92 lines
2.8 KiB
Bash
92 lines
2.8 KiB
Bash
#!/bin/bash
|
|
|
|
# === Configuration ===
|
|
LOGFILE="/tmp/dispatcher.log"
|
|
BACKUP="/tmp/dispatcher.log.1"
|
|
MAXSIZE=$((1024 * 1024)) # 1 MB
|
|
VPN_IFACE="nl"
|
|
GATEWAY="192.168.178.1"
|
|
LOCAL_IFACE="wlp4s0f0"
|
|
ROUTE1="185.183.34.149"
|
|
ROUTE2="192.168.178.0/24"
|
|
|
|
# === Log Rotation ===
|
|
if [ -f "$LOGFILE" ] && [ "$(stat -c%s "$LOGFILE")" -ge "$MAXSIZE" ]; then
|
|
echo "[$(date)] Log file exceeded 1MB, rotating..." >> "$LOGFILE"
|
|
mv "$LOGFILE" "$BACKUP"
|
|
touch "$LOGFILE"
|
|
fi
|
|
|
|
# === Logging Setup ===
|
|
exec >> "$LOGFILE" 2>&1
|
|
echo "[$(date)] Running dispatcher for $1 with status $2"
|
|
|
|
IFACE="$1"
|
|
STATUS="$2"
|
|
|
|
log_and_run() {
|
|
echo "[$(date)] Executing: $*"
|
|
if ! output=$("$@" 2>&1); then
|
|
echo "[$(date)] ERROR: Command failed: $*"
|
|
echo "[$(date)] Output: $output"
|
|
else
|
|
echo "[$(date)] Success: $*"
|
|
fi
|
|
}
|
|
|
|
# === VPN Routing Logic ===
|
|
if [ "$IFACE" = "$VPN_IFACE" ]; then
|
|
case "$STATUS" in
|
|
up)
|
|
echo "[$(date)] VPN interface is up. Preparing routes..."
|
|
|
|
# === Wait for local interface and gateway ===
|
|
echo "[$(date)] Waiting for $LOCAL_IFACE (state UP) and gateway $GATEWAY (reachable)..."
|
|
until ip link show "$LOCAL_IFACE" | grep -q "state UP" && ip route get "$GATEWAY" &>/dev/null; do
|
|
echo "[$(date)] Waiting for $LOCAL_IFACE and $GATEWAY..."
|
|
sleep 1
|
|
done
|
|
echo "[$(date)] Local interface and gateway are ready."
|
|
# === End Wait ===
|
|
|
|
# === APPLY ROUTES (Corrected Order) ===
|
|
|
|
# 1. Add the route for the local network FIRST
|
|
log_and_run /sbin/ip route replace "$ROUTE2" dev "$LOCAL_IFACE"
|
|
|
|
# 2. Add the route to the VPN endpoint via the gateway SECOND
|
|
log_and_run /sbin/ip route replace "$ROUTE1" via "$GATEWAY" dev "$LOCAL_IFACE"
|
|
|
|
# === END APPLY ROUTES ===
|
|
|
|
# Log interface and WireGuard status
|
|
echo "[$(date)] --- ip addr show $VPN_IFACE ---"
|
|
ip addr show "$VPN_IFACE"
|
|
echo "[$(date)] --- wg show $VPN_IFACE ---"
|
|
wg show "$VPN_IFACE"
|
|
|
|
;;
|
|
|
|
down)
|
|
echo "[$(date)] VPN interface is down. Verifying before removing routes..."
|
|
|
|
# Log interface and WireGuard status
|
|
echo "[$(date)] --- ip addr show $VPN_IFACE ---"
|
|
ip addr show "$VPN_IFACE"
|
|
echo "[$(date)] --- wg show $VPN_IFACE ---"
|
|
wg show "$VPN_IFACE"
|
|
|
|
# Delay and confirm interface is still down
|
|
sleep 5
|
|
if ip link show "$VPN_IFACE" | grep -q "state UP"; then
|
|
echo "[$(date)] VPN interface is still up. Skipping route removal."
|
|
else
|
|
echo "[$(date)] Confirmed VPN is down. Removing routes..."
|
|
# It's good practice to remove them in reverse order, too.
|
|
log_and_run /sbin/ip route del "$ROUTE1" via "$GATEWAY" dev "$LOCAL_IFACE"
|
|
log_and_run /sbin/ip route del "$ROUTE2" dev "$LOCAL_IFACE"
|
|
fi
|
|
;;
|
|
esac
|
|
fi
|