2017-01-02 04:33:43 +00:00
#!/bin/bash
2017-11-30 15:23:50 +00:00
# SPDX-License-Identifier: GPL-2.0
2017-01-02 04:33:43 +00:00
#
2020-01-02 18:52:25 +00:00
# Copyright (C) 2015-2020 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
2017-01-02 04:33:43 +00:00
#
set -e -o pipefail
shopt -s extglob
2017-02-05 22:05:12 +00:00
export LC_ALL = C
2017-01-02 04:33:43 +00:00
SELF = " $( readlink -f " ${ BASH_SOURCE [0] } " ) "
export PATH = " ${ SELF %/* } : $PATH "
WG_CONFIG = ""
INTERFACE = ""
ADDRESSES = ( )
2017-04-24 03:01:16 +00:00
MTU = ""
2017-07-26 01:09:48 +00:00
DNS = ( )
2020-05-09 05:15:50 +00:00
DNS_SEARCH = ( )
2017-12-12 22:10:08 +00:00
TABLE = ""
2017-10-25 19:55:17 +00:00
PRE_UP = ( )
POST_UP = ( )
PRE_DOWN = ( )
POST_DOWN = ( )
2017-01-02 04:33:43 +00:00
SAVE_CONFIG = 0
CONFIG_FILE = ""
PROGRAM = " ${ 0 ##*/ } "
ARGS = ( " $@ " )
2018-05-16 02:15:05 +00:00
cmd( ) {
echo " [#] $* " >& 2
" $@ "
}
die( ) {
echo " $PROGRAM : $* " >& 2
exit 1
}
2017-01-02 04:33:43 +00:00
parse_options( ) {
2020-05-09 05:15:50 +00:00
local interface_section = 0 line key value stripped v
2017-01-02 04:33:43 +00:00
CONFIG_FILE = " $1 "
2018-01-10 01:37:03 +00:00
[ [ $CONFIG_FILE = ~ ^[ a-zA-Z0-9_= +.-] { 1,15} $ ] ] && CONFIG_FILE = " /etc/wireguard/ $CONFIG_FILE .conf "
2017-01-02 04:33:43 +00:00
[ [ -e $CONFIG_FILE ] ] || die " \` $CONFIG_FILE ' does not exist "
2018-02-06 11:52:09 +00:00
[ [ $CONFIG_FILE = ~ ( ^| /) ( [ a-zA-Z0-9_= +.-] { 1,15} ) \. conf$ ] ] || die "The config file must be a valid interface name, followed by .conf"
2017-11-08 09:40:07 +00:00
CONFIG_FILE = " $( readlink -f " $CONFIG_FILE " ) "
( ( ( $( stat -c '0%#a' " $CONFIG_FILE " ) & $( stat -c '0%#a' " ${ CONFIG_FILE %/* } " ) & 0007) = = 0) ) || echo " Warning: \` $CONFIG_FILE ' is world accessible " >& 2
2018-02-06 11:52:09 +00:00
INTERFACE = " ${ BASH_REMATCH [2] } "
2017-01-02 04:33:43 +00:00
shopt -s nocasematch
2017-02-22 19:23:00 +00:00
while read -r line || [ [ -n $line ] ] ; do
2018-02-16 19:10:25 +00:00
stripped = " ${ line %% \# * } "
key = " ${ stripped %%=* } " ; key = " ${ key ##*([[ : space : ]]) } " ; key = " ${ key %%*([[ : space : ]]) } "
value = " ${ stripped #*= } " ; value = " ${ value ##*([[ : space : ]]) } " ; value = " ${ value %%*([[ : space : ]]) } "
2017-01-02 04:33:43 +00:00
[ [ $key = = "[" * ] ] && interface_section = 0
[ [ $key = = "[Interface]" ] ] && interface_section = 1
if [ [ $interface_section -eq 1 ] ] ; then
case " $key " in
Address) ADDRESSES += ( ${ value //,/ } ) ; continue ; ;
2017-04-24 03:01:16 +00:00
MTU) MTU = " $value " ; continue ; ;
2020-05-09 05:15:50 +00:00
