[3/4] Add package fff-vpn-select

Details

Message ID	1466976194-2546-4-git-send-email-rlanghammer@web.de
State	Accepted, archived
Headers	show Return-Path: <franken-dev-bounces@freifunk.net> From: Robert Langhammer <rlanghammer@web.de> To: franken-dev@freifunk.net Subject: [PATCH 3/4] Add package fff-vpn-select Date: Sun, 26 Jun 2016 23:23:13 +0200 Message-Id: <1466976194-2546-4-git-send-email-rlanghammer@web.de> In-Reply-To: <1466976194-2546-1-git-send-email-rlanghammer@web.de> References: <1466976194-2546-1-git-send-email-rlanghammer@web.de> Precedence: list Reply-To: Robert Langhammer <rlanghammer@web.de>, franken-dev@freifunk.net MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Errors-To: franken-dev-bounces@freifunk.net Sender: "franken-dev" <franken-dev-bounces@freifunk.net>

Message ID

1466976194-2546-4-git-send-email-rlanghammer@web.de

State

Accepted, archived

Headers

From: Robert Langhammer <rlanghammer@web.de>
To: franken-dev@freifunk.net
Subject: [PATCH 3/4] Add package fff-vpn-select
Date: Sun, 26 Jun 2016 23:23:13 +0200
Message-Id: <1466976194-2546-4-git-send-email-rlanghammer@web.de>
In-Reply-To: <1466976194-2546-1-git-send-email-rlanghammer@web.de>
References: <1466976194-2546-1-git-send-email-rlanghammer@web.de>
Precedence: list
Reply-To: Robert Langhammer <rlanghammer@web.de>, franken-dev@freifunk.net
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Errors-To: franken-dev-bounces@freifunk.net
Sender: "franken-dev" <franken-dev-bounces@freifunk.net>

Commit Message

Robert Langhammer June 26, 2016, 9:23 p.m.

Signed-off-by: Robert Langhammer <rlanghammer@web.de>
---
 src/packages/fff/fff-vpn-select/Makefile           | 41 +++++++++++
 .../files/etc/hotplug.d/iface/50-vpn-select        |  6 ++
 .../files/usr/lib/micron.d/vpn-select              |  1 +
 .../fff/fff-vpn-select/files/usr/sbin/vpn-select   | 80 ++++++++++++++++++++++
 4 files changed, 128 insertions(+)
 create mode 100644 src/packages/fff/fff-vpn-select/Makefile
 create mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
 create mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
 create mode 100755 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select

