wg-quick: allow specifiying multiple hooks
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
b1dd8d711e
commit
17f9548182
2 changed files with 21 additions and 18 deletions
|
@ -80,7 +80,8 @@ PreUp, PostUp, PreDown, PostDown \(em script snippets which will be executed by
|
||||||
.BR bash (1)
|
.BR bash (1)
|
||||||
before/after setting up/tearing down the interface, most commonly used
|
before/after setting up/tearing down the interface, most commonly used
|
||||||
to configure custom DNS options or firewall rules. The special string `%i'
|
to configure custom DNS options or firewall rules. The special string `%i'
|
||||||
is expanded to \fIINTERFACE\fP.
|
is expanded to \fIINTERFACE\fP. Each one may be specified multiple times, in which case
|
||||||
|
the commands are executed in order.
|
||||||
.IP \(bu
|
.IP \(bu
|
||||||
SaveConfig \(em if set to `true', the configuration is saved from the current state of the
|
SaveConfig \(em if set to `true', the configuration is saved from the current state of the
|
||||||
interface upon shutdown.
|
interface upon shutdown.
|
||||||
|
|
|
@ -15,10 +15,10 @@ INTERFACE=""
|
||||||
ADDRESSES=( )
|
ADDRESSES=( )
|
||||||
MTU=""
|
MTU=""
|
||||||
DNS=( )
|
DNS=( )
|
||||||
PRE_UP=""
|
PRE_UP=( )
|
||||||
POST_UP=""
|
POST_UP=( )
|
||||||
PRE_DOWN=""
|
PRE_DOWN=( )
|
||||||
POST_DOWN=""
|
POST_DOWN=( )
|
||||||
SAVE_CONFIG=0
|
SAVE_CONFIG=0
|
||||||
CONFIG_FILE=""
|
CONFIG_FILE=""
|
||||||
PROGRAM="${0##*/}"
|
PROGRAM="${0##*/}"
|
||||||
|
@ -43,10 +43,10 @@ parse_options() {
|
||||||
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
|
Address) ADDRESSES+=( ${value//,/ } ); continue ;;
|
||||||
MTU) MTU="$value"; continue ;;
|
MTU) MTU="$value"; continue ;;
|
||||||
DNS) DNS+=( ${value//,/ } ); continue ;;
|
DNS) DNS+=( ${value//,/ } ); continue ;;
|
||||||
PreUp) PRE_UP="$value"; continue ;;
|
PreUp) PRE_UP+=( "$value" ); continue ;;
|
||||||
PreDown) PRE_DOWN="$value"; continue ;;
|
PreDown) PRE_DOWN+=( "$value" ); continue ;;
|
||||||
PostUp) POST_UP="$value"; continue ;;
|
PostUp) POST_UP+=( "$value" ); continue ;;
|
||||||
PostDown) POST_DOWN="$value"; continue ;;
|
PostDown) POST_DOWN+=( "$value" ); continue ;;
|
||||||
SaveConfig) read_bool SAVE_CONFIG "$value"; continue ;;
|
SaveConfig) read_bool SAVE_CONFIG "$value"; continue ;;
|
||||||
esac
|
esac
|
||||||
fi
|
fi
|
||||||
|
@ -197,11 +197,13 @@ save_config() {
|
||||||
umask "$old_umask"
|
umask "$old_umask"
|
||||||
}
|
}
|
||||||
|
|
||||||
execute_hook() {
|
execute_hooks() {
|
||||||
[[ -n $1 ]] || return 0
|
local hook
|
||||||
local hook="${1//%i/$INTERFACE}"
|
for hook in "$@"; do
|
||||||
|
hook="${hook//%i/$INTERFACE}"
|
||||||
echo "[#] $hook" >&2
|
echo "[#] $hook" >&2
|
||||||
(eval "$hook")
|
(eval "$hook")
|
||||||
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
cmd_usage() {
|
cmd_usage() {
|
||||||
|
@ -232,7 +234,7 @@ cmd_up() {
|
||||||
local i
|
local i
|
||||||
[[ -z $(ip link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
|
[[ -z $(ip link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
|
||||||
trap 'del_if; exit' INT TERM EXIT
|
trap 'del_if; exit' INT TERM EXIT
|
||||||
execute_hook "$PRE_UP"
|
execute_hooks "${PRE_UP[@]}"
|
||||||
add_if
|
add_if
|
||||||
set_config
|
set_config
|
||||||
for i in "${ADDRESSES[@]}"; do
|
for i in "${ADDRESSES[@]}"; do
|
||||||
|
@ -244,17 +246,17 @@ cmd_up() {
|
||||||
for i in $(while read -r _ i; do for i in $i; do [[ $i =~ ^[0-9a-z:.]+/[0-9]+$ ]] && echo "$i"; done; done < <(wg show "$INTERFACE" allowed-ips) | sort -nr -k 2 -t /); do
|
for i in $(while read -r _ i; do for i in $i; do [[ $i =~ ^[0-9a-z:.]+/[0-9]+$ ]] && echo "$i"; done; done < <(wg show "$INTERFACE" allowed-ips) | sort -nr -k 2 -t /); do
|
||||||
[[ $(ip route get "$i" 2>/dev/null) == *dev\ $INTERFACE\ * ]] || add_route "$i"
|
[[ $(ip route get "$i" 2>/dev/null) == *dev\ $INTERFACE\ * ]] || add_route "$i"
|
||||||
done
|
done
|
||||||
execute_hook "$POST_UP"
|
execute_hooks "${POST_UP[@]}"
|
||||||
trap - INT TERM EXIT
|
trap - INT TERM EXIT
|
||||||
}
|
}
|
||||||
|
|
||||||
cmd_down() {
|
cmd_down() {
|
||||||
[[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
|
[[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
|
||||||
execute_hook "$PRE_DOWN"
|
execute_hooks "${PRE_DOWN[@]}"
|
||||||
[[ $SAVE_CONFIG -eq 0 ]] || save_config
|
[[ $SAVE_CONFIG -eq 0 ]] || save_config
|
||||||
unset_dns
|
unset_dns
|
||||||
del_if
|
del_if
|
||||||
execute_hook "$POST_DOWN"
|
execute_hooks "${POST_DOWN[@]}"
|
||||||
}
|
}
|
||||||
|
|
||||||
if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then
|
if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then
|
||||||
|
|
Loading…
Reference in a new issue