DNS) for v in ${ value //,/ } ; do
[ [ $v = ~ ( ^[ 0-9.] +$) | ( ^.*:.*$) ] ] && DNS += ( $v ) || DNS_SEARCH += ( $v )
done ; continue ; ;
2017-12-12 22:10:08 +00:00
Table) TABLE = " $value " ; continue ; ;
2017-10-25 19:55:17 +00:00
PreUp) PRE_UP += ( " $value " ) ; continue ; ;
PreDown) PRE_DOWN += ( " $value " ) ; continue ; ;
PostUp) POST_UP += ( " $value " ) ; continue ; ;
PostDown) POST_DOWN += ( " $value " ) ; continue ; ;
2017-01-02 04:33:43 +00:00
SaveConfig) read_bool SAVE_CONFIG " $value " ; continue ; ;
esac
fi
WG_CONFIG += " $line " $'\n'
done < " $CONFIG_FILE "
shopt -u nocasematch
}
read_bool( ) {
case " $2 " in
2017-06-27 20:18:13 +00:00
true ) printf -v " $1 " 1 ; ;
false ) printf -v " $1 " 0 ; ;
2017-01-02 04:33:43 +00:00
*) die " \` $2 ' is neither true nor false "
esac
}
auto_su( ) {
2018-05-16 17:19:48 +00:00
[ [ $UID = = 0 ] ] || exec sudo -p " $PROGRAM must be run as root. Please enter the password for %u to continue: " -- " $BASH " -- " $SELF " " ${ ARGS [@] } "
2017-01-02 04:33:43 +00:00
}
add_if( ) {
2018-05-05 01:54:55 +00:00
local ret
if ! cmd ip link add " $INTERFACE " type wireguard; then
ret = $?
2018-05-16 02:12:02 +00:00
[ [ -e /sys/module/wireguard ] ] || ! command -v " ${ WG_QUICK_USERSPACE_IMPLEMENTATION :- wireguard -go } " >/dev/null && exit $ret
2020-05-10 06:58:31 +00:00
echo "[!] Missing WireGuard kernel module. Falling back to slow userspace implementation." >& 2
2018-05-16 02:12:02 +00:00
cmd " ${ WG_QUICK_USERSPACE_IMPLEMENTATION :- wireguard -go } " " $INTERFACE "
2018-05-05 01:54:55 +00:00
fi
2017-01-02 04:33:43 +00:00
}
del_if( ) {
2018-04-14 00:34:28 +00:00
local table
2017-10-26 20:49:46 +00:00
[ [ $HAVE_SET_DNS -eq 0 ] ] || unset_dns
2019-12-10 15:37:34 +00:00
[ [ $HAVE_SET_FIREWALL -eq 0 ] ] || remove_firewall
2018-04-14 00:34:28 +00:00
if [ [ -z $TABLE || $TABLE = = auto ] ] && get_fwmark table && [ [ $( wg show " $INTERFACE " allowed-ips) = ~ /0( \ | $'\n' | $) ] ] ; then
2019-12-06 15:22:18 +00:00
while [ [ $( ip -4 rule show 2>/dev/null) = = *" lookup $table " * ] ] ; do
2018-04-14 00:34:28 +00:00
cmd ip -4 rule delete table $table
2017-01-24 16:43:35 +00:00
done
2019-12-06 15:22:18 +00:00
while [ [ $( ip -4 rule show 2>/dev/null) = = *"from all lookup main suppress_prefixlength 0" * ] ] ; do
2017-03-16 22:57:55 +00:00
cmd ip -4 rule delete table main suppress_prefixlength 0
done
2019-12-06 15:22:18 +00:00
while [ [ $( ip -6 rule show 2>/dev/null) = = *" lookup $table " * ] ] ; do
2018-04-14 00:34:28 +00:00
cmd ip -6 rule delete table $table
2017-03-16 22:57:55 +00:00
done
2019-12-06 15:22:18 +00:00