Patch hide | download patch | download mbox

diff --git a/src/packages/fff/fff-vpn-select/Makefile b/src/packages/fff/fff-vpn-select/Makefile
new file mode 100644
index 0000000..30d9cc1
--- /dev/null
+++ b/src/packages/fff/fff-vpn-select/Makefile
@@ -0,0 +1,41 @@ 
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fff-vpn-select
+PKG_VERSION:=1
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/fff-vpn-select
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/fff-vpn-select
+    SECTION:=base
+    CATEGORY:=Freifunk
+    TITLE:= Freifunk-Franken vpn-select
+    URL:=http://www.freifunk-franken.de
+    DEPENDS:=+fff-tunneldigger \
+             +fff-fastd
+endef
+
+define Package/fff-vpn-select/description
+    Thie package selects and starts the VPN 
+    In this version fastd and l2tp via tunneldigger
+endef
+
+define Build/Prepare
+       echo "all: " > $(PKG_BUILD_DIR)/Makefile
+endef
+
+define Build/Configure
+       # nothing
+endef
+
+define Build/Compile
+       # nothing
+endef
+
+define Package/fff-vpn-select/install
+       $(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,fff-vpn-select))
diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
new file mode 100755
index 0000000..16d9853
--- /dev/null
+++ b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
@@ -0,0 +1,6 @@ 
+#!/bin/sh 
+[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
+       sleep 3
+       /usr/sbin/vpn-select
+}
+
diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
new file mode 100644
index 0000000..dc20486
--- /dev/null
+++ b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
@@ -0,0 +1 @@ 
+*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
new file mode 100755
index 0000000..165c584
--- /dev/null
+++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
@@ -0,0 +1,80 @@ 
+#!/bin/sh
+
+test -f /tmp/started || exit
+
+make_config() {
+# remove old config
+>etc/config/tunneldigger
+rm /tmp/fastd_${project}_peers/*
+count=0
+# get fastd peers
+pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable)
+wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
+filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
+for file in $filecounts; do
+    awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
+    echo 'float yes;' >> /etc/fastd/$project/peers/$file
+
+    # ask for Broker and select the tunnel
+    IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/${project}/peers/$file)
+    if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then
+        # Gateway offers l2tp
+        FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/${project}/peers/$file)
+        L2PORT=$((FDPORT + 10000))
+        UUID=_$hostname
+
+        uci set tunneldigger.$count=broker
+        uci set tunneldigger.$count.address="$IP:$L2PORT"
+        uci set tunneldigger.$count.uuid="$UUID"
+        uci set tunneldigger.$count.interface="l2tp$count"
+        uci set tunneldigger.$count.enabled="1"
+        uci set tunneldigger.$count.hook_script='/etc/tunneldigger/tunneldigger.hook'
+        uci commit tunneldigger
+        count=$((count + 1))
+        # remove this fastd-peer
+        rm /etc/fastd/${project}/peers/$file
+    fi
+done
+}
+
+# main
+test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
+test_ipv4_host2="8.8.8.8"        # Google DNS
+test_ipv6_host1="heise.de"       # heise Zeitschriftenverlag
+
+# Only do something when the router has internet connection
+if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
+   ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
+   ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
+
+    #set some vars
+    . /etc/community.cfg
+    project="$VPN_PROJECT"
+    mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
+    lat=$(uci get system.@system[0].latitude)
+    long=$(uci get system.@system[0].longitude)
+    hostname=$(cat /proc/sys/kernel/hostname)
+    [ "$hostname" = "OpenWrt" ] && hostname=""
+    [ "$hostname" = "" ] &&  hostname="$mac"
+
+    if [ ! -d /tmp/fastd_${project}_peers ]; then
+        # first run after reboot
+        mkdir /tmp/fastd_${project}_peers
+        # do we have a fastd secret
+        if [ "$(uci get fastd.${project}.secret)" = "generate" -o -z "$(uci get fastd.${project}.secret)" ]; then
+            secret=$(fastd --generate-key 2>&1 |  awk '/[Ss]ecret/ { print $2 }')
+            uci set fastd.${project}.secret="$secret"
+            uci commit fastd
+        fi
+        make_config
+        /etc/init.d/fastd start
+        /etc/init.d/tunneldigger start
+    else
+        # check if new tunneldigger conf is different
+        md5old=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
+        make_config
+        md5new=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
+        [ "$md5new" != "$md5old" ] && /etc/init.d/tunneldigger restart
+        /etc/init.d/fastd reload
+    fi
+fi

Comments

Jan Kraus June 27, 2016, 4:44 p.m.

