298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-06-16 12:35:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

luci-app-openvpn-server:add lan to vpn forwarding (#4553)

Browse Source 
we can control client directly by adding this forwarding 
also use uci -q batch commands can lead start router faster
This commit is contained in:
lunatickochiya 2020-05-06 23:34:18 +08:00 committed by GitHub
parent b80d00eede
commit b689600046
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 36 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn
View File

@ -1,38 +1,41 @@
#!/bin/sh #!/bin/sh
uci set network.vpn0="interface" uci -q batch <<-EOF >/dev/null
uci set network.vpn0.ifname="tun0" set network.vpn0="interface"
uci set network.vpn0.proto="none" set network.vpn0.ifname="tun0"
set network.vpn0.proto="none"
commit network
uci delete firewall.vpn delete firewall.vpn
uci delete firewall.vpnwan delete firewall.vpnwan
uci delete firewall.vpnlan delete firewall.vpnlan
uci delete firewall.openvpn delete firewall.openvpn
uci add firewall rule add firewall rule
uci rename firewall.@rule[-1]="openvpn" rename firewall.@rule[-1]="openvpn"
uci set firewall.@rule[-1].name="openvpn" set firewall.@rule[-1].name="openvpn"
uci set firewall.@rule[-1].target="ACCEPT" set firewall.@rule[-1].target="ACCEPT"
uci set firewall.@rule[-1].src="wan" set firewall.@rule[-1].src="wan"
uci set firewall.@rule[-1].proto="tcp udp" set firewall.@rule[-1].proto="tcp udp"
uci set firewall.@rule[-1].dest_port="1194" set firewall.@rule[-1].dest_port="1194"
add firewall zone
uci add firewall zone rename firewall.@zone[-1]="vpn"
uci rename firewall.@zone[-1]="vpn" set firewall.@zone[-1].name="vpn"
uci set firewall.@zone[-1].name="vpn" set firewall.@zone[-1].input="ACCEPT"
uci set firewall.@zone[-1].input="ACCEPT" set firewall.@zone[-1].forward="ACCEPT"
uci set firewall.@zone[-1].forward="ACCEPT" set firewall.@zone[-1].output="ACCEPT"
uci set firewall.@zone[-1].output="ACCEPT" set firewall.@zone[-1].masq="1"
uci set firewall.@zone[-1].masq="1" set firewall.@zone[-1].network="vpn0"
uci set firewall.@zone[-1].network="vpn0" add firewall forwarding
uci add firewall forwarding set firewall.@forwarding[-1].src="vpn"
uci rename firewall.@forwarding[-1]="vpnwan" set firewall.@forwarding[-1].dest="wan"
uci set firewall.@forwarding[-1].src="vpn" add firewall forwarding
uci set firewall.@forwarding[-1].dest="wan" set firewall.@forwarding[-1].src="vpn"
uci add firewall forwarding set firewall.@forwarding[-1].dest="lan"
uci rename firewall.@forwarding[-1]="vpnlan" add firewall forwarding
uci set firewall.@forwarding[-1].src="vpn" set firewall.@forwarding[-1].dest='vpn'
uci set firewall.@forwarding[-1].dest="lan" set firewall.@forwarding[-1].src='lan'
uci commit commit firewall
EOF
rm -f /tmp/luci-indexcache rm -f /tmp/luci-indexcache
exit 0 exit 0