-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathupdown-dns.sh
64 lines (54 loc) · 2.27 KB
/
updown-dns.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/bin/sh
####################################################################################################
# Script: updown-dns.sh
# VERSION=1.1.0
# Author: Xentrk
# Date: 29-August-2020
#
# Description: This script will create the appropriate VPN DNS Strict or Exclusive rules for LAN clients
# specified using the LAN Client Routing feature (Option 1 x3mRouting Menu)
#
#####################################################################################################
/usr/bin/logger -t "($(basename "$0"))" $$ "Starting script execution"
INSTANCE=$1
SCRIPT_TYPE=$2
FILEDIR="/jffs/addons/x3mRouting"
DNSSCRIPT="$FILEDIR/client${INSTANCE}_dns.sh"
RESOLVFILE="/etc/openvpn/client${INSTANCE}/client.resolv"
SERVERLINE=$(grep -m 1 "server=" "$RESOLVFILE")
SERVER=$(echo "$SERVERLINE" | sed -n "s/^.*server=//p" | awk '{print $1}')
create_client_list() {
if [ -s "/jffs/addons/x3mRouting/ovpnc${INSTANCE}.nvram" ]; then
VPN_IP_LIST="$(cat "/jffs/addons/x3mRouting/ovpnc${INSTANCE}.nvram")"
OLDIFS=$IFS
IFS="<"
[ -s "$DNSSCRIPT" ] && rm "$DNSSCRIPT" # remove existing file if exists to prevent duplicates
for ENTRY in $VPN_IP_LIST; do
[ -z "$ENTRY" ] && continue
VPN_IP=$(echo "$ENTRY" | cut -d ">" -f 2)
if [ -n "$VPN_IP" ]; then
TARGET_ROUTE=$(echo "$ENTRY" | cut -d ">" -f 4)
if [ "$TARGET_ROUTE" = "VPN" ]; then
echo "/usr/sbin/iptables -t nat -A DNSVPN${INSTANCE} -s $VPN_IP -j DNAT --to-destination $SERVER" >>"$DNSSCRIPT"
/usr/bin/logger -t "openvpn-updown" "Forcing $VPN_IP to use DNS SERVER $SERVER"
fi
else
echo "/usr/sbin/iptables -t nat -I DNSVPN${INSTANCE} -s $VPN_IP -j RETURN" >>"$DNSSCRIPT"
/usr/bin/logger -t "openvpn-updown" "Excluding $VPN_IP from forced DNS routing"
fi
done
fi
IFS=$OLDIFS
}
### Begin
if [ "$SCRIPT_TYPE" = "route-up" ]; then
if [ "$(nvram get vpn_client"${INSTANCE}"_rgw)" -ge 2 ] && [ "$(nvram get vpn_client"${INSTANCE}"_adns)" -eq 3 ]; then
create_client_list
[ -s "$DNSSCRIPT" ] && sed -i '1s~^~#!/bin/sh\n~' "$DNSSCRIPT" && chmod 755 "$DNSSCRIPT" && sh "$DNSSCRIPT"
fi
fi
if [ "$SCRIPT_TYPE" = "route-pre-down" ]; then
[ -s "$DNSSCRIPT" ] && rm "$DNSSCRIPT"
fi
/usr/bin/logger -t "($(basename "$0"))" $$ "Ending script execution"
exit 0