Am Sonntag, den 26.06.2016, 23:23 +0200 schrieb Robert Langhammer:
> Signed-off-by: Robert Langhammer <rlanghammer@web.de>
> ---
>  src/packages/fff/fff-vpn-select/Makefile           | 41 +++++++++++
>  .../files/etc/hotplug.d/iface/50-vpn-select        |  6 ++
>  .../files/usr/lib/micron.d/vpn-select              |  1 +
>  .../fff/fff-vpn-select/files/usr/sbin/vpn-select   | 80 ++++++++++++++++++++++
>  4 files changed, 128 insertions(+)
>  create mode 100644 src/packages/fff/fff-vpn-select/Makefile
>  create mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
>  create mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
>  create mode 100755 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> 
> diff --git a/src/packages/fff/fff-vpn-select/Makefile b/src/packages/fff/fff-vpn-select/Makefile
> new file mode 100644
> index 0000000..30d9cc1
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/Makefile
> @@ -0,0 +1,41 @@
> +include $(TOPDIR)/rules.mk
> +
> +PKG_NAME:=fff-vpn-select
> +PKG_VERSION:=1
> +PKG_RELEASE:=1
> +
> +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-vpn-select
> +
> +include $(INCLUDE_DIR)/package.mk
> +
> +define Package/fff-vpn-select
> +    SECTION:=base
> +    CATEGORY:=Freifunk
> +    TITLE:= Freifunk-Franken vpn-select
> +    URL:=http://www.freifunk-franken.de
> +    DEPENDS:=+fff-tunneldigger \
> +             +fff-fastd
> +endef
> +
> +define Package/fff-vpn-select/description
> +    Thie package selects and starts the VPN 
> +    In this version fastd and l2tp via tunneldigger
> +endef
> +
> +define Build/Prepare
> +       echo "all: " > $(PKG_BUILD_DIR)/Makefile
> +endef
> +
> +define Build/Configure
> +       # nothing
> +endef
> +
> +define Build/Compile
> +       # nothing
> +endef
> +
> +define Package/fff-vpn-select/install
> +       $(CP) ./files/* $(1)/
> +endef
> +
> +$(eval $(call BuildPackage,fff-vpn-select))
> diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
> new file mode 100755
> index 0000000..16d9853
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
> @@ -0,0 +1,6 @@
> +#!/bin/sh 
> +[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
> +       sleep 3
> +       /usr/sbin/vpn-select
> +}
> +
> diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
> new file mode 100644
> index 0000000..dc20486
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
> @@ -0,0 +1 @@
> +*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select
> diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> new file mode 100755
> index 0000000..165c584
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> @@ -0,0 +1,80 @@
> +#!/bin/sh
> +
> +test -f /tmp/started || exit
> +
> +make_config() {
> +# remove old config
> +>etc/config/tunneldigger
Hier nochmal das selbe. Wenn wir es unten per uci konfigurieren, sollten
wir es hier auch per uci löschen.
> +rm /tmp/fastd_${project}_peers/*
> +count=0
> +# get fastd peers
> +pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable)
> +wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
> +filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
> +for file in $filecounts; do
> +    awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
> +    echo 'float yes;' >> /etc/fastd/$project/peers/$file
> +
> +    # ask for Broker and select the tunnel
> +    IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/${project}/peers/$file)
> +    if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then
> +        # Gateway offers l2tp
> +        FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/${project}/peers/$file)
> +        L2PORT=$((FDPORT + 10000))
> +        UUID=_$hostname
> +
> +        uci set tunneldigger.$count=broker
> +        uci set tunneldigger.$count.address="$IP:$L2PORT"
> +        uci set tunneldigger.$count.uuid="$UUID"
> +        uci set tunneldigger.$count.interface="l2tp$count"
> +        uci set tunneldigger.$count.enabled="1"
> +        uci set tunneldigger.$count.hook_script='/etc/tunneldigger/tunneldigger.hook'
> +        uci commit tunneldigger
> +        count=$((count + 1))
> +        # remove this fastd-peer
> +        rm /etc/fastd/${project}/peers/$file
> +    fi
> +done
> +}
> +
> +# main
> +test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
> +test_ipv4_host2="8.8.8.8"        # Google DNS
> +test_ipv6_host1="heise.de"       # heise Zeitschriftenverlag
> +
> +# Only do something when the router has internet connection
> +if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
> +   ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
> +   ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
> +
> +    #set some vars
> +    . /etc/community.cfg
> +    project="$VPN_PROJECT"
> +    mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
> +    lat=$(uci get system.@system[0].latitude)
> +    long=$(uci get system.@system[0].longitude)
> +    hostname=$(cat /proc/sys/kernel/hostname)
> +    [ "$hostname" = "OpenWrt" ] && hostname=""
> +    [ "$hostname" = "" ] &&  hostname="$mac"
> +
> +    if [ ! -d /tmp/fastd_${project}_peers ]; then
> +        # first run after reboot
> +        mkdir /tmp/fastd_${project}_peers
> +        # do we have a fastd secret
> +        if [ "$(uci get fastd.${project}.secret)" = "generate" -o -z "$(uci get fastd.${project}.secret)" ]; then
> +            secret=$(fastd --generate-key 2>&1 |  awk '/[Ss]ecret/ { print $2 }')
> +            uci set fastd.${project}.secret="$secret"
> +            uci commit fastd
> +        fi
> +        make_config
> +        /etc/init.d/fastd start
> +        /etc/init.d/tunneldigger start
> +    else
> +        # check if new tunneldigger conf is different
> +        md5old=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
> +        make_config
> +        md5new=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
Da wir ja mittlerweile auch SHA256 haben, sollten wir das hier eventuell
benutzen. Dann können wir md5 irgendwann rausschmeißen.
> +        [ "$md5new" != "$md5old" ] && /etc/init.d/tunneldigger restart
Gibt es an der Stelle einen Verbindungsabbruch?

