298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-06-16 12:35:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

luci-app-openvpn-server:add lan to vpn forwarding (#4553)

Browse Source 
we can control client directly by adding this forwarding 
also use uci -q batch commands can lead start router faster
This commit is contained in:
lunatickochiya 2020-05-06 23:34:18 +08:00 committed by GitHub
parent b80d00eede
commit b689600046
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 36 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
package/lean/luci-app-openvpn-server/root/etc/uci-defaults/openvpn
View File

@ -1,38 +1,41 @@
#!/bin/sh #!/bin/sh
uci set network.vpn0="interface" uci -q batch <<-EOF >/dev/null
uci set network.vpn0.ifname="tun0" set network.vpn0="interface"
uci set network.vpn0.proto="none" set network.vpn0.ifname="tun0"
set network.vpn0.proto="none"
uci delete firewall.vpn commit network
uci delete firewall.vpnwan
uci delete firewall.vpnlan delete firewall.vpn
uci delete firewall.openvpn delete firewall.vpnwan
uci add firewall rule delete firewall.vpnlan
uci rename firewall.@rule[-1]="openvpn" delete firewall.openvpn
uci set firewall.@rule[-1].name="openvpn" add firewall rule
uci set firewall.@rule[-1].target="ACCEPT" rename firewall.@rule[-1]="openvpn"
uci set firewall.@rule[-1].src="wan" set firewall.@rule[-1].name="openvpn"
uci set firewall.@rule[-1].proto="tcp udp" set firewall.@rule[-1].target="ACCEPT"
uci set firewall.@rule[-1].dest_port="1194" set firewall.@rule[-1].src="wan"
set firewall.@rule[-1].proto="tcp udp"
uci add firewall zone set firewall.@rule[-1].dest_port="1194"
uci rename firewall.@zone[-1]="vpn" add firewall zone
uci set firewall.@zone[-1].name="vpn" rename firewall.@zone[-1]="vpn"
uci set firewall.@zone[-1].input="ACCEPT" set firewall.@zone[-1].name="vpn"
uci set firewall.@zone[-1].forward="ACCEPT" set firewall.@zone[-1].input="ACCEPT"
uci set firewall.@zone[-1].output="ACCEPT" set firewall.@zone[-1].forward="ACCEPT"
uci set firewall.@zone[-1].masq="1" set firewall.@zone[-1].output="ACCEPT"
uci set firewall.@zone[-1].network="vpn0" set firewall.@zone[-1].masq="1"
uci add firewall forwarding set firewall.@zone[-1].network="vpn0"
uci rename firewall.@forwarding[-1]="vpnwan" add firewall forwarding
uci set firewall.@forwarding[-1].src="vpn" set firewall.@forwarding[-1].src="vpn"
uci set firewall.@forwarding[-1].dest="wan" set firewall.@forwarding[-1].dest="wan"
uci add firewall forwarding add firewall forwarding
uci rename firewall.@forwarding[-1]="vpnlan" set firewall.@forwarding[-1].src="vpn"
uci set firewall.@forwarding[-1].src="vpn" set firewall.@forwarding[-1].dest="lan"
uci set firewall.@forwarding[-1].dest="lan" add firewall forwarding
uci commit set firewall.@forwarding[-1].dest='vpn'
set firewall.@forwarding[-1].src='lan'
commit firewall
EOF
rm -f /tmp/luci-indexcache rm -f /tmp/luci-indexcache
exit 0 exit 0