freifunk/puppet-ff_gw
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Use DNS Server pushed by VPN provider

Browse source
This commit is contained in:
ohrensessel 2014-06-18 15:06:54 +02:00
parent e6f165ad29
commit f4150d7ec3
3 changed files with 58 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
files/etc/openvpn/mullvad.conf
View file

@ -37,6 +37,7 @@ script-security 2
# Parses DHCP options from openvpn to update resolv.conf # Parses DHCP options from openvpn to update resolv.conf
route-noexec route-noexec
up /etc/openvpn/mullvad/mullvad-up up /etc/openvpn/mullvad/mullvad-up
down /etc/openvpn/update-dnsmasq-forward
ping 10 ping 10

56
files/etc/openvpn/update-dnsmasq-forward Executable file
View file

@ -0,0 +1,56 @@
#!/bin/bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
#
# Used snippets of resolvconf script by Thomas Hood and Chris Hanson.
# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL.
#
# Example envs set from openvpn:
#
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
#
[ "$script_type" ] || exit 0
[ "$dev" ] || exit 0
split_into_parts()
{
part1="$1"
part2="$2"
part3="$3"
}
case "$script_type" in
up)
NMSRVRS=""
SRCHS=""
for optionvarname in ${!foreign_option_*} ; do
option="${!optionvarname}"
echo "$option"
split_into_parts $option
if [ "$part1" = "dhcp-option" ] ; then
if [ "$part2" = "DNS" ] ; then
NMSRVRS="${NMSRVRS:+$NMSRVRS }$part3"
elif [ "$part2" = "DOMAIN" ] ; then
SRCHS="${SRCHS:+$SRCHS }$part3"
fi
fi
done
R=""
for NS in $NMSRVRS ; do
R="${R}server=$NS@$dev\n"
done
echo -en "$R" > /etc/dnsmasq.d/forward
/usr/sbin/service dnsmasq restart
;;
down)
echo -n "" > /etc/dnsmasq.d/forward
/usr/sbin/service dnsmasq restart
;;
esac

2
manifests/init.pp
View file

@ -391,7 +391,7 @@ class ff_gw::vpn($ca_crt, $usr_crt, $usr_key, $openvpn_version = '2.3.2-7~bpo70+
content => '#!/bin/sh content => '#!/bin/sh
ip route replace 0.0.0.0/1 via $5 table 42 ip route replace 0.0.0.0/1 via $5 table 42
ip route replace 128.0.0.0/1 via $5 table 42 ip route replace 128.0.0.0/1 via $5 table 42
/usr/sbin/service dnsmasq restart /etc/openvpn/update-dnsmasq-forward
exit 0'; exit 0';
"/etc/openvpn/${vpnname}.conf": "/etc/openvpn/${vpnname}.conf":
ensure => file, ensure => file,