Custom VPN gateway (VPN_GW_IP)

autoinstall/current/autoinstall.sh

@@ -9,9 +9,9 @@ LUA_MODULE=0
 LUCI_APP=1
 
 OWRT_VERSION="current"
-RUAB_VERSION="1.4-0"
+RUAB_VERSION="1.4-1"
 RUAB_MOD_LUA_VERSION="1.4-0"
-RUAB_LUCI_APP_VERSION="1.4-0"
+RUAB_LUCI_APP_VERSION="1.4-1"
 BASE_URL="https://raw.githubusercontent.com/gSpotx2f/packages-openwrt/master"
 PKG_DIR="/tmp"
 

luci-app-ruantiblock/Makefile

@@ -4,7 +4,7 @@
 
 include $(TOPDIR)/rules.mk
 
-PKG_VERSION:=1.4-0
+PKG_VERSION:=1.4-1
 LUCI_TITLE:=LuCI support for ruantiblock
 LUCI_DEPENDS:=+ruantiblock
 LUCI_PKGARCH:=all

luci-app-ruantiblock/htdocs/luci-static/resources/view/ruantiblock/settings.js

@@ -213,6 +213,12 @@ return view.extend({
 		o.rmempty   = false;
 		o.default   = 'tun0';
 
+		// VPN_GW_IP
+		o = s.taboption('vpn_settings', form.Value, 'vpn_gw_ip',
+			_('VPN gateway IP address'),
+			_('If not specified, the VPN interface address is used (or peer address for PPP protocols)'));
+		o.datatype = 'ip4addr(1)';
+
 		// VPN_ROUTE_CHECK
 		o = s.taboption('vpn_settings', form.ListValue, 'vpn_route_check',
 			_('Type of adding a VPN rule to the routing table'));

luci-app-ruantiblock/po/ru/ruantiblock.po

@@ -203,6 +203,9 @@ msgstr "Час"
 msgid "If less than the specified number of entries are received from the source, then the lists are not updated"
 msgstr "Если от источника получено меньше указанного количества записей, то списки не обновляются"
 
+msgid "If not specified, the VPN interface address is used (or peer address for PPP protocols)"
+msgstr "Если не задан, используется адрес VPN интерфейса (или адрес пира для протоколов PPP)"
+
 msgid "IP address"
 msgstr "IP-адрес"
 
@@ -524,6 +527,9 @@ msgstr "Использовать альтернативный  DNS резолв
 msgid "User entries"
 msgstr "Записи пользователя"
 
+msgid "VPN gateway IP address"
+msgstr "IP адрес шлюза VPN"
+
 msgid "VPN interface"
 msgstr "VPN интерфейс"
 

luci-app-ruantiblock/po/templates/ruantiblock.pot

@@ -187,6 +187,9 @@ msgstr ""
 msgid "If less than the specified number of entries are received from the source, then the lists are not updated"
 msgstr ""
 
+msgid "If not specified, the VPN interface address is used (or peer address for PPP protocols)"
+msgstr ""
+
 msgid "IP address"
 msgstr ""
 
@@ -488,6 +491,9 @@ msgstr ""
 msgid "User entries"
 msgstr ""
 
+msgid "VPN gateway IP address"
+msgstr ""
+
 msgid "VPN interface"
 msgstr ""
 

ruantiblock/Makefile

@@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ruantiblock
 PKG_VERSION:=1.4
-PKG_RELEASE:=0
+PKG_RELEASE:=1
 PKG_MAINTAINER:=gSpot <https://github.com/gSpotx2f/ruantiblock_openwrt>
 
 include $(INCLUDE_DIR)/package.mk

ruantiblock/files/etc/ruantiblock/ruantiblock.conf

@@ -29,6 +29,8 @@ TOR_TRANS_PORT=9040
 ONION_DNS_ADDR="127.0.0.1#9053"
 ### VPN интерфейс для правил маршрутизации
 IF_VPN="tun0"
+### IP адрес шлюза для VPN конфигурации. Если не задан, используется адрес VPN интерфейса (или адрес пира для протоколов PPP)
+VPN_GW_IP=""
 ### Метка для отбора пакетов в VPN туннель
 VPN_PKTS_MARK=8
 ### Таблица маршрутизации для отправки пакетов в VPN туннель

ruantiblock/files/usr/bin/ruantiblock

@@ -9,6 +9,7 @@
 
 export NAME="ruantiblock"
 export APP_EXEC="$0"
+export APP_NAME="`basename $0`"
 export LANG="en_US.UTF-8"
 export LANGUAGE="en"
 
