vvzvlad/trickster-vpn
1
0
Fork 0
mirror of https://github.com/vvzvlad/trickster-vpn.git synced 2024-11-05 06:09:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

add exclude and include variants

Browse Source
This commit is contained in:
vvzvlad 2022-11-17 00:17:07 +03:00
parent 1065ed31d5
commit f9b652e78f
13 changed files with 151 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
bootstrap_external.sh → exclude_mode_cfg_gen/bootstrap_external.sh
View File

0
bootstrap_internal.sh → exclude_mode_cfg_gen/bootstrap_internal.sh
View File

0
bootstrap_mobile.sh → exclude_mode_cfg_gen/bootstrap_mobile.sh
View File

0
config_generator/generate_cfgs.sh → exclude_mode_cfg_gen/generate_cfgs.sh
View File

4
update_ru_routes.sh → exclude_mode_cfg_gen/update_exclude_routes.sh
View File

@ -1,7 +1,7 @@
#!/bin/bash
#To crontab (export EDITOR=nano; crontab -e)
#@reboot sleep 30 && bash /root/update_ru_routes.sh > /root/update_routes_log.txt 2>&1
#0 3 * * mon bash /root/update_ru_routes.sh > /root/update_routes_log.txt 2>&1
#@reboot sleep 30 && bash /root/update_exclude_routes.sh > /root/update_routes_log.txt 2>&1
#0 3 * * mon bash /root/update_exclude_routes.sh > /root/update_routes_log.txt 2>&1
function ProgressBar {
let _progress=(${1}*100/${2}*100)/100

0
config_generator/wg-external.conf → exclude_mode_cfg_gen/wg-external.conf
View File

0
config_generator/wg-internal.conf → exclude_mode_cfg_gen/wg-internal.conf
View File

0
config_generator/wg-mobile-client.conf → exclude_mode_cfg_gen/wg-mobile-client.conf
View File

60
include_mode_cfg_gen/generate_cfgs.sh Normal file
View File

@ -0,0 +1,60 @@
#!/bin/bash
PRIVATE_KEY_EXTERNAL=`wg genkey`
PUBLIC_KEY_EXTERNAL=`echo $PRIVATE_KEY_EXTERNAL | wg pubkey`
PRIVATE_KEY_INTERNAL=`wg genkey`
PUBLIC_KEY_INTERNAL=`echo $PRIVATE_KEY_INTERNAL | wg pubkey`
PRIVATE_KEY_CLIENT_1=`wg genkey`
PUBLIC_KEY_CLIENT_1=`echo $PRIVATE_KEY_CLIENT_1 | wg pubkey`
INTERNAL_IP_ADDRESS=`dig +short txt ch whoami.cloudflare @1.0.0.1`
mkdir configs
cp ./wg-external.conf ./configs/wg-external.conf
cp ./wg-internal.conf ./configs/wg-internal.conf
cp ./wg-mobile-client.conf ./configs/wg-mobile-client.conf
cp ./update_include_routes.sh /etc/wireguard/update_include_routes.sh
touch /etc/wireguard/subnets_user_list.txt
touch /etc/wireguard/hosts_user_list.txt
echo "Generating keys..."
echo "********************************"
echo "Private key for External: $PRIVATE_KEY_EXTERNAL"
echo "Public key for External: $PUBLIC_KEY_EXTERNAL"
echo "Private key for Internal: $PRIVATE_KEY_INTERNAL"
echo "Public key for Internal: $PUBLIC_KEY_INTERNAL"
echo "Private key for Client 1: $PRIVATE_KEY_CLIENT_1"
echo "Public key for Client 1: $PUBLIC_KEY_CLIENT_1"
echo "********************************"
echo "Replacing templates in configs..."
sed -i "s^---PRIVATE_KEY_EXTERNAL---^$PRIVATE_KEY_EXTERNAL^" ./configs/wg-external.conf
sed -i "s^---PRIVATE_KEY_EXTERNAL---^$PRIVATE_KEY_EXTERNAL^" ./configs/wg-internal.conf
sed -i "s^---PRIVATE_KEY_EXTERNAL---^$PRIVATE_KEY_EXTERNAL^" ./configs/wg-mobile-client.conf
sed -i "s^---PUBLIC_KEY_EXTERNAL---^$PUBLIC_KEY_EXTERNAL^" ./configs/wg-external.conf
sed -i "s^---PUBLIC_KEY_EXTERNAL---^$PUBLIC_KEY_EXTERNAL^" ./configs/wg-internal.conf
sed -i "s^---PUBLIC_KEY_EXTERNAL---^$PUBLIC_KEY_EXTERNAL^" ./configs/wg-mobile-client.conf
sed -i "s^---PRIVATE_KEY_INTERNAL---^$PRIVATE_KEY_INTERNAL^" ./configs/wg-external.conf
sed -i "s^---PRIVATE_KEY_INTERNAL---^$PRIVATE_KEY_INTERNAL^" ./configs/wg-internal.conf
sed -i "s^---PRIVATE_KEY_INTERNAL---^$PRIVATE_KEY_INTERNAL^" ./configs/wg-mobile-client.conf
sed -i "s^---PUBLIC_KEY_INTERNAL---^$PUBLIC_KEY_INTERNAL^" ./configs/wg-external.conf
sed -i "s^---PUBLIC_KEY_INTERNAL---^$PUBLIC_KEY_INTERNAL^" ./configs/wg-internal.conf
sed -i "s^---PUBLIC_KEY_INTERNAL---^$PUBLIC_KEY_INTERNAL^" ./configs/wg-mobile-client.conf
sed -i "s^---PRIVATE_KEY_CLIENT_1---^$PRIVATE_KEY_CLIENT_1^" ./configs/wg-external.conf
sed -i "s^---PRIVATE_KEY_CLIENT_1---^$PRIVATE_KEY_CLIENT_1^" ./configs/wg-internal.conf
sed -i "s^---PRIVATE_KEY_CLIENT_1---^$PRIVATE_KEY_CLIENT_1^" ./configs/wg-mobile-client.conf
sed -i "s^---PUBLIC_KEY_CLIENT_1---^$PUBLIC_KEY_CLIENT_1^" ./configs/wg-external.conf
sed -i "s^---PUBLIC_KEY_CLIENT_1---^$PUBLIC_KEY_CLIENT_1^" ./configs/wg-internal.conf
sed -i "s^---PUBLIC_KEY_CLIENT_1---^$PUBLIC_KEY_CLIENT_1^" ./configs/wg-mobile-client.conf
sed -i "s^---INTERNAL_IP_ADDRESS---^$INTERNAL_IP_ADDRESS^" ./configs/wg-external.conf
sed -i "s^---INTERNAL_IP_ADDRESS---^$INTERNAL_IP_ADDRESS^" ./configs/wg-internal.conf
sed -i "s^---INTERNAL_IP_ADDRESS---^$INTERNAL_IP_ADDRESS^" ./configs/wg-mobile-client.conf
echo "Generating complete"

