luci-app-openvpn-server:add lan to vpn forwarding (#4553)

we can control client directly by adding this forwarding also use uci -q batch commands can lead start router faster
2025-04-18 17:33:31 +00:00 · 2020-05-06 23:34:18 +08:00 · 2020-05-06 23:34:18 +08:00 · b689600046
commit b689600046
parent b80d00eede
1 changed files with 36 additions and 33 deletions
--- a/package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn
+++ b/package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn
@ -1,38 +1,41 @@
 #!/bin/sh

-uci set network.vpn0="interface"
-uci set network.vpn0.ifname="tun0"
-uci set network.vpn0.proto="none"
-
-uci delete firewall.vpn
-uci delete firewall.vpnwan
-uci delete firewall.vpnlan
-uci delete firewall.openvpn
-uci add firewall rule 
-uci rename firewall.@rule[-1]="openvpn"
-uci set firewall.@rule[-1].name="openvpn"
-uci set firewall.@rule[-1].target="ACCEPT"
-uci set firewall.@rule[-1].src="wan"
-uci set firewall.@rule[-1].proto="tcp udp"
-uci set firewall.@rule[-1].dest_port="1194"
-
-uci add firewall zone
-uci rename firewall.@zone[-1]="vpn"
-uci set firewall.@zone[-1].name="vpn"
-uci set firewall.@zone[-1].input="ACCEPT"
-uci set firewall.@zone[-1].forward="ACCEPT"
-uci set firewall.@zone[-1].output="ACCEPT"
-uci set firewall.@zone[-1].masq="1"
-uci set firewall.@zone[-1].network="vpn0"
-uci add firewall forwarding
-uci rename firewall.@forwarding[-1]="vpnwan"
-uci set firewall.@forwarding[-1].src="vpn"
-uci set firewall.@forwarding[-1].dest="wan"
-uci add firewall forwarding
-uci rename firewall.@forwarding[-1]="vpnlan"
-uci set firewall.@forwarding[-1].src="vpn"
-uci set firewall.@forwarding[-1].dest="lan"
-uci commit
+uci -q batch <<-EOF >/dev/null
+	set network.vpn0="interface"
+	set network.vpn0.ifname="tun0"
+	set network.vpn0.proto="none"
+	commit network
+	
+	delete firewall.vpn
+	delete firewall.vpnwan
+	delete firewall.vpnlan
+	delete firewall.openvpn
+	add firewall rule 
+	rename firewall.@rule[-1]="openvpn"
+	set firewall.@rule[-1].name="openvpn"
+	set firewall.@rule[-1].target="ACCEPT"
+	set firewall.@rule[-1].src="wan"
+	set firewall.@rule[-1].proto="tcp udp"
+	set firewall.@rule[-1].dest_port="1194"
+	add firewall zone
+	rename firewall.@zone[-1]="vpn"
+	set firewall.@zone[-1].name="vpn"
+	set firewall.@zone[-1].input="ACCEPT"
+	set firewall.@zone[-1].forward="ACCEPT"
+	set firewall.@zone[-1].output="ACCEPT"
+	set firewall.@zone[-1].masq="1"
+	set firewall.@zone[-1].network="vpn0"
+	add firewall forwarding
+	set firewall.@forwarding[-1].src="vpn"
+	set firewall.@forwarding[-1].dest="wan"
+	add firewall forwarding
+	set firewall.@forwarding[-1].src="vpn"
+	set firewall.@forwarding[-1].dest="lan"
+	add firewall forwarding
+	set firewall.@forwarding[-1].dest='vpn'
+	set firewall.@forwarding[-1].src='lan'
+	commit firewall
+EOF

 rm -f /tmp/luci-indexcache
 exit 0