add openwrt-wireguard example
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Steven Polley 2024-04-18 09:39:21 -06:00
parent 344d874c02
commit 79aa8136c5
4 changed files with 46 additions and 1 deletions

2
.gitignore vendored
View File

@ -2,4 +2,4 @@ hyp.secret
*.exe
hypd/hypd
hyp/hyp
hypdconfig.json
hypd/hypdconfig.json

View File

@ -0,0 +1,14 @@
#!/bin/sh
if [ $# -lt 1 ]; then
echo "Usage: $0 <srcip>"
exit 1
fi
# Can't use dots in rule name, so swap for underscores
rulename="hypd_${1//./_}_wireguard"
# Configure the rule in OpenWRT's uci interface
uci delete firewall.$rulename
uci commit firewall
service firewall restart

View File

@ -0,0 +1,7 @@
{
"networkInterface": "enp0s3",
"preSharedKeyDirectory": "./secrets/",
"successAction": "./examples/openwrt-wireguard/openwireguard.sh %s",
"timeoutSeconds": 1440,
"timeoutAction": "./examples/openwrt-wireguard/closewireguard.sh %s"
}

View File

@ -0,0 +1,24 @@
#!/bin/sh
if [ $# -lt 1 ]; then
echo "Usage: $0 <srcip>"
exit 1
fi
# Can't use dots in rule name, so swap for underscores
# example: 10.69.69.100 changes to hypd_10_69_69_100_wireguard
rulename="hypd_${1//./_}_wireguard"
# Configure the rule in OpenWRT's uci interface
uci set firewall.$rulename=redirect
uci set firewall.$rulename.dest=lan
uci set firewall.$rulename.target=DNAT
uci set firewall.$rulename.name=$rulename
uci set firewall.$rulename.src=wan
uci set firewall.$rulename.src_dport=51820
uci set firewall.$rulename.dest_ip=10.0.100.1
uci set firewall.$rulename.dest_port=51820
uci set firewall.$rulename.src_ip=$1
uci add_list firewall.$rulename.proto=udp
uci commit firewall
service firewall restart