diff options
-rw-r--r-- | doc/net.example.Linux.in | 5 | ||||
-rw-r--r-- | net/tuntap.sh | 24 |
2 files changed, 21 insertions, 8 deletions
diff --git a/doc/net.example.Linux.in b/doc/net.example.Linux.in index 7bae8d75..a86eebc1 100644 --- a/doc/net.example.Linux.in +++ b/doc/net.example.Linux.in @@ -790,7 +790,7 @@ #----------------------------------------------------------------------------- # TUN/TAP -# For TUN/TAP support emerge net-misc/openvpn or sys-apps/usermode-utilities +# For TUN/TAP support install iproute2, openvpn or usermode-utilities # # You must specify if we're a tun or tap device. Then you can give it any # name you like - such as vpn @@ -801,6 +801,9 @@ #tuntap_tap0="tap" #config_tap0="192.168.0.1/24" +# Use something like this to pass custom options to iproute2 during +# tunnel creation. This sets the user and group ownership of the node. +#iproute2_tun1="user foo group bar" # For passing custom options to tunctl use something like the following. This # example sets the owner to adm #tunctl_tun1="-u adm" diff --git a/net/tuntap.sh b/net/tuntap.sh index ac505abb..45a80fe7 100644 --- a/net/tuntap.sh +++ b/net/tuntap.sh @@ -6,7 +6,7 @@ tuntap_depend() before bridge interface macchanger } -_config_vars="$_config_vars tunctl" +_config_vars="$_config_vars iproute2 openvpn tunctl" _is_tuntap() { @@ -44,28 +44,36 @@ tuntap_pre_start() # Set the base metric to 1000 metric=1000 - local o_opts= t_opts= do_openvpn=false do_tunctl=false + local i_opts= o_opts= t_opts= + local do_iproute2=false do_openvpn=false do_tunctl=false + eval i_opts=\$iproute2_${IFVAR} eval o_opts=\$openvpn_${IFVAR} eval t_opts=\$tunctl_${IFVAR} - if [ -n "${o_opts}" ] && type openvpn >/dev/null 2>&1; then + if [ -n "${i_opts}" ] && type ip >/dev/null 2>&1; then + do_iproute2=true + elif [ -n "${o_opts}" ] && type openvpn >/dev/null 2>&1; then do_openvpn=true elif [ -n "${t_opts}" ] && type tunctl >/dev/null 2>&1; then do_tunctl=true + elif type ip >/dev/null 2>&1; then + do_iproute2=true elif type openvpn >/dev/null 2>&1; then do_openvpn=true elif type tunctl >/dev/null 2>&1; then do_tunctl=true fi - if ${do_openvpn}; then + if ${do_iproute2}; then + ip tuntap add dev "${IFACE}" mode "${tuntap}" ${i_opts} + elif ${do_openvpn}; then openvpn --mktun --dev-type "${tuntap}" --dev "${IFACE}" \ ${o_opts} >/dev/null elif ${do_tunctl}; then tunctl ${t_opts} -t "${IFACE}" >/dev/null else - eerror "Neither openvpn nor tunctl has been found, please install" - eerror "either \"openvpn\" or \"usermode-utilities\"." + eerror "Neither iproute2, openvpn nor tunctl has been found, please install" + eerror "either \"iproute2\" \"openvpn\" or \"usermode-utilities\"." fi eend $? && _up && service_set_value tuntap "${tuntap}" } @@ -75,7 +83,9 @@ tuntap_post_stop() _is_tuntap || return 0 ebegin "Destroying Tun/Tap interface ${IFACE}" - if type tunctl >/dev/null 2>&1; then + if type ip > /dev/null 2>&1; then + ip tuntap del dev ${IFACE} mode $(service_get_value tuntap) + elif type tunctl >/dev/null 2>&1; then tunctl -d "${IFACE}" >/dev/null else openvpn --rmtun \ |