2010-04-19 22:41:42 +02:00
|
|
|
#!/bin/sh
|
2005-09-26 07:28:27 +02:00
|
|
|
|
2010-04-28 18:31:36 +02:00
|
|
|
# Copyright (c) 2005-2010 OpenVPN Technologies, Inc.
|
2005-09-26 07:28:27 +02:00
|
|
|
# Licensed under the GPL version 2
|
|
|
|
|
|
|
|
# First version by Jesse Adelman
|
|
|
|
# someone at boldandbusted dink com
|
|
|
|
# http://www.boldandbusted.com/
|
|
|
|
|
|
|
|
# PURPOSE: This script automatically sets the proper /etc/resolv.conf entries
|
|
|
|
# as pulled down from an OpenVPN server.
|
|
|
|
|
|
|
|
# INSTALL NOTES:
|
|
|
|
# Place this in /etc/openvpn/client.up
|
|
|
|
# Then, add the following to your /etc/openvpn/<clientconfig>.conf:
|
|
|
|
# client
|
|
|
|
# up /etc/openvpn/client.up
|
|
|
|
# Next, "chmod a+x /etc/openvpn/client.up"
|
|
|
|
|
|
|
|
# USAGE NOTES:
|
|
|
|
# Note that this script is best served with the companion "client.down"
|
|
|
|
# script.
|
|
|
|
|
2010-04-19 22:41:42 +02:00
|
|
|
# Tested under Debian lenny with OpenVPN 2.1_rc11
|
|
|
|
# It should work with any UNIX with a POSIX sh, /etc/resolv.conf or resolvconf
|
2005-09-26 07:28:27 +02:00
|
|
|
|
|
|
|
# This runs with the context of the OpenVPN UID/GID
|
|
|
|
# at the time of execution. This generally means that
|
|
|
|
# the client "up" script will run fine, but the "down" script
|
|
|
|
# will require the use of the OpenVPN "down-root" plugin
|
|
|
|
# which is in the plugins/ directory of the OpenVPN source tree
|
|
|
|
|
|
|
|
# A horrid work around, from a security perspective,
|
|
|
|
# is to run OpenVPN as root. THIS IS NOT RECOMMENDED. You have
|
|
|
|
# been WARNED.
|
2010-11-01 17:33:26 +01:00
|
|
|
PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin
|
2005-09-26 07:28:27 +02:00
|
|
|
|
|
|
|
# init variables
|
|
|
|
|
|
|
|
i=1
|
2010-04-19 22:41:42 +02:00
|
|
|
domains=
|
|
|
|
fopt=
|
|
|
|
ndoms=0
|
|
|
|
nns=0
|
|
|
|
nl='
|
|
|
|
'
|
|
|
|
|
|
|
|
# $foreign_option_<n> is something like
|
|
|
|
# "dhcp-option DOMAIN example.com" (multiple allowed)
|
|
|
|
# or
|
|
|
|
# "dhcp-option DNS 10.10.10.10" (multiple allowed)
|
|
|
|
|
|
|
|
# each DNS option becomes a "nameserver" option in resolv.con
|
|
|
|
# if we get one DOMAIN, that becomes "domain" in resolv.conf
|
|
|
|
# if we get multiple DOMAINS, those become "search" lines in resolv.conf
|
|
|
|
|
|
|
|
while true; do
|
|
|
|
eval fopt=\$foreign_option_${i}
|
|
|
|
[ -z "${fopt}" ] && break
|
|
|
|
|
|
|
|
case ${fopt} in
|
|
|
|
dhcp-option\ DOMAIN\ *)
|
|
|
|
ndoms=$((ndoms + 1))
|
|
|
|
domains="${domains} ${fopt#dhcp-option DOMAIN }"
|
|
|
|
;;
|
|
|
|
dhcp-option\ DNS\ *)
|
|
|
|
nns=$((nns + 1))
|
|
|
|
if [ $nns -le 3 ]; then
|
|
|
|
dns="${dns}${dns:+$nl}nameserver ${fopt#dhcp-option DNS }"
|
|
|
|
else
|
|
|
|
printf "%s\n" "Too many nameservers - ignoring after third" >&2
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
printf "%s\n" "Unknown option \"${fopt}\" - ignored" >&2
|
|
|
|
;;
|
2005-09-26 07:28:27 +02:00
|
|
|
esac
|
2010-04-19 22:41:42 +02:00
|
|
|
i=$((i + 1))
|
2005-09-26 07:28:27 +02:00
|
|
|
done
|
|
|
|
|
2010-04-19 22:41:42 +02:00
|
|
|
ds=domain
|
|
|
|
if [ $ndoms -gt 1 ]; then
|
|
|
|
ds=search
|
2005-09-26 07:28:27 +02:00
|
|
|
fi
|
|
|
|
|
2010-04-19 22:41:42 +02:00
|
|
|
# This is the complete file - "$domains" has a leading space already
|
|
|
|
out="# resolv.conf autogenerated by ${0} (${1})${nl}${dns}${nl}${ds}${domains}"
|
|
|
|
|
|
|
|
# use resolvconf if it's available
|
2010-11-01 17:33:26 +01:00
|
|
|
if type resolvconf >/dev/null 2>&1; then
|
|
|
|
printf "%s\n" "${out}" | resolvconf -p -a "${1}"
|
2010-04-19 22:41:42 +02:00
|
|
|
else
|
|
|
|
# Preserve the existing resolv.conf
|
|
|
|
if [ -e /etc/resolv.conf ] ; then
|
|
|
|
cp /etc/resolv.conf /etc/resolv.conf.ovpnsave
|
|
|
|
fi
|
|
|
|
printf "%s\n" "${out}" > /etc/resolv.conf
|
|
|
|
chmod 644 /etc/resolv.conf
|
2005-09-26 07:28:27 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
exit 0
|