Skip to content

Commit

Permalink
Improve route updating process
Browse files Browse the repository at this point in the history 
IPv6 addresses were not queried when getting active routes.
This would cause a duplicate IPv6 route to be attempted.
Fixes #70
  • Loading branch information
@whiskerz007 @FossoresLP
whiskerz007 authored and FossoresLP committed Mar 5, 2021
1 parent 0ee17ed commit 2e59757
Showing 1 changed file with 11 additions and 6 deletions.
17 changes: 11 additions & 6 deletions opt/wireguard/update_routes.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,12 @@ alias node_list='$VYATTA_API listNodes $VYATTA_API_SLUG'
alias node_value='$VYATTA_API returnValue $VYATTA_API_SLUG'
alias node_values='$VYATTA_API returnValues $VYATTA_API_SLUG'

# Create variable for ip device
DEV="dev $INTERFACE"
# Create variable for ip route shorthand
ROUTE_SLUG="dev $INTERFACE proto boot scope link"
ROUTE_SLUG="$DEV proto boot"
# Create array of all routes for interface
readarray -t ROUTES < <(ip route show $ROUTE_SLUG)
readarray -t ROUTES < <(ip -4 route show $ROUTE_SLUG; ip -6 route show $ROUTE_SLUG)
# Create array of all allowed-ips for interface
ALLOWED_IPS=( $(sudo wg show $INTERFACE allowed-ips | sed 's/^.*\t//;s/ /\n/g' | sort -nr -k 2 -t /) )
# Create variable for route-allowed-ips value
Expand All @@ -29,7 +31,7 @@ ROUTE_ALLOWED_IPS=$(node_value route-allowed-ips || true)
# If one or more routes exist for interface
if [ ${#ROUTES[@]} -gt 0 ]; then
# Parse all routes for interface
for route in ${ROUTES[@]}; do
for route in "${ROUTES[@]}"; do
# Create variable for CIDR from route
cidr=$(echo "$route" | awk '{print $1}')

Expand All @@ -56,10 +58,13 @@ if [ "${ROUTE_ALLOWED_IPS:-x}" == "true" ]; then
for ip in ${ALLOWED_IPS[@]}; do
# Peer allowed-ips that are empty will return '(none)'
# If ip is '(none)', then skip to the next in the list
if [ $ip == "(none)" ]; then continue; fi
if [ "${ip}" == "(none)" ]; then continue; fi

# If ip does not exist in routing table
if [[ ! " ${ROUTES[@]:-x} " =~ " ${ip} " ]]; then
# Create variable for route matching
ROUTE_SHOW="route show match $ip"
# If ip does not have a route with the interface
if [[ ! "$(ip -4 $ROUTE_SHOW 2> /dev/null)" =~ "${DEV}" ]] && \
[[ ! "$(ip -6 $ROUTE_SHOW 2> /dev/null)" =~ "${DEV}" ]]; then
# Create route
sudo ip route add $ip $ROUTE_SLUG
fi
Expand Down

0 comments on commit 2e59757

Please sign in to comment.