fvpn_launch.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

#!/bin/sh

set -e

TAP=fvpn0
INTERNAL_IP=10.43.43.2/24
INTERNAL_SRV_IP=10.43.43.1
SERVER=vpn.example.org
PORT=12345
MAX_PKT_SZ=1440
MTU=$(( $MAX_PKT_SZ - 46 ))

mac=$(awk 'BEGIN{
               srand();
               printf("ae:ae:ae:%02x:%02x:%02x",
                       rand()*256, rand()*256, rand()*256);
           }')

ip tuntap add $TAP mode tap user root
ip addr add $INTERNAL_IP dev $TAP
ip link set $TAP mtu $MTU
ip link set $TAP address $mac
ip link set $TAP up

./fatvpn $TAP $SERVER $PORT

# route ALL traffic to vpn
# do not forget to configure your server:
# 1) ip forwarding on
# 2) masquarade
# 3) firewall forward rules configured/disabled
if [ "$1" = "all" ]; then
	srv_ip=$(dig +short $SERVER | head -1)
	gw=$(ip route get $srv_ip | head -1 | awk '{print $3}')
	ip route add $srv_ip/32 via $gw
	ip route add   0.0.0.0/1 via $INTERNAL_SRV_IP
	ip route add 128.0.0.0/1 via $INTERNAL_SRV_IP
fi

ping -c3 $INTERNAL_SRV_IP