while [ [ $( ip -6 rule show 2>/dev/null) = = *"from all lookup main suppress_prefixlength 0" * ] ] ; do
2017-03-16 22:57:55 +00:00
cmd ip -6 rule delete table main suppress_prefixlength 0
2017-01-24 04:28:03 +00:00
done
2017-01-02 04:33:43 +00:00
fi
cmd ip link delete dev " $INTERFACE "
}
add_addr( ) {
2019-05-17 15:30:38 +00:00
local proto = -4
[ [ $1 = = *:* ] ] && proto = -6
cmd ip $proto address add " $1 " dev " $INTERFACE "
2017-01-02 04:33:43 +00:00
}
2018-12-16 21:04:02 +00:00
set_mtu_up( ) {
2017-04-24 03:01:16 +00:00
local mtu = 0 endpoint output
if [ [ -n $MTU ] ] ; then
2018-12-16 21:04:02 +00:00
cmd ip link set mtu " $MTU " up dev " $INTERFACE "
2017-04-24 03:01:16 +00:00
return
fi
while read -r _ endpoint; do
2017-06-23 12:48:03 +00:00
[ [ $endpoint = ~ ^\[ ?( [ a-z0-9:.] +) \] ?:[ 0-9] +$ ] ] || continue
2017-04-24 03:01:16 +00:00
output = " $( ip route get " ${ BASH_REMATCH [1] } " || true ) "
[ [ ( $output = ~ mtu\ ( [ 0-9] +) || ( $output = ~ dev\ ( [ ^ ] +) && $( ip link show dev " ${ BASH_REMATCH [1] } " ) = ~ mtu\ ( [ 0-9] +) ) ) && ${ BASH_REMATCH [1] } -gt $mtu ] ] && mtu = " ${ BASH_REMATCH [1] } "
done < <( wg show " $INTERFACE " endpoints)
if [ [ $mtu -eq 0 ] ] ; then
read -r output < <( ip route show default || true ) || true
[ [ ( $output = ~ mtu\ ( [ 0-9] +) || ( $output = ~ dev\ ( [ ^ ] +) && $( ip link show dev " ${ BASH_REMATCH [1] } " ) = ~ mtu\ ( [ 0-9] +) ) ) && ${ BASH_REMATCH [1] } -gt $mtu ] ] && mtu = " ${ BASH_REMATCH [1] } "
fi
[ [ $mtu -gt 0 ] ] || mtu = 1500
2018-12-16 21:04:02 +00:00
cmd ip link set mtu $(( mtu - 80 )) up dev " $INTERFACE "
2017-04-24 03:01:16 +00:00
}
2018-02-28 18:24:31 +00:00
resolvconf_iface_prefix( ) {
[ [ -f /etc/resolvconf/interface-order ] ] || return 0
local iface
while read -r iface; do
[ [ $iface = ~ ^( [ A-Za-z0-9-] +) \* $ ] ] || continue
echo " ${ BASH_REMATCH [1] } . " && return 0
done < /etc/resolvconf/interface-order
}
2017-10-26 20:49:46 +00:00
HAVE_SET_DNS = 0
2017-07-26 01:09:48 +00:00
set_dns( ) {
2017-10-26 20:49:46 +00:00
[ [ ${# DNS [@] } -gt 0 ] ] || return 0
2020-05-09 05:15:50 +00:00
{ printf 'nameserver %s\n' " ${ DNS [@] } "
[ [ ${# DNS_SEARCH [@] } -eq 0 ] ] || printf 'search %s\n' " ${ DNS_SEARCH [*] } "
} | cmd resolvconf -a " $( resolvconf_iface_prefix) $INTERFACE " -m 0 -x
2017-10-26 20:49:46 +00:00
HAVE_SET_DNS = 1
2017-07-26 01:09:48 +00:00
}
unset_dns( ) {
2017-10-26 20:49:46 +00:00
[ [ ${# DNS [@] } -gt 0 ] ] || return 0
2019-08-28 01:42:14 +00:00
cmd resolvconf -d " $( resolvconf_iface_prefix) $INTERFACE " -f
2017-07-26 01:09:48 +00:00
}
2017-01-02 04:33:43 +00:00
add_route( ) {
2019-05-17 15:30:38 +00:00
