2015-06-05 09:58:00 -04:00
#!/bin/bash
2017-11-30 10:23:50 -05:00
# SPDX-License-Identifier: GPL-2.0
#
2020-01-02 13:52:25 -05:00
# Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
2016-11-18 00:22:00 -05:00
2015-06-05 09:58:00 -04:00
set -e
[ [ $UID = = 0 ] ] || { echo "You must be root to run this." ; exit 1; }
2017-07-16 10:12:20 -04:00
exec 3<>/dev/tcp/demo.wireguard.com/42912
2018-05-14 20:26:55 -04:00
privatekey = " $( wg genkey) "
wg pubkey <<< " $privatekey " >& 3
2015-06-05 09:58:00 -04:00
IFS = : read -r status server_pubkey server_port internal_ip <& 3
[ [ $status = = OK ] ]
ip link del dev wg0 2>/dev/null || true
ip link add dev wg0 type wireguard
2018-05-14 20:26:55 -04:00
wg set wg0 private-key <( echo " $privatekey " ) peer " $server_pubkey " allowed-ips 0.0.0.0/0 endpoint " demo.wireguard.com: $server_port " persistent-keepalive 25
2015-06-05 09:58:00 -04:00
ip address add " $internal_ip " /24 dev wg0
ip link set up dev wg0
if [ " $1 " = = "default-route" ] ; then
host = " $( wg show wg0 endpoints | sed -n 's/.*\t\(.*\):.*/\1/p' ) "
ip route add $( ip route get $host | sed '/ via [0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/{s/^\(.* via [0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\).*/\1/}' | head -n 1) 2>/dev/null || true
ip route add 0/1 dev wg0
ip route add 128/1 dev wg0
fi