Почетна Преглед Помоћ
Регистрација Пријавите се
FreifunkHochstift
/
gluon
6
0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0
Дрво: 9b172bbaf4
Гране Ознаке
gluon
/
package
/
gluon-mesh-vpn-fastd
/
files
/
lib
/
gluon
/
upgrade
/
400-mesh-vpn-fastd

400-mesh-vpn-fastd 2.0 KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 
  1. #!/usr/bin/lua
    2. 

  2. 

  3. local site = require 'gluon.site_config'
    4. 

  4. local users = require 'gluon.users'
    5. 

  5. local util = require 'gluon.util'
    6. 

  6. 

  7. local uci = require('luci.model.uci').cursor()
    8. 

  8. 

  9. 

  10. -- The previously used user is removed, we need root privileges to use the packet_mark option
    11. 

  11. users.remove_user('gluon-fastd')
    12. 

  12. 

  13. -- Group for iptables rule
    14. 

  14. users.add_group('gluon-fastd', 800)
    15. 

  15. 

  16. 

  17. local enabled = uci:get('fastd', 'mesh_vpn', 'enabled')
    18. 

  18. if not enabled then
    19. 

  19.   enabled = site.fastd_mesh_vpn.enabled and 1 or 0
    20. 

  20. end
    21. 

  21. 

  22. 

  23. uci:section('fastd', 'fastd', 'mesh_vpn',
    24. 

  24. 	  {
    25. 

  25. 		  enabled = enabled,
    26. 

  26. 		  group = 'gluon-fastd',
    27. 

  27. 		  syslog_level = 'verbose',
    28. 

  28. 		  interface = 'mesh-vpn',
    29. 

  29. 		  mode = 'tap',
    30. 

  30. 		  mtu = site.fastd_mesh_vpn.mtu,
    31. 

  31. 		  secure_handshakes = 1,
    32. 

  32. 		  method = site.fastd_mesh_vpn.methods,
    33. 

  33. 		  packet_mark = 1,
    34. 

  34. 		  status_socket = '/var/run/fastd.mesh_vpn.socket',
    35. 

  35. 	  }
    36. 

  36. )
    37. 

  37. uci:delete('fastd', 'mesh_vpn', 'user')
    38. 

  38. 

  39. uci:delete('fastd', 'mesh_vpn_backbone')
    40. 

  40. uci:section('fastd', 'peer_group', 'mesh_vpn_backbone',
    41. 

  41. 	  {
    42. 

  42. 		  enabled = 1,
    43. 

  43. 		  net = 'mesh_vpn',
    44. 

  44. 		  peer_limit = site.fastd_mesh_vpn.backbone.limit,
    45. 

  45. 	  }
    46. 

  46. )
    47. 

  47. 

  48. uci:delete_all('fastd', 'peer',
    49. 

  49. 	     function(peer)
    50. 

  50. 	       return peer.net == 'mesh_vpn' and peer.group == 'mesh_vpn_backbone'
    51. 

  51. 	     end
    52. 

  52. )
    53. 

  53. 

  54. for name, config in pairs(site.fastd_mesh_vpn.backbone.peers) do
    55. 

  55. 	uci:section('fastd', 'peer', 'mesh_vpn_backbone_peer_' .. name,
    56. 

  56. 		  {
    57. 

  57. 			  enabled = 1,
    58. 

  58. 			  net = 'mesh_vpn',
    59. 

  59. 			  group = 'mesh_vpn_backbone',
    60. 

  60. 			  key = config.key,
    61. 

  61. 			  remote = config.remotes,
    62. 

  62. 		  }
    63. 

  63. 	)
    64. 

  64. end
    65. 

  65. 

  66. uci:save('fastd')
    67. 

  67. uci:commit('fastd')
    68. 

  68. 

  69. 

  70. uci:section('network', 'interface', 'mesh_vpn',
    71. 

  71. 	  {
    72. 

  72. 		  ifname = 'mesh-vpn',
    73. 

  73. 		  proto = 'batadv',
    74. 

  74. 		  mesh = 'bat0',
    75. 

  75. 		  mesh_no_rebroadcast = 1,
    76. 

  76. 		  macaddr = util.generate_mac(4, 0),
    77. 

  77. 	  }
    78. 

  78. )
    79. 

  79. 

  80. uci:save('network')
    81. 

  81. uci:commit('network')
    82. 

  82. 

  83. 

  84. uci:section('firewall', 'include', 'mesh_vpn_dns',
    85. 

  85. 	  {
    86. 

  86. 	    type = 'restore',
    87. 

  87. 	    path = '/lib/gluon/mesh-vpn-fastd/iptables.rules',
    88. 

  88. 	    family = 'ipv4',
    89. 

  89. 	  }
    90. 

  90. )
    91. 

  91. 

  92. uci:save('firewall')
    93. 

  93. uci:commit('firewall')
    94.