local proto = -4
[ [ $1 = = *:* ] ] && proto = -6
2017-12-12 22:10:08 +00:00
[ [ $TABLE != off ] ] || return 0
if [ [ -n $TABLE && $TABLE != auto ] ] ; then
2019-05-17 15:30:38 +00:00
cmd ip $proto route add " $1 " dev " $INTERFACE " table " $TABLE "
2017-12-13 00:17:55 +00:00
elif [ [ $1 = = */0 ] ] ; then
2017-01-02 04:33:43 +00:00
add_default " $1 "
else
2019-05-17 15:30:38 +00:00
[ [ -n $( ip $proto route show dev " $INTERFACE " match " $1 " 2>/dev/null) ] ] || cmd ip $proto route add " $1 " dev " $INTERFACE "
2017-01-02 04:33:43 +00:00
fi
}
2018-04-14 00:34:28 +00:00
get_fwmark( ) {
local fwmark
fwmark = " $( wg show " $INTERFACE " fwmark) " || return 1
[ [ -n $fwmark && $fwmark != off ] ] || return 1
printf -v " $1 " "%d" " $fwmark "
return 0
}
2019-12-10 15:37:34 +00:00
remove_firewall( ) {
if type -p nft >/dev/null; then
local table nftcmd
while read -r table; do
[ [ $table = = *" wg-quick- $INTERFACE " ] ] && printf -v nftcmd '%sdelete %s\n' " $nftcmd " " $table "
done < <( nft list tables 2>/dev/null)
2019-12-10 21:51:40 +00:00
[ [ -z $nftcmd ] ] || cmd nft -f <( echo -n " $nftcmd " )
2019-12-12 16:24:04 +00:00
fi
if type -p iptables >/dev/null; then
2019-12-10 15:37:34 +00:00
local line iptables found restore
for iptables in iptables ip6tables; do
restore = "" found = 0
while read -r line; do
[ [ $line = = "*" * || $line = = COMMIT || $line = = "-A " *" -m comment --comment \"wg-quick(8) rule for $INTERFACE \" " * ] ] || continue
[ [ $line = = "-A" * ] ] && found = 1
printf -v restore '%s%s\n' " $restore " " ${ line /#-A/-D } "
done < <( $iptables -save 2>/dev/null)
[ [ $found -ne 1 ] ] || echo -n " $restore " | cmd $iptables -restore -n
done
fi
2019-11-21 10:19:43 +00:00
}
2019-12-10 15:37:34 +00:00
HAVE_SET_FIREWALL = 0
2017-01-02 04:33:43 +00:00
add_default( ) {
2019-12-17 13:14:13 +00:00
local table line
2018-04-14 00:34:28 +00:00
if ! get_fwmark table; then
table = 51820
2019-11-27 16:12:08 +00:00
while [ [ -n $( ip -4 route show table $table 2>/dev/null) || -n $( ip -6 route show table $table 2>/dev/null) ] ] ; do
2018-04-14 00:34:28 +00:00
( ( table++) )
2017-06-11 21:39:17 +00:00
done
2018-04-14 00:34:28 +00:00
cmd wg set " $INTERFACE " fwmark $table
2017-01-24 04:28:03 +00:00
fi
2019-12-10 15:37:34 +00:00
local proto = -4 iptables = iptables pf = ip
[ [ $1 = = *:* ] ] && proto = -6 iptables = ip6tables pf = ip6
2018-04-14 00:34:28 +00:00
cmd ip $proto route add " $1 " dev " $INTERFACE " table $table
cmd ip $proto rule add not fwmark $table table $table
2017-01-24 16:43:35 +00:00
cmd ip $proto rule add table main suppress_prefixlength 0
2019-11-21 10:19:43 +00:00
