LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24945 Commits
1 Branch
46 MiB
Tree: 0135933a0d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0135933a0d'
${ noResults }
openwrt-packages-dist/net/wg-installer/wg-client/wg-client-installer.sh

120 lines
2.4 KiB
Raw Normal View History

wg-installer: add wg-installer This tool can be used to automatically create wireguard tunnels. Using rpcd a new wireguard interface is created on the server where the client can connect to. Wiregurad server automatically installs a user and associated ACL to use the wireguard-installer-server features. The user is called wginstaller and so is the password. Get Usage: wg-client-installer get_usage --ip 127.0.0.1 --user wginstaller --password wginstaller Register Interface: wg-client-installer register --ip 127.0.0.1 --user wginstaller --password wginstaller --bandwidth 10 --mtu 1400 Signed-off-by: Nick Hainke <vincent@systemli.org>
4 years ago
wg-installer: add link-local to client interface Wireguard has no link-local address on an interface automatically. Add a link-local to the interface. The server has fe80::1/64 and the client fe80::2/64. Signed-off-by: Nick Hainke <vincent@systemli.org>
4 years ago
wg-installer: add wg-installer This tool can be used to automatically create wireguard tunnels. Using rpcd a new wireguard interface is created on the server where the client can connect to. Wiregurad server automatically installs a user and associated ACL to use the wireguard-installer-server features. The user is called wginstaller and so is the password. Get Usage: wg-client-installer get_usage --ip 127.0.0.1 --user wginstaller --password wginstaller Register Interface: wg-client-installer register --ip 127.0.0.1 --user wginstaller --password wginstaller --bandwidth 10 --mtu 1400 Signed-off-by: Nick Hainke <vincent@systemli.org>
4 years ago
 
  1. #!/bin/sh

  2. 

  3. . /usr/share/wginstaller/rpcd_ubus.sh
  4. . /usr/share/wginstaller/wg.sh
  5. 

  6. CMD=$1
  7. shift
  8. 

  9. while true; do
  10. 	case "$1" in
  11. 	-h | --help)
  12. 		echo "help"
  13. 		shift 1
  14. 		;;
  15. 	-i | --ip)
  16. 		IP=$2
  17. 		shift 2
  18. 		;;
  19. 	--user)
  20. 		USER=$2
  21. 		shift 2
  22. 		;;
  23. 	--password)
  24. 		PASSWORD=$2
  25. 		shift 2
  26. 		;;
  27. 	--bandwidth)
  28. 		BANDWIDTH=$2
  29. 		shift 2
  30. 		;;
  31. 	--mtu)
  32. 		WG_MTU=$2
  33. 		shift 2
  34. 		;;
  35. 	'')
  36. 		break
  37. 		;;
  38. 	*)
  39. 		break
  40. 		;;
  41. 	esac
  42. done
  43. 

  44. escape_ip () {
  45. 	local gw_ip=$1
  46. 

  47. 	# ipv4 processing
  48. 	ret_ip=$(echo $gw_ip | tr '.' '_')
  49. 

  50. 	# ipv6 processing
  51. 	ret_ip=$(echo $ret_ip | tr ':' '_')
  52. 	ret_ip=$(echo $ret_ip | cut -d '[' -f 2)
  53. 	ret_ip=$(echo $ret_ip | cut -d ']' -f 1)
  54. 

  55. 	echo $ret_ip
  56. }
  57. 

  58. register_client_interface () {
  59. 	local pubkey=$1
  60. 	local gw_ip=$2
  61. 	local gw_port=$3
  62. 	local endpoint=$4
  63. 	local mtu_client=$5
  64. 

  65. 	gw_key=$(uci get wgclient.@client[0].wg_key)
  66. 	interface_name="gw_$(escape_ip $endpoint)"
  67. 	port_start=$(uci get wgclient.@client[0].port_start)
  68. 	port_end=$(uci get wgclient.@client[0].port_end)
  69. 	base_prefix=$(uci get wgclient.@client[0].base_prefix)
  70. 

  71. 	port=$(next_port $port_start $port_end)
  72. 	ifname="wg_$port"
  73. 

  74. 	offset=$(($port - $port_start))
  75. 	client_ip=$(owipcalc $base_prefix add $offset next 128)
  76. 	client_ip_assign="${client_ip}/128"
  77. 

  78. 	echo "Installing Interface With:"
  79. 	echo "Endpoint ${endpoint}"
  80. 	echo "Client IP ${client_ip}"
  81. 	echo "Port ${port}"
  82. 	echo "Pubkey ${pubkey}"
  83. 

  84. 	ip link add dev $ifname type wireguard
  85. 

  86. 	ip -6 a a dev $ifname $client_ip
  87. 	ip -6 a a dev $ifname fe80::2/64
  88. 	wg set $ifname listen-port $port private-key $gw_key peer $pubkey allowed-ips ::/0 endpoint "${endpoint}:${gw_port}"
  89. 	ip link set up dev $ifname
  90. 	ip link set mtu $mtu_client dev $ifname # configure mtu here!
  91. }
  92. 

  93. # rpc login
  94. token="$(request_token $IP $USER $PASSWORD)"
  95. if [ $? != 0 ]; then
  96. 	echo "failed to register token"
  97. 	exit 1
  98. fi
  99. 

  100. # now call procedure
  101. case $CMD in
  102. "get_usage")
  103. 	wg_rpcd_get_usage $token $IP
  104. 	;;
  105. "register")
  106. 	gw_pub=$(uci get wgclient.@client[0].wg_pub)
  107. 	gw_pub_string=$(cat $gw_pub)
  108. 	register_output=$(wg_rpcd_register $token $IP $BANDWIDTH $WG_MTU $gw_pub_string)
  109. 	if [ $? != 0 ]; then
  110. 		echo "Failed to Register!"
  111. 		exit 1
  112. 	fi
  113. 	pubkey=$(echo $register_output | awk '{print $2}')
  114. 	ip_addr=$(echo $register_output | awk '{print $4}')
  115. 	port=$(echo $register_output | awk '{print $6}')
  116. 	client_ip=$(echo $register_output | awk '{print $8}')
  117. 	register_client_interface $pubkey $ip_addr $port $IP $WG_MTU
  118. 	;;
  119. *) echo "Usage: wg-client-installer [cmd] --ip [2001::1] --user wginstaller --password wginstaller" ;;
  120. esac