Grüße Jan
> +        /etc/init.d/fastd reload
> +    fi
> +fi
> -- 
> 2.8.0.rc3
>

Tim Niemeyer July 3, 2016, 8:11 p.m.

Hi

Ich hab mir das jetzt noch nicht im Detail angeschaut. Muss das auch
erst noch auf mich wirken lassen. Scheint aber insgesamt schon mal sehr
gut in die Richtung zu gehen, welche mir sehr zu sagt.

Am Sonntag, den 26.06.2016, 23:23 +0200 schrieb Robert Langhammer:
> Signed-off-by: Robert Langhammer <rlanghammer@web.de>
> ---
>  src/packages/fff/fff-vpn-select/Makefile           | 41 +++++++++++
>  .../files/etc/hotplug.d/iface/50-vpn-select        |  6 ++
>  .../files/usr/lib/micron.d/vpn-select              |  1 +
>  .../fff/fff-vpn-select/files/usr/sbin/vpn-select   | 80 ++++++++++++++++++++++
>  4 files changed, 128 insertions(+)
>  create mode 100644 src/packages/fff/fff-vpn-select/Makefile
>  create mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
>  create mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
>  create mode 100755 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> 
> diff --git a/src/packages/fff/fff-vpn-select/Makefile b/src/packages/fff/fff-vpn-select/Makefile
> new file mode 100644
> index 0000000..30d9cc1
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/Makefile
> @@ -0,0 +1,41 @@
> +include $(TOPDIR)/rules.mk
> +
> +PKG_NAME:=fff-vpn-select
> +PKG_VERSION:=1
> +PKG_RELEASE:=1
> +
> +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-vpn-select
> +
> +include $(INCLUDE_DIR)/package.mk
> +
> +define Package/fff-vpn-select
> +    SECTION:=base
> +    CATEGORY:=Freifunk
> +    TITLE:= Freifunk-Franken vpn-select
> +    URL:=http://www.freifunk-franken.de
> +    DEPENDS:=+fff-tunneldigger \
> +             +fff-fastd
> +endef
> +
> +define Package/fff-vpn-select/description
> +    Thie package selects and starts the VPN 
> +    In this version fastd and l2tp via tunneldigger
> +endef
> +
> +define Build/Prepare
> +       echo "all: " > $(PKG_BUILD_DIR)/Makefile
> +endef
> +
> +define Build/Configure
> +       # nothing
> +endef
> +
> +define Build/Compile
> +       # nothing
> +endef
> +
> +define Package/fff-vpn-select/install
> +       $(CP) ./files/* $(1)/
> +endef
> +
> +$(eval $(call BuildPackage,fff-vpn-select))
> diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
> new file mode 100755
> index 0000000..16d9853
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
> @@ -0,0 +1,6 @@
> +#!/bin/sh 
> +[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
> +       sleep 3
> +       /usr/sbin/vpn-select
> +}
> +
> diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
> new file mode 100644
> index 0000000..dc20486
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
> @@ -0,0 +1 @@
> +*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select
> diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> new file mode 100755
> index 0000000..165c584
> --- /dev/null
> +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> @@ -0,0 +1,80 @@
> +#!/bin/sh
> +
> +test -f /tmp/started || exit
> +
> +make_config() {
> +# remove old config
> +>etc/config/tunneldigger
Ein / fehlt am Anfang des Pfades.

