dhcpcd-discuss

Home Other Lists Thread Index Date Index Search
Thread Prev Thread Next Date Prev Date Next Thread Index Date Index

Re: preserving l2tp

Niv Wiser

Fri Dec 31 13:04:16 2010
I think I've solve the default route issue, please see below. however I
still seek two answers:
1. ISP default route, when eth0 comes up I it to have access to the
internet even before l2tp was achieved. so I added this line to the
postup() in /etc/conf.d/net:
ip ro | grep -q default || ip ro add default via $WAN_GW
is this the right way? wont it be better to solve this in the dhcpcd
scripts, using the reason var?

2. ISP DNS servers, before l2tp is established I want to use the ISP dns
servers, yet I use "-C resolv.conf" to prevent it overwriting the l2tp
dns servers info.

#!/sbin/runscript
#/etc/init.d/strongVpn
# written by: niv vaizer 
# load l2tp setting and connect to strongVpn

depend() {
	need net.$WAN_DEV
}

start() {
	ebegin "Starting strongVpn"
	[ -f $PID ] && exit 1
	#get eth0 IP adress and gw
	WAN_IP=$(ifconfig $WAN_DEV | sed -rn '/dr:/{;s/.*dr:([0-9.]+) .*/\1/;p;}'|head -n1)
	WAN_GW_TEMP=$(ip ro |grep $VPN_HOST |sed s/.*via\ //|sed s/\ dev.*//)
	[ "$WAN_GW_TEMP" = "" ] && WAN_GW_TEMP=$(route -n |grep "^0.*eth"| awk '{ print $2 }')
	[ "$WAN_GW_TEMP" = "" ] && WAN_GW_TEMP=$(route -n|grep "UGH.*eth"|awk '{ print $2 }' )
	[ "$WAN_GW_TEMP" != "" ] && WAN_GW=$WAN_GW_TEMP
	#dev $WAN_DEV
	ip ro | grep -q $VPN_HOST || ip ro add $VPN_HOST via $WAN_GW
	#ipsec needs a way to the internet
	ip ro | grep -q default || ip ro add default via $WAN_GW 
	sed -i "s/left=.*/left=$WAN_IP/" /etc/ipsec.conf
	sed -i "s/.*\ :/$WAN_IP $VPN_HOST \:/" /etc/ipsec.secrets
	/usr/bin/rc-config restart ipsec
	/usr/bin/rc-config restart xl2tpd
	sleep 3
	ipsec auto --up L2TP-PSK
	#xl2tp seems to hate a default gw
	ip ro | grep -q default && ip ro del default via $WAN_GW 
	sleep 3
	echo "c $USERNAME" > /var/run/xl2tpd/l2tp-control
	sleep 2
	touch $PID
	sed -i "s/^EXT_IF=.*/EXT_IF=${IFACE}"/ /etc/arno-iptables-firewall/firewall.conf
	/usr/bin/rc-config restart arno-iptables-firewall
	eend $?
}

stop() {
	ebegin "Stopping strongVpn"
	[ -f $PID ] || exit 1
	WAN_IP=$(ifconfig $WAN_DEV | sed -rn '/dr:/{;s/.*dr:([0-9.]+) .*/\1/;p;}')
	WAN_GW=$(ip ro |grep $VPN_HOST |sed s/.*via\ //|sed s/\ dev.*//)
	echo "d $USERNAME" > /var/run/xl2tpd/l2tp-control
	sleep 3
	ip ro | grep -q default || ip ro add default via $WAN_GW
	ipsec auto --down L2TP-PSK
	sleep 2
	#ip ro del $VPN_HOST via $WAN_GW
	/usr/bin/rc-config stop xl2tpd
	/usr/bin/rc-config stop ipsec
	sed -i "s/^EXT_IF=.*/EXT_IF=$WAN_DEV"/ /etc/arno-iptables-firewall/firewall.conf
	/usr/bin/rc-config restart arno-iptables-firewall
	#fix missing ISP dns
	grep -q nameserver /etc/resolv.conf || cp /etc/resolv.conf.hot /etc/resolv.conf
	rm -f $PID
	eend $?
}

#status() {
#       if [ "$RC_QUIET" != "yes" ]; then
#               ipsec setup --status
#       fi
#}
Follow-Ups:
Re: preserving l2tpRoy Marples
References:
preserving l2tpNiv
Re: preserving l2tpRoy Marples
Re: preserving l2tpNiv
Re: preserving l2tpRoy Marples
Re: preserving l2tpNiv
Re: preserving l2tpRoy Marples
Archive administrator: postmaster@marples.name