2019-12-10 15:37:34 +00:00
local marker = " -m comment --comment \"wg-quick(8) rule for $INTERFACE \" " restore = $'*raw\n' nftable = " wg-quick- $INTERFACE " nftcmd
printf -v nftcmd '%sadd table %s %s\n' " $nftcmd " " $pf " " $nftable "
2019-12-10 21:51:40 +00:00
printf -v nftcmd '%sadd chain %s %s preraw { type filter hook prerouting priority -300; }\n' " $nftcmd " " $pf " " $nftable "
printf -v nftcmd '%sadd chain %s %s premangle { type filter hook prerouting priority -150; }\n' " $nftcmd " " $pf " " $nftable "
printf -v nftcmd '%sadd chain %s %s postmangle { type filter hook postrouting priority -150; }\n' " $nftcmd " " $pf " " $nftable "
2019-12-17 13:14:13 +00:00
while read -r line; do
[ [ $line = ~ .*inet6?\ ( [ 0-9a-f:.] +) /[ 0-9] +.* ] ] || continue
printf -v restore '%s-I PREROUTING ! -i %s -d %s -m addrtype ! --src-type LOCAL -j DROP %s\n' " $restore " " $INTERFACE " " ${ BASH_REMATCH [1] } " " $marker "
2019-12-28 17:35:12 +00:00
printf -v nftcmd '%sadd rule %s %s preraw iifname != "%s" %s daddr %s fib saddr type != local drop\n' " $nftcmd " " $pf " " $nftable " " $INTERFACE " " $pf " " ${ BASH_REMATCH [1] } "
2019-12-17 13:14:13 +00:00
done < <( ip -o $proto addr show dev " $INTERFACE " 2>/dev/null)
2019-12-05 17:33:15 +00:00
printf -v restore '%sCOMMIT\n*mangle\n-I POSTROUTING -m mark --mark %d -p udp -j CONNMARK --save-mark %s\n-I PREROUTING -p udp -j CONNMARK --restore-mark %s\nCOMMIT\n' " $restore " $table " $marker " " $marker "
2019-12-10 15:37:34 +00:00
printf -v nftcmd '%sadd rule %s %s postmangle meta l4proto udp mark %d ct mark set mark \n' " $nftcmd " " $pf " " $nftable " $table
printf -v nftcmd '%sadd rule %s %s premangle meta l4proto udp meta mark set ct mark \n' " $nftcmd " " $pf " " $nftable "
2019-11-21 10:19:43 +00:00
[ [ $proto = = -4 ] ] && cmd sysctl -q net.ipv4.conf.all.src_valid_mark= 1
2019-12-10 15:37:34 +00:00
if type -p nft >/dev/null; then
2019-12-10 21:51:40 +00:00
cmd nft -f <( echo -n " $nftcmd " )
2019-12-10 15:37:34 +00:00
else
echo -n " $restore " | cmd $iptables -restore -n
fi
HAVE_SET_FIREWALL = 1
2017-01-24 16:43:35 +00:00
return 0
2017-01-02 04:33:43 +00:00
}
set_config( ) {
cmd wg setconf " $INTERFACE " <( echo " $WG_CONFIG " )
}
save_config( ) {
2017-10-31 18:47:39 +00:00
local old_umask new_config current_config address cmd
2017-01-02 04:33:43 +00:00
[ [ $( ip -all -brief address show dev " $INTERFACE " ) = ~ ^$INTERFACE \ +\ [ A-Z] +\ +( .+) $ ] ] || true
new_config = $'[Interface]\n'
for address in ${ BASH_REMATCH [1] } ; do
new_config += " Address = $address " $'\n'
done
2017-07-26 01:09:48 +00:00
while read -r address; do
