24
edits
Changes
no edit summary
</ul>
</ul>
----
----
* Finally, we'll need to add a short custom script to ''/etc/hotplug.d/iface/55-vpn'' that adds a route which makes the specified LAN range reach the Internet via the OpenVPN server:
* Next, we'll need to create short custom script ''/etc/openvpn/up.sh'', that would add a route which makes the specified LAN range reach the Internet via the OpenVPN server:
echo '[ "$ACTION" = "ifup" ] && { ip route add default via 10.0.0.5 table rt }' > /etc/hotplug.d/iface/55-vpn
echo -e '#!/bin/ash'"\n"'ip route add default via 10.0.0.5 table rt' > /etc/openvpn/up.sh
----
* Next, we'll need to grant executable permissions to newly created script:
chmod +x /etc/openvpn/up.sh
----
* Finally, we'll need to edit router's OpenVPN script ''/etc/init.d/openvpn'', so that it would execute previously created ''/etc/openvpn/up.sh'' script each time OpenVPN tunnel is established. Type '''vi /etc/init.d/openvpn''' and press the "I" button on your keyboard to begin editing. Scroll down until you will find '''start_instance()''' function. Add the following lines, <span style="color:red">highlighted in red</span>, at the end of '''start_instance()''' function:
start_instance() {
local s="$1"
<...>
config_list_foreach "$s" "_extra" append_extended_params
openvpn_add_instance "$s" "/var/etc" "openvpn-$s.conf" "/tmp/openvpn-$s.status"
<span style="color:red">echo 'script-security 2' >> $OPENVPN_CONFIG</span>
<span style="color:red">echo 'up /etc/openvpn/up.sh' >> $OPENVPN_CONFIG</span>
}
----
----
* When your done with the configuration, don't forget to restart the relevant services. You can do this by restarting the entire router ('''reboot''' command) or just restart the '''network''' and '''openvpn''' services:
* When your done with the configuration, don't forget to restart the relevant services. You can do this by restarting the entire router ('''reboot''' command) or just restart the '''network''' and '''openvpn''' services:
