src/netns-script

   1 #!/bin/sh
   2
   3 # adapted from
   4 # https://unix.stackexchange.com/questions/149293/feed-all-traffic-through-openvpn-for-a-specific-network-namespace-only
   5
   6 # vpn_wrapper.sh creates another script of name helper_script<timestamp>.sh,
   7 # which gets called by openvpn process, exports NAMESPACE_NAME and WRAPPER_PID
   8 # variables and then runs this script
   9
  10 case $script_type in
  11     up)
  12         env
  13                 ip netns add $NAMESPACE_NAME
  14                 ip netns exec $NAMESPACE_NAME ip link set dev lo up
  15                 ip link set dev "$1" up netns $NAMESPACE_NAME mtu "$2"
  16                 ip netns exec $NAMESPACE_NAME ip addr add dev "$1" \
  17                         "$4/${ifconfig_netmask:-30}" \
  18                         ${ifconfig_broadcast:+broadcast "$ifconfig_broadcast"}
  19                 if [ -n "$ifconfig_ipv6_local" ]; then
  20                         ip netns exec $NAMESPACE_NAME ip addr add dev "$1" \
  21                                 "$ifconfig_ipv6_local"/112
  22                 fi
  23                 ;;
  24         route-up)
  25                 ip netns exec $NAMESPACE_NAME ip route add default via "$ifconfig_remote"
  26
  27                 if [ -n "$ifconfig_ipv6_remote" ]; then
  28                         ip netns exec $NAMESPACE_NAME ip route add default via \
  29                                 "$ifconfig_ipv6_remote"
  30                 fi
  31
  32                 # notify our sh process, that openvpn finished initializing
  33                 kill -usr1 $WRAPPER_PID
  34                 ;;
  35         down)
  36                 ip netns delete $NAMESPACE_NAME
  37                 ;;
  38 esac