[ [ $address = ~ ^nameserver\ ( [ a-zA-Z0-9_= +:%.-] +) $ ] ] && new_config += " DNS = ${ BASH_REMATCH [1] } " $'\n'
2018-03-04 18:03:54 +00:00
done < <( resolvconf -l " $( resolvconf_iface_prefix) $INTERFACE " 2>/dev/null || cat " /etc/resolvconf/run/interface/ $( resolvconf_iface_prefix) $INTERFACE " 2>/dev/null)
2017-04-24 03:01:16 +00:00
[ [ -n $MTU && $( ip link show dev " $INTERFACE " ) = ~ mtu\ ( [ 0-9] +) ] ] && new_config += " MTU = ${ BASH_REMATCH [1] } " $'\n'
2017-12-12 22:10:08 +00:00
[ [ -n $TABLE ] ] && new_config += " Table = $TABLE " $'\n'
2017-01-02 04:33:43 +00:00
[ [ $SAVE_CONFIG -eq 0 ] ] || new_config += $'SaveConfig = true\n'
2017-10-31 18:47:39 +00:00
for cmd in " ${ PRE_UP [@] } " ; do
new_config += " PreUp = $cmd " $'\n'
done
for cmd in " ${ POST_UP [@] } " ; do
new_config += " PostUp = $cmd " $'\n'
done
for cmd in " ${ PRE_DOWN [@] } " ; do
new_config += " PreDown = $cmd " $'\n'
done
for cmd in " ${ POST_DOWN [@] } " ; do
new_config += " PostDown = $cmd " $'\n'
done
2017-01-02 04:33:43 +00:00
old_umask = " $( umask ) "
umask 077
current_config = " $( cmd wg showconf " $INTERFACE " ) "
2017-03-23 14:44:10 +00:00
trap 'rm -f "$CONFIG_FILE.tmp"; exit' INT TERM EXIT
2017-01-02 04:33:43 +00:00
echo " ${ current_config / \[ Interface \] $'\n' / $new_config } " > " $CONFIG_FILE .tmp " || die "Could not write configuration file"
2017-10-31 17:13:31 +00:00
sync " $CONFIG_FILE .tmp "
2017-01-02 04:33:43 +00:00
mv " $CONFIG_FILE .tmp " " $CONFIG_FILE " || die "Could not move configuration file"
trap - INT TERM EXIT
umask " $old_umask "
}
2017-10-25 19:55:17 +00:00
execute_hooks( ) {
local hook
for hook in " $@ " ; do
hook = " ${ hook //%i/ $INTERFACE } "
echo " [#] $hook " >& 2
( eval " $hook " )
done
2017-01-02 04:33:43 +00:00
}
cmd_usage( ) {
cat >& 2 <<-_EOF
2019-03-13 23:36:22 +00:00
Usage: $PROGRAM [ up | down | save | strip ] [ CONFIG_FILE | INTERFACE ]
2017-01-02 04:33:43 +00:00
CONFIG_FILE is a configuration file, whose filename is the interface name
followed by \` .conf' . Otherwise, INTERFACE is an interface name, with
configuration found at /etc/wireguard/INTERFACE.conf. It is to be readable
by wg( 8) 's \`setconf' sub-command, with the exception of the following additions
to the [ Interface] section, which are handled by $PROGRAM :
- Address: may be specified one or more times and contains one or more
IP addresses ( with an optional CIDR mask) to be set for the interface.
2017-07-26 01:09:48 +00:00
- DNS: an optional DNS server to use while the device is up.
2017-07-20 04:29:14 +00:00
- MTU: an optional MTU for the interface; if unspecified, auto-calculated.