@@ -45,6 +46,8 @@ export TOR_TRANS_PORT=9040
 export ONION_DNS_ADDR="127.0.0.1#9053"
 ### VPN интерфейс для правил маршрутизации
 export IF_VPN="tun0"
+### IP адрес шлюза для VPN конфигурации. Если не задан, используется адрес VPN интерфейса (или адрес пира для протоколов PPP)
+export VPN_GW_IP=""
 ### Метка для отбора пакетов в VPN туннель
 export VPN_PKTS_MARK=8
 ### Таблица маршрутизации для отправки пакетов в VPN туннель
@@ -201,7 +204,7 @@ if [ $ENABLE_LOGGING = "1" -a $? -ne 0 ]; then
     echo " Logger doesn't exists" >&2
     ENABLE_LOGGING=0
 fi
-LOGGER_PARAMS="-t `basename $0`"
+LOGGER_PARAMS="-t ${APP_NAME}"
 WGET_CMD=`which wget`
 if [ $? -ne 0 ]; then
     echo " Error! Wget doesn't exists" >&2
@@ -265,7 +268,7 @@ fi
 
 Help() {
 cat << EOF
- Usage: `basename $0` start|force-start|stop|destroy|restart|reload|update|force-update|data-files|status|raw-status|html-info|help
+ Usage: ${APP_NAME} start|force-start|stop|destroy|restart|reload|update|force-update|data-files|status|raw-status|html-info|help
         start : Start
         force-start : Removing the PID-file before running
         stop : Stop
@@ -280,18 +283,18 @@ cat << EOF
         html-info : Return the html-info output
         -h|--help|help : This message
  Examples:
-        `basename $0` start
+        ${APP_NAME} start
-        `basename $0` force-start
+        ${APP_NAME} force-start
-        `basename $0` stop
+        ${APP_NAME} stop
-        `basename $0` destroy
+        ${APP_NAME} destroy
-        `basename $0` restart
+        ${APP_NAME} restart
-        `basename $0` reload
+        ${APP_NAME} reload
-        `basename $0` update
+        ${APP_NAME} update
-        `basename $0` force-update
+        ${APP_NAME} force-update
-        `basename $0` data-files
+        ${APP_NAME} data-files
-        `basename $0` status
+        ${APP_NAME} status
-        `basename $0` raw-status
+        ${APP_NAME} raw-status
-        `basename $0` html-info
+        ${APP_NAME} html-info
 EOF
 }
 

ruantiblock/files/usr/share/ruantiblock/config_script

@@ -1,5 +1,5 @@
 UCI_SECTION="ruantiblock.config"
-UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns enable_fproxy fproxy_list enable_bllist_proxy if_vpn vpn_route_check tor_trans_port onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
+UCI_VARS="proxy_mode proxy_local_clients nftset_clear_sets allowed_hosts_mode allowed_hosts_list bypass_mode bypass_entries_dns enable_fproxy fproxy_list enable_bllist_proxy if_vpn vpn_gw_ip vpn_route_check tor_trans_port onion_dns_addr t_proxy_port_tcp t_proxy_port_udp t_proxy_allow_udp add_user_entries user_entries_dns enable_logging bllist_min_entries bllist_module bllist_preset bllist_ip_limit bllist_gr_excluded_nets bllist_summarize_ip bllist_summarize_cidr bllist_ip_filter bllist_ip_filter_type bllist_sd_limit bllist_gr_excluded_sld bllist_fqdn_filter bllist_fqdn_filter_type bllist_enable_idn bllist_alt_nslookup bllist_alt_dns_addr update_at_startup"
 UCI_CMD=`which uci`
 if [ $? -ne 0 ]; then
     echo " Error! UCI doesn't exists" >&2

ruantiblock/files/usr/share/ruantiblock/nft_functions

@@ -50,12 +50,17 @@ NftVpnRouteDelete() {
 }
 
 NftVpnRouteAdd() {
-    VPN_IP=`$IP_CMD addr list dev $IF_VPN 2> /dev/null | $AWK_CMD '/inet/{sub("/[0-9]{1,2}$", "", $2); print $2; exit}'`
+    local _vpn_ip
-    if [ -n "$VPN_IP" ]; then
+    if [ -n "$VPN_GW_IP" ]; then
+        _vpn_ip="$VPN_GW_IP"
+    else
+        _vpn_ip=`$IP_CMD addr list dev $IF_VPN 2> /dev/null | $AWK_CMD '/inet/{f=($3 == "peer") ? 4 : 2; sub("/[0-9]{1,2}$", "", $f); print $f; exit}'`
+    fi
+    if [ -n "$_vpn_ip" ]; then
         echo 0 > /proc/sys/net/ipv4/conf/$IF_VPN/rp_filter
         NftVpnRouteDelete 2> /dev/null
         $IP_CMD rule add fwmark $VPN_PKTS_MARK table $VPN_ROUTE_TABLE_ID priority $VPN_RULE_PRIO
-        $IP_CMD route add default via $VPN_IP table $VPN_ROUTE_TABLE_ID
+        $IP_CMD route add default via $_vpn_ip table $VPN_ROUTE_TABLE_ID
     fi
 }