Allow split-tunnel via custom CIDR blocks
This change allows the tunnel to be split-tunnel, routing only the selected subnets through the tunnel. The notation is in CIDR-format. Example usage: `sudo PUSH_CIDR_BLOCKS=(192.168.1.0/24 172.16.0.0/16) ./openvpn-install.sh`
This commit is contained in:
brnl
GitHub
parent
006167b3c7
commit
1e9cfc0fbb
1 changed files with 20 additions and 1 deletions
|
|
@ -787,7 +787,26 @@ ifconfig-pool-persist ipp.txt" >> /etc/openvpn/server.conf
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf
|
|
||||||
|
# Allow split-tunnel via custom CIDR blocks (ie. 192.168.0.0/24)
|
||||||
|
if [ ${#PUSH_CIDR_BLOCKS[@]} -gt 0 ]; then
|
||||||
|
for cidr in ${PUSH_CIDR_BLOCKS[@]}; do
|
||||||
|
echo "Adding $cidr to routed subnets...";
|
||||||
|
ROUTE_IP=$(echo $cidr | cut -d"/" -f1)
|
||||||
|
ROUTE_BITS=$(echo $cidr | cut -d"/" -f2)
|
||||||
|
|
||||||
|
case $ROUTE_BITS in
|
||||||
|
8) ROUTE_MASK="255.0.0.0" ;;
|
||||||
|
16) ROUTE_MASK="255.255.0.0" ;;
|
||||||
|
24) ROUTE_MASK="255.255.255.0" ;;
|
||||||
|
32) ROUTE_MASK="255.255.255.255" ;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
echo "push \"route ${ROUTE_IP} ${ROUTE_MASK}\"" >> /etc/openvpn/server.conf
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server.conf
|
||||||
|
fi
|
||||||
|
|
||||||
# IPv6 network settings if needed
|
# IPv6 network settings if needed
|
||||||
if [[ "$IPV6_SUPPORT" = 'y' ]]; then
|
if [[ "$IPV6_SUPPORT" = 'y' ]]; then
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue