wg-quick: allow specifiying multiple hooks

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2017-10-25 21:55:17 +02:00
parent b1dd8d711e
commit 17f9548182
2 changed files with 21 additions and 18 deletions

View file

@ -80,7 +80,8 @@ PreUp, PostUp, PreDown, PostDown \(em script snippets which will be executed by
.BR bash (1) .BR bash (1)
before/after setting up/tearing down the interface, most commonly used before/after setting up/tearing down the interface, most commonly used
to configure custom DNS options or firewall rules. The special string `%i' to configure custom DNS options or firewall rules. The special string `%i'
is expanded to \fIINTERFACE\fP. is expanded to \fIINTERFACE\fP. Each one may be specified multiple times, in which case
the commands are executed in order.
.IP \(bu .IP \(bu
SaveConfig \(em if set to `true', the configuration is saved from the current state of the SaveConfig \(em if set to `true', the configuration is saved from the current state of the
interface upon shutdown. interface upon shutdown.

View file

@ -15,10 +15,10 @@ INTERFACE=""
ADDRESSES=( ) ADDRESSES=( )
MTU="" MTU=""
DNS=( ) DNS=( )
PRE_UP="" PRE_UP=( )
POST_UP="" POST_UP=( )
PRE_DOWN="" PRE_DOWN=( )
POST_DOWN="" POST_DOWN=( )
SAVE_CONFIG=0 SAVE_CONFIG=0
CONFIG_FILE="" CONFIG_FILE=""
PROGRAM="${0##*/}" PROGRAM="${0##*/}"
@ -43,10 +43,10 @@ parse_options() {
Address) ADDRESSES+=( ${value//,/ } ); continue ;; Address) ADDRESSES+=( ${value//,/ } ); continue ;;
MTU) MTU="$value"; continue ;; MTU) MTU="$value"; continue ;;
DNS) DNS+=( ${value//,/ } ); continue ;; DNS) DNS+=( ${value//,/ } ); continue ;;
PreUp) PRE_UP="$value"; continue ;; PreUp) PRE_UP+=( "$value" ); continue ;;
PreDown) PRE_DOWN="$value"; continue ;; PreDown) PRE_DOWN+=( "$value" ); continue ;;
PostUp) POST_UP="$value"; continue ;; PostUp) POST_UP+=( "$value" ); continue ;;
PostDown) POST_DOWN="$value"; continue ;; PostDown) POST_DOWN+=( "$value" ); continue ;;
SaveConfig) read_bool SAVE_CONFIG "$value"; continue ;; SaveConfig) read_bool SAVE_CONFIG "$value"; continue ;;
esac esac
fi fi
@ -197,11 +197,13 @@ save_config() {
umask "$old_umask" umask "$old_umask"
} }
execute_hook() { execute_hooks() {
[[ -n $1 ]] || return 0 local hook
local hook="${1//%i/$INTERFACE}" for hook in "$@"; do
hook="${hook//%i/$INTERFACE}"
echo "[#] $hook" >&2 echo "[#] $hook" >&2
(eval "$hook") (eval "$hook")
done
} }
cmd_usage() { cmd_usage() {
@ -232,7 +234,7 @@ cmd_up() {
local i local i
[[ -z $(ip link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists" [[ -z $(ip link show dev "$INTERFACE" 2>/dev/null) ]] || die "\`$INTERFACE' already exists"
trap 'del_if; exit' INT TERM EXIT trap 'del_if; exit' INT TERM EXIT
execute_hook "$PRE_UP" execute_hooks "${PRE_UP[@]}"
add_if add_if
set_config set_config
for i in "${ADDRESSES[@]}"; do for i in "${ADDRESSES[@]}"; do
@ -244,17 +246,17 @@ cmd_up() {
for i in $(while read -r _ i; do for i in $i; do [[ $i =~ ^[0-9a-z:.]+/[0-9]+$ ]] && echo "$i"; done; done < <(wg show "$INTERFACE" allowed-ips) | sort -nr -k 2 -t /); do for i in $(while read -r _ i; do for i in $i; do [[ $i =~ ^[0-9a-z:.]+/[0-9]+$ ]] && echo "$i"; done; done < <(wg show "$INTERFACE" allowed-ips) | sort -nr -k 2 -t /); do
[[ $(ip route get "$i" 2>/dev/null) == *dev\ $INTERFACE\ * ]] || add_route "$i" [[ $(ip route get "$i" 2>/dev/null) == *dev\ $INTERFACE\ * ]] || add_route "$i"
done done
execute_hook "$POST_UP" execute_hooks "${POST_UP[@]}"
trap - INT TERM EXIT trap - INT TERM EXIT
} }
cmd_down() { cmd_down() {
[[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface" [[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
execute_hook "$PRE_DOWN" execute_hooks "${PRE_DOWN[@]}"
[[ $SAVE_CONFIG -eq 0 ]] || save_config [[ $SAVE_CONFIG -eq 0 ]] || save_config
unset_dns unset_dns
del_if del_if
execute_hook "$POST_DOWN" execute_hooks "${POST_DOWN[@]}"
} }
if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then if [[ $# -eq 1 && ( $1 == --help || $1 == -h || $1 == help ) ]]; then