4 # shellcheck source=opennet/packages/on-core/files/usr/lib/opennet/on-helper.sh 5 .
"${IPKG_INSTROOT:-}/usr/lib/opennet/on-helper.sh" 8 configure_tunnel_network() {
9 local uci_prefix=network.on_vpn
11 # Abbruch falls das Netzwerk schon vorhanden ist 12 [ -n
"$(uci_get "$uci_prefix
")" ] &&
return 14 # add new network to configuration (to be recognized by olsrd) 15 uci
set "${uci_prefix}=interface" 16 uci
set "${uci_prefix}.proto=none" 17 uci
set "${uci_prefix}.ifname=tun-on-user" 23 configure_tunnel_firewall() {
26 uci_prefix=$(find_first_uci_section firewall zone
"name=$ZONE_TUNNEL")
28 # Zone erzeugen, falls sie noch nicht vorhanden ist
29 if [ -z
"$(uci_get "$uci_prefix
")" ]; then
30 # Zone fuer ausgehenden Verkehr definieren 31 uci_prefix=firewall.$(uci add firewall zone)
32 uci
set "${uci_prefix}.name=$ZONE_TUNNEL" 33 uci add_list
"${uci_prefix}.network=$NETWORK_TUNNEL" 34 uci
set "${uci_prefix}.forward=REJECT" 35 uci
set "${uci_prefix}.input=REJECT" 36 uci
set "${uci_prefix}.output=ACCEPT" 37 uci
set "${uci_prefix}.masq=1" 41 "src=$ZONE_LOCAL" "dest=$ZONE_TUNNEL" \
44 "src=$ZONE_TUNNEL" "dest_port=22" "target=ACCEPT" "name=on-user-ssh" \
47 "src=$ZONE_TUNNEL" "proto=icmp" "target=ACCEPT" "name=on-user-icmp" \
49 [
"$was_changed" =
"0" ] &&
return 0
50 apply_changes firewall
54 configure_tunnel_network
55 configure_tunnel_firewall
create_uci_section_if_missing()
Prüfe, ob eine definierte UCI-Sektion existiert und lege sie andernfalls an.
1.8.13