joachimmg
/
merlinwrt-ssid-if-specific


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119
							#!/bin/sh
CONFIG=1
source /usr/sbin/helper.sh

OPENVPN_CONF=/tmp/etc/openvpn
DNSMASQ_CONF=/tmp/etc/dnsmasq.conf

cmd_log () {
    if [ ${1} -ne 0 ]; then
        logger "${2}[${1}] - ${3}"
    fi
}

cmd_run () {
    CMD=`${2}`
    ERRCODE=$?
    cmd_log ${ERRCODE} "${1}" "${ERR}: ${2}, ${CMD}"
    return ${ERRCODE}
}

iptable () {
    IFACE=`echo "${1}"`
    local OPT=`echo "${2}"`
    shift 2
    if [ "${OPT}" = "I" ]; then
        iptable "${IFACE}" "D" ${@}
    fi
    if [ $# -eq 1 ]; then
        cmd_run "iptable" "iptables -t nat -${OPT} POSTROUTING -s ${1} -o ${IFACE} -j MASQUERADE"
    elif [ $# -eq 2 ]; then
        cmd_run "iptable" "iptables -${OPT} ${1} -i ${IFACE} -m state --state NEW -j ${2}"
    elif [ $# -eq 3 ]; then
        cmd_run "iptable" "iptables -${OPT} ${1} -i ${IFACE} -o ${3} -j ${2}"
    else
        cmd_log 0 "iptable" "Unknown argument length ${#} (${@})."
    fi
}

ebtable () {
    if [ "${2}" = "I" ]; then
        ebtable "${1}" "D" "${3}"
    fi
    cmd_run "ebtable" "ebtables -t broute -${2} BROUTING -p ${3} -i ${1} -j DROP"
}

assign_ip () {

    if [ ! -d "${OPENVPN_CONF}/client${1}/" ]; then
        logger "Missing client${1} in ${OPENVPN_CONF}"
        return 1
    fi

    ifconfig "${IFACE}" > /dev/null 2>&1 || continue

    IFACE_TUN=`cat "${OPENVPN_CONF}/client${1}/config.ovpn" | awk '/dev/ {print $2}'`

    IFACE="${2}"
    IFACE_INET_ADDR="${3}"

    IFACE_NWRK_ADDR="${IFACE_INET_ADDR%.*}.0"
    IFACE_MASK_ADDR="255.255.255.0"
    
    DHCP_START="${IFACE_INET_ADDR%.*}.${4}"
    DHCP_END="${IFACE_INET_ADDR%.*}.${5}"

    RTABLE=$((${1} + 10))

    CIDR=24
    if [ $# -gt 5 ]; then
        CIDR="${5}"
    fi

    LAN=$(ifconfig "br0" | sed -ne's/.*inet addr:\([^ ]*\).*$/\1/p')

    if [ `cat ${DNSMASQ_CONF} | grep -c ${IFACE}` -eq 0 ]; then
        killall dnsmasq

        if [ `cat ${DNSMASQ_CONF} | grep -c "log-dhcp"` -eq 0 ]; then
            pc_append "log-dhcp" ${DNSMASQ_CONF}
        fi
        logger "dnsmasq-dhcp: Configure ${IFACE} to have special DHCP on ${IFACE_INET_ADDR}"
        cmd_run "pc_append" "pc_append interface=${IFACE} ${DNSMASQ_CONF}"
        cmd_run "pc_append" "pc_append dhcp-range=${IFACE},${DHCP_START},${DHCP_END},${IFACE_MASK_ADDR},24h ${DNSMASQ_CONF}"
        cmd_run "pc_append" "pc_append dhcp-option=${IFACE},3,${IFACE_INET_ADDR} ${DNSMASQ_CONF}"
        dnsmasq --log-async
    fi

    while [ ! -n "`ifconfig | grep ${IFACE_TUN}`" ]; do
        sleep 1
    done


    ip route show table main | grep -Ev ^default | while read ROUTE; do
        if [ `ip route show table "${RTABLE}" | grep -ice "${ROUTE}"` -eq 0 ]; then
            cmd_run "ip-route" "ip route add table ${RTABLE} ${ROUTE}"
        fi
    done

    cmd_run "ip-route" "ip route add default dev ${IFACE_TUN} table ${RTABLE}"
    cmd_run "ip-rule" "ip rule add dev ${IFACE} table ${RTABLE}"
    cmd_run "ip-route" "ip route flush cache"

    ebtable "${IFACE}" "I" "ipv4"
    ebtable "${IFACE}" "I" "ipv6"
    ebtable "${IFACE}" "I" "arp"

    iptable "${IFACE}" "I" "INPUT" "ACCEPT"
    iptable "${IFACE}" "I" "FORWARD" "ACCEPT" "${IFACE_TUN}"
    iptable "${IFACE_TUN}" "I" "${IFACE_NWRK_ADDR}/${CIDR}"

}

# assign_ip <client #no> <iface> <iface inet> <range start> <range end> [<cidr>]
assign_ip 1 "wl0.1" "192.168.2.1" "2" "254" #24
assign_ip 2 "wl0.2" "192.168.3.1" "2" "254" #24
assign_ip 1 "wl0.3" "192.168.4.1" "2" "254" #24
assign_ip 3 "wl1.1" "192.168.5.1" "2" "254"
assign_ip 4 "wl1.2" "192.168.6.1" "2" "254" #24
assign_ip 5 "wl1.3" "192.168.7.1" "2" "254" #24