1#!/bin/sh 2 3push_na_rule(){ 4 cat <<EOF 5push "route 3.0.0.0 255.0.0.0 $gateway" 6push "route 4.0.0.0 255.0.0.0 $gateway" 7push "route 8.0.0.0 255.0.0.0 $gateway" 8push "route 9.0.0.0 255.0.0.0 $gateway" 9push "route 14.0.0.0 255.0.0.0 $gateway" 10push "route 16.0.0.0 255.0.0.0 $gateway" 11push "route 18.0.0.0 255.0.0.0 $gateway" 12push "route 23.0.0.0 255.0.0.0 $gateway" 13push "route 47.128.0.0 255.128.0.0 $gateway" 14push "route 54.0.0.0 255.0.0.0 $gateway" 15push "route 184.0.0.0 255.0.0.0 $gateway" 16push "route 69.0.0.0 255.0.0.0 $gateway" 17push "route 204.245.0.0 255.255.0.0 $gateway" 18push "route 173.224.0.0 255.255.0.0 $gateway" 19EOF 20} 21 22push_eu_rule(){ 23 cat <<EOF 24push "route 57.0.0.0 255.0.0.0 $gateway" 25push "route 90.0.0.0 255.128.0.0 $gateway" 26push "route 78.192.0.0 255.192.0.0 $gateway" 27push "route 92.128.0.0 255.192.0.0 $gateway" 28push "route 86.192.0.0 255.192.0.0 $gateway" 29push "route 176.128.0.0 255.192.0.0 $gateway" 30push "route 25.0.0.0 255.0.0.0 $gateway" 31push "route 51.0.0.0 255.0.0.0 $gateway" 32push "route 86.128.0.0 255.192.0.0 $gateway" 33push "route 53.0.0.0 255.0.0.0 $gateway" 34push "route 84.128.0.0 255.192.0.0 $gateway" 35push "route 93.192.0.0 255.192.0.0 $gateway" 36push "route 176.0.0.0 255.192.0.0 $gateway" 37push "route 151.3.0.0 255.128.0.0 $gateway" 38EOF 39} 40 41push_home_rule(){ 42 cat <<EOF 43push "route-delay 10" 44push "route $lan_net_id $lan_netmask $gateway" 45EOF 46 if [ "$1" = "tun" ]; then 47 cat <<EOF 48push "route $tun_subnet $lan_netmask $gateway" 49EOF 50 fi 51} 52 53push_all_site_rule(){ 54 if [ "$1" = "tap" ]; then 55 cat <<EOF 56push "route-delay 10" 57push "route-gateway $gateway" 58EOF 59 fi 60 cat <<EOF 61push "redirect-gateway def1" 62EOF 63} 64 65lan_ipaddr=$(config get lan_ipaddr) 66lan_netmask=$(config get lan_netmask) 67lan_net_id=$(net_id $lan_ipaddr $lan_netmask) 68if [ $1 = "tap" ]; then 69 gateway=$lan_ipaddr 70else 71 tun_subnet=$(tun_net $lan_ipaddr $lan_netmask) 72 gateway=$ifconfig_pool_local_ip 73fi 74 75vpn_access_mode=$(config get vpn_access_mode) 76case $vpn_access_mode in 77 "auto") 78 /usr/sbin/wget -T 10 http://www.speedtest.net/api/country?ip=$trusted_ip -O /tmp/openvpn/client_location 79 client_location=$(cat /tmp/openvpn/client_location) 80 server_location=$(cat /tmp/openvpn/server_location) 81 if [ "$server_location" = "US" ] && [ "$client_location" != "US" ]; then 82 # push NA routing rule + home network rule to client 83 push_na_rule > $2 84 push_home_rule $1>> $2 85 elif [ "$server_location" = "EU" ] && [ "$client_location" != "EU" ]; then 86 # push EU routing rule + home network rule to client 87 push_eu_rule > $2 88 push_home_rule $1 >> $2 89 else 90 # push only home network rule to client 91 push_home_rule $1> $2 92 fi 93 ;; 94 "home") 95 push_home_rule $1> $2 96 ;; 97 "all") 98 push_all_site_rule $1> $2 99 ;; 100esac 101 102