Tim

> +rm /tmp/fastd_${project}_peers/*
> +count=0
> +# get fastd peers
> +pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable)
> +wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
> +filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
> +for file in $filecounts; do
> +    awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
> +    echo 'float yes;' >> /etc/fastd/$project/peers/$file
> +
> +    # ask for Broker and select the tunnel
> +    IP=$(awk -F\" '/remote/ {print $2}' /etc/fastd/${project}/peers/$file)
> +    if [ "l2tp" = "$(wget -T10 $IP/vpn.txt -O - 2>/dev/null)" ]; then
> +        # Gateway offers l2tp
> +        FDPORT=$(awk '/remote/{gsub(";", ""); print $5}' /etc/fastd/${project}/peers/$file)
> +        L2PORT=$((FDPORT + 10000))
> +        UUID=_$hostname
> +
> +        uci set tunneldigger.$count=broker
> +        uci set tunneldigger.$count.address="$IP:$L2PORT"
> +        uci set tunneldigger.$count.uuid="$UUID"
> +        uci set tunneldigger.$count.interface="l2tp$count"
> +        uci set tunneldigger.$count.enabled="1"
> +        uci set tunneldigger.$count.hook_script='/etc/tunneldigger/tunneldigger.hook'
> +        uci commit tunneldigger
> +        count=$((count + 1))
> +        # remove this fastd-peer
> +        rm /etc/fastd/${project}/peers/$file
> +    fi
> +done
> +}
> +
> +# main
> +test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
> +test_ipv4_host2="8.8.8.8"        # Google DNS
> +test_ipv6_host1="heise.de"       # heise Zeitschriftenverlag
> +
> +# Only do something when the router has internet connection
> +if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
> +   ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
> +   ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
> +
> +    #set some vars
> +    . /etc/community.cfg
> +    project="$VPN_PROJECT"
> +    mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
> +    lat=$(uci get system.@system[0].latitude)
> +    long=$(uci get system.@system[0].longitude)
> +    hostname=$(cat /proc/sys/kernel/hostname)
> +    [ "$hostname" = "OpenWrt" ] && hostname=""
> +    [ "$hostname" = "" ] &&  hostname="$mac"
> +
> +    if [ ! -d /tmp/fastd_${project}_peers ]; then
> +        # first run after reboot
> +        mkdir /tmp/fastd_${project}_peers
> +        # do we have a fastd secret
> +        if [ "$(uci get fastd.${project}.secret)" = "generate" -o -z "$(uci get fastd.${project}.secret)" ]; then
> +            secret=$(fastd --generate-key 2>&1 |  awk '/[Ss]ecret/ { print $2 }')
> +            uci set fastd.${project}.secret="$secret"
> +            uci commit fastd
> +        fi
> +        make_config
> +        /etc/init.d/fastd start
> +        /etc/init.d/tunneldigger start
> +    else
> +        # check if new tunneldigger conf is different
> +        md5old=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
> +        make_config
> +        md5new=$(md5sum /etc/config/tunneldigger | cut -f1 -d" ")
> +        [ "$md5new" != "$md5old" ] && /etc/init.d/tunneldigger restart
> +        /etc/init.d/fastd reload
> +    fi
> +fi
> -- 
> 2.8.0.rc3
>