45
include_mode_cfg_gen/update_include_routes.sh Normal file
View File

@ -0,0 +1,45 @@
#!/bin/bash
#copy this file to your /etc/wireguard
function ProgressBar {
let _progress=(${1}*100/${2}*100)/100
let _done=(${_progress}*4)/10
let _left=40-$_done
_fill=$(printf "%${_done}s")
_empty=$(printf "%${_left}s")
printf "\rAdd routes to route table (${1}/${2}): [${_fill// /#}${_empty// /-}] ${_progress}%%"
}
#Variables
file_user="subnets_user_list.txt"
file_user_hostnames="hosts_user_list.txt"
file_processed="include_subnets_list_processed.txt"
interface_for_external_ip="wg-internal"
if [ -e $file_user ]
then echo "Add user subnets..."
cat $file_user |grep -v "#" >> $file_processed
fi
if [ -e $file_user_hostnames ]
then echo "Add user hostnames..."
for line in $(cat $file_user_hostnames); do nslookup line |grep "Address" |grep -v "#" |awk '{print $2"/32"}' >> $file_processed; done
fi
#Flush route table
echo "Flush route table (down interface $interface)..."
ifdown $interface > /dev/null 2>&1
echo "Up interface $interface..."
ifup $interface > /dev/null 2>&1
#Add route
routes_count_in_file=`wc -l $file_processed`
routes_count_current=0
for line in $(cat $file_processed); do ip route add $line dev $interface_for_external_ip; let "routes_count_current+=1" ; ProgressBar ${routes_count_current} ${routes_count_in_file}; done
echo ""
echo "Remove temp files..."
rm $file_processed
routes_count=`ip r | wc -l`
echo "Routes in routing table: $routes_count"

12
include_mode_cfg_gen/wg-external.conf Normal file
View File

@ -0,0 +1,12 @@
[Interface]
Address = 10.20.30.2/32
PrivateKey = ---PRIVATE_KEY_EXTERNAL---
PostUp = iptables -t nat -A POSTROUTING -o `ip route | awk '/default/ {print $5; exit}'` -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o `ip route | awk '/default/ {print $5; exit}'` -j MASQUERADE
#internal node
[Peer]
PublicKey = ---PUBLIC_KEY_INTERNAL---
AllowedIPs = 10.20.30.0/24
Endpoint = ---INTERNAL_IP_ADDRESS---:17968
PersistentKeepalive = 25

21
include_mode_cfg_gen/wg-internal.conf Normal file
View File

@ -0,0 +1,21 @@
[Interface]
Address = 10.20.30.1/32
ListenPort = 17968
PrivateKey = ---PRIVATE_KEY_INTERNAL---
PostUp = iptables -t nat -A POSTROUTING -o `ip route | awk '/default/ {print $5; exit}'` -j MASQUERADE
PostUp = ip rule add from `ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | grep -v "inet6" | head -n 1 | awk '/inet/ {print $2}' | awk -F/ '{print $1}'` table main
PostUp = ip route delete default dev wg-internal table 51820
PostUp = bash /etc/wireguard/update_include_routes.sh
PostDown = iptables -t nat -D POSTROUTING -o `ip route | awk '/default/ {print $5; exit}'` -j MASQUERADE
PostDown = ip rule del from `ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | grep -v "inet6" | head -n 1 | awk '/inet/ {print $2}' | awk -F/ '{print $1}'` table main
#external node
[Peer]
PublicKey = ---PUBLIC_KEY_EXTERNAL---
AllowedIPs = 10.20.30.2/32, 0.0.0.0/0
#mobile-client node
[Peer]
PublicKey = ---PUBLIC_KEY_CLIENT_1---
AllowedIPs = 10.20.30.3/32

11
include_mode_cfg_gen/wg-mobile-client.conf Normal file
View File

@ -0,0 +1,11 @@
[Interface]
Address = 10.20.30.3/32
PrivateKey = ---PRIVATE_KEY_CLIENT_1---
DNS = 1.1.1.1, 8.8.8.8
#internal node
[Peer]
PublicKey = ---PUBLIC_KEY_INTERNAL---
AllowedIPs = 0.0.0.0/0
Endpoint = ---INTERNAL_IP_ADDRESS---:17968
PersistentKeepalive = 25