vpn_action}" = "enable" ]; } || { [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ]; }; then
- ubus call network.interface."${vpn_iface}" down
- "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled" 2>/dev/null
- fi
- ;;
- "openvpn")
- if [ "${vpn_action}" = "enable" ] && [ "${vpn_status:-"false"}" != "true" ]; then
- ubus call network.interface."${vpn_iface}" up
- /etc/init.d/openvpn restart >/dev/null 2>&1
- fi
- if { [ "${vpn}" = "0" ] && [ "${vpn_action}" = "enable" ]; } || { [ "${vpn_action}" = "disable" ] && [ "${vpn_status}" = "true" ]; }; then
- ubus call network.interface."${vpn_iface}" down
- /etc/init.d/openvpn stop >/dev/null 2>&1
- "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled" 2>/dev/null
- fi
- ;;
-esac
-
-if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status:-"false"}" != "true" ]; then
+if [ "${vpn}" = "1" ] && [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" != "true" ]; then
+ if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then
+ /etc/init.d/openvpn start
+ fi
+ ifup "${vpn_iface}"
cnt=0
while true; do
vpn_status="$(ubus -S call network.interface."${vpn_iface}" status 2>/dev/null | jsonfilter -q -l1 -e '@.up')"
if [ "${vpn_status}" = "true" ]; then
net_status="$(f_net)"
if [ "${net_status}" = "net ok" ]; then
+ : >"${trm_vpnfile}"
"${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection enabled" 2>/dev/null
break
fi
fi
- if [ "${cnt}" -ge "$((trm_maxwait / 6))" ]; then
+ if [ "${cnt}" -ge "$((trm_maxwait / 3))" ]; then
+ ifdown "${vpn_iface}"
+ if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then
+ /etc/init.d/openvpn stop
+ fi
+ rm -f "${trm_vpnfile}"
"${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection can't be established" 2>/dev/null
- ubus call network.interface."${vpn_iface}" down
exit 1
fi
sleep 1
cnt="$((cnt + 1))"
done
-fi
-if [ "${vpn_action}" = "enable" ] && [ "${vpn_status}" = "true" ]; then
- if [ -f "/etc/init.d/sysntpd" ]; then
- /etc/init.d/sysntpd restart >/dev/null 2>&1
+elif { [ "${vpn}" != "1" ] && [ "${vpn_action}" = "enable" ]; } || [ "${vpn_action}" = "disable" ]; then
+ ifdown "${vpn_iface}"
+ if [ "${vpn_service}" = "openvpn" ] && [ -x "/etc/init.d/openvpn" ]; then
+ /etc/init.d/openvpn stop
fi
+ rm -f "${trm_vpnfile}"
+ "${trm_logger}" -p "info" -t "trm-vpn [${$}]" "${vpn_service} client connection disabled" 2>/dev/null
fi
projects / feed / packages.git / blobdiff