2017-12-12 22:10:08 +00:00
- Table: an optional routing table to which routes will be added; if
unspecified or \` auto', the default table is used. If \`off' , no routes
are added.
2017-01-02 04:33:43 +00:00
- PreUp, PostUp, PreDown, PostDown: script snippets which will be executed
by bash( 1) at the corresponding phases of the link, most commonly used
to configure DNS. The string \` %i' is expanded to INTERFACE.
- SaveConfig: if set to \` true' , the configuration is saved from the current
state of the interface upon shutdown.
2017-07-20 04:29:14 +00:00
See wg-quick( 8) for more info and examples.
2017-01-02 04:33:43 +00:00
_EOF
}
cmd_up( ) {
local i
[ [ -z $( ip link show dev " $INTERFACE " 2>/dev/null) ] ] || die " \` $INTERFACE ' already exists "
trap 'del_if; exit' INT TERM EXIT
2017-10-25 19:55:17 +00:00
execute_hooks " ${ PRE_UP [@] } "
2017-01-02 04:33:43 +00:00
add_if
set_config
for i in " ${ ADDRESSES [@] } " ; do
add_addr " $i "
done
2018-12-16 21:04:02 +00:00
set_mtu_up
2017-07-26 01:09:48 +00:00
set_dns
2017-07-24 21:22:10 +00:00
for i in $( while read -r _ i; do for i in $i ; do [ [ $i = ~ ^[ 0-9a-z:.] +/[ 0-9] +$ ] ] && echo " $i " ; done ; done < <( wg show " $INTERFACE " allowed-ips) | sort -nr -k 2 -t /) ; do
2017-12-12 22:10:08 +00:00
add_route " $i "
2017-01-02 04:33:43 +00:00
done
2017-10-25 19:55:17 +00:00
execute_hooks " ${ POST_UP [@] } "
2017-01-02 04:33:43 +00:00
trap - INT TERM EXIT
}
cmd_down( ) {
2017-10-01 19:42:32 +00:00
[ [ " $( wg show interfaces) " = = *" $INTERFACE " * ] ] || die " \` $INTERFACE ' is not a WireGuard interface "
2017-10-25 19:55:17 +00:00
execute_hooks " ${ PRE_DOWN [@] } "
2017-01-02 04:33:43 +00:00
[ [ $SAVE_CONFIG -eq 0 ] ] || save_config
del_if
2019-11-28 12:49:34 +00:00
unset_dns || true
2019-12-10 15:37:34 +00:00
remove_firewall || true
2017-10-25 19:55:17 +00:00
execute_hooks " ${ POST_DOWN [@] } "
2017-01-02 04:33:43 +00:00
}
2017-10-31 16:51:38 +00:00
cmd_save( ) {
[ [ " $( wg show interfaces) " = = *" $INTERFACE " * ] ] || die " \` $INTERFACE ' is not a WireGuard interface "
save_config
}
2019-03-13 23:36:22 +00:00
cmd_strip( ) {
echo " $WG_CONFIG "
}
2017-10-31 10:38:09 +00:00
# ~~ function override insertion point ~~
2017-01-02 04:33:43 +00:00
if [ [ $# -eq 1 && ( $1 = = --help || $1 = = -h || $1 = = help ) ] ] ; then
cmd_usage
elif [ [ $# -eq 2 && $1 = = up ] ] ; then
auto_su
parse_options " $2 "
cmd_up
elif [ [ $# -eq 2 && $1 = = down ] ] ; then
auto_su
parse_options " $2 "
cmd_down
2017-10-31 16:51:38 +00:00
elif [ [ $# -eq 2 && $1 = = save ] ] ; then
auto_su
parse_options " $2 "
cmd_save
2019-03-13 23:36:22 +00:00
elif [ [ $# -eq 2 && $1 = = strip ] ] ; then
auto_su
parse_options " $2 "
cmd_strip
2017-01-02 04:33:43 +00:00
else
cmd_usage
exit 1
fi
exit 0