From 79aa8136c50398ec45dfe818d0f29a70da1f524b Mon Sep 17 00:00:00 2001
From: Steven Polley <himself@stevenpolley.net>
Date: Thu, 18 Apr 2024 09:39:21 -0600
Subject: [PATCH] add openwrt-wireguard example

---
 .gitignore                                    |  2 +-
 .../openwrt-wireguard/closewireguard.sh       | 14 +++++++++++
 .../openwrt-wireguard/hypdconfig.json         |  7 ++++++
 .../openwrt-wireguard/openwireguard.sh        | 24 +++++++++++++++++++
 4 files changed, 46 insertions(+), 1 deletion(-)
 create mode 100644 hypd/examples/openwrt-wireguard/closewireguard.sh
 create mode 100644 hypd/examples/openwrt-wireguard/hypdconfig.json
 create mode 100644 hypd/examples/openwrt-wireguard/openwireguard.sh

diff --git a/.gitignore b/.gitignore
index 9ce6d70..fbba470 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,4 @@ hyp.secret
 *.exe
 hypd/hypd
 hyp/hyp
-hypdconfig.json
\ No newline at end of file
+hypd/hypdconfig.json
\ No newline at end of file
diff --git a/hypd/examples/openwrt-wireguard/closewireguard.sh b/hypd/examples/openwrt-wireguard/closewireguard.sh
new file mode 100644
index 0000000..7703ee8
--- /dev/null
+++ b/hypd/examples/openwrt-wireguard/closewireguard.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ $# -lt 1 ]; then
+    echo "Usage: $0 <srcip>"
+    exit 1
+fi
+
+# Can't use dots in rule name, so swap for underscores
+rulename="hypd_${1//./_}_wireguard"
+
+# Configure the rule in OpenWRT's uci interface
+uci delete firewall.$rulename
+uci commit firewall
+service firewall restart
\ No newline at end of file
diff --git a/hypd/examples/openwrt-wireguard/hypdconfig.json b/hypd/examples/openwrt-wireguard/hypdconfig.json
new file mode 100644
index 0000000..206540d
--- /dev/null
+++ b/hypd/examples/openwrt-wireguard/hypdconfig.json
@@ -0,0 +1,7 @@
+{
+    "networkInterface": "enp0s3",
+    "preSharedKeyDirectory": "./secrets/",
+    "successAction": "./examples/openwrt-wireguard/openwireguard.sh %s",
+    "timeoutSeconds": 1440,
+    "timeoutAction": "./examples/openwrt-wireguard/closewireguard.sh %s"
+}
diff --git a/hypd/examples/openwrt-wireguard/openwireguard.sh b/hypd/examples/openwrt-wireguard/openwireguard.sh
new file mode 100644
index 0000000..143c250
--- /dev/null
+++ b/hypd/examples/openwrt-wireguard/openwireguard.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+if [ $# -lt 1 ]; then
+    echo "Usage: $0 <srcip>"
+    exit 1
+fi
+
+# Can't use dots in rule name, so swap for underscores
+# example: 10.69.69.100 changes to hypd_10_69_69_100_wireguard
+rulename="hypd_${1//./_}_wireguard"
+
+# Configure the rule in OpenWRT's uci interface
+uci set firewall.$rulename=redirect
+uci set firewall.$rulename.dest=lan
+uci set firewall.$rulename.target=DNAT
+uci set firewall.$rulename.name=$rulename
+uci set firewall.$rulename.src=wan
+uci set firewall.$rulename.src_dport=51820
+uci set firewall.$rulename.dest_ip=10.0.100.1
+uci set firewall.$rulename.dest_port=51820
+uci set firewall.$rulename.src_ip=$1
+uci add_list firewall.$rulename.proto=udp
+uci commit firewall
+service firewall restart
\ No newline at end of file