From b689600046597977b7e650cec8574ef2e3ba1c91 Mon Sep 17 00:00:00 2001
From: lunatickochiya <55731491+lunatickochiya@users.noreply.github.com>
Date: Wed, 6 May 2020 23:34:18 +0800
Subject: [PATCH] luci-app-openvpn-server:add lan to vpn forwarding (#4553)

we can control client directly by adding this forwarding
also use uci -q batch commands can lead start router faster
---
 .../root/etc/uci-defaults/openvpn             | 69 ++++++++++---------
 1 file changed, 36 insertions(+), 33 deletions(-)

diff --git a/package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn b/package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn
index f13e6c777..0b79269ba 100755
--- a/package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn
+++ b/package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn
@@ -1,38 +1,41 @@
 #!/bin/sh
 
-uci set network.vpn0="interface"
-uci set network.vpn0.ifname="tun0"
-uci set network.vpn0.proto="none"
-
-uci delete firewall.vpn
-uci delete firewall.vpnwan
-uci delete firewall.vpnlan
-uci delete firewall.openvpn
-uci add firewall rule 
-uci rename firewall.@rule[-1]="openvpn"
-uci set firewall.@rule[-1].name="openvpn"
-uci set firewall.@rule[-1].target="ACCEPT"
-uci set firewall.@rule[-1].src="wan"
-uci set firewall.@rule[-1].proto="tcp udp"
-uci set firewall.@rule[-1].dest_port="1194"
-
-uci add firewall zone
-uci rename firewall.@zone[-1]="vpn"
-uci set firewall.@zone[-1].name="vpn"
-uci set firewall.@zone[-1].input="ACCEPT"
-uci set firewall.@zone[-1].forward="ACCEPT"
-uci set firewall.@zone[-1].output="ACCEPT"
-uci set firewall.@zone[-1].masq="1"
-uci set firewall.@zone[-1].network="vpn0"
-uci add firewall forwarding
-uci rename firewall.@forwarding[-1]="vpnwan"
-uci set firewall.@forwarding[-1].src="vpn"
-uci set firewall.@forwarding[-1].dest="wan"
-uci add firewall forwarding
-uci rename firewall.@forwarding[-1]="vpnlan"
-uci set firewall.@forwarding[-1].src="vpn"
-uci set firewall.@forwarding[-1].dest="lan"
-uci commit
+uci -q batch <<-EOF >/dev/null
+	set network.vpn0="interface"
+	set network.vpn0.ifname="tun0"
+	set network.vpn0.proto="none"
+	commit network
+	
+	delete firewall.vpn
+	delete firewall.vpnwan
+	delete firewall.vpnlan
+	delete firewall.openvpn
+	add firewall rule 
+	rename firewall.@rule[-1]="openvpn"
+	set firewall.@rule[-1].name="openvpn"
+	set firewall.@rule[-1].target="ACCEPT"
+	set firewall.@rule[-1].src="wan"
+	set firewall.@rule[-1].proto="tcp udp"
+	set firewall.@rule[-1].dest_port="1194"
+	add firewall zone
+	rename firewall.@zone[-1]="vpn"
+	set firewall.@zone[-1].name="vpn"
+	set firewall.@zone[-1].input="ACCEPT"
+	set firewall.@zone[-1].forward="ACCEPT"
+	set firewall.@zone[-1].output="ACCEPT"
+	set firewall.@zone[-1].masq="1"
+	set firewall.@zone[-1].network="vpn0"
+	add firewall forwarding
+	set firewall.@forwarding[-1].src="vpn"
+	set firewall.@forwarding[-1].dest="wan"
+	add firewall forwarding
+	set firewall.@forwarding[-1].src="vpn"
+	set firewall.@forwarding[-1].dest="lan"
+	add firewall forwarding
+	set firewall.@forwarding[-1].dest='vpn'
+	set firewall.@forwarding[-1].src='lan'
+	commit firewall
+EOF
 
 rm -f /tmp/luci-indexcache
 exit 0