1 #!/bin/sh

2 

3 

4 . "${IPKG_INSTROOT:-}/usr/lib/opennet/on-helper.sh"

5 

6 

7 configure_tunnel_network() {

8  local uci_prefix=network.on_vpn

9 

10  # Abbruch falls das Netzwerk schon vorhanden ist

11  [ -n "$(uci_get "$uci_prefix")" ] && return

12 

13  # add new network to configuration (to be recognized by olsrd)

14  uci set "${uci_prefix}=interface"

15  uci set "${uci_prefix}.proto=none"

16  uci set "${uci_prefix}.ifname=tun0"

17 

18  apply_changes network

19 }

20 

21 

22 configure_tunnel_firewall() {

23  local uci_prefix=$(find_first_uci_section firewall zone "name=$ZONE_TUNNEL")

24 

25  # Abbruch falls die Zone bereits vorhanden ist

26  [ -n "$(uci_get "$uci_prefix")" ] && return

27 

28  # Zone fuer ausgehenden Verkehr definieren

29  uci_prefix=firewall.$(uci add firewall zone)

30  uci set "${uci_prefix}.name=$ZONE_TUNNEL"

31  uci set "${uci_prefix}.network=$NETWORK_TUNNEL"

32  uci set "${uci_prefix}.forward=REJECT"

33  uci set "${uci_prefix}.input=REJECT"

34  uci set "${uci_prefix}.output=ACCEPT"

35  uci set "${uci_prefix}.masq=1"

36 

37  # Weiterleitung aus dem lokalen Netzwerk heraus erlauben

38  uci_prefix=firewall.$(uci add firewall forwarding)

39  uci set "${uci_prefix}.src=$ZONE_LOCAL"

40  uci set "${uci_prefix}.dest=$ZONE_TUNNEL"

41 

42  apply_changes firewall

43 }

44 

45 

46 configure_tunnel_network

47 configure_tunnel_firewall

48