openvpn -- added support for optional "free" rate-limited service via special client certificates with the FREE prefix in the common name.

author: elijah <elijah@riseup.net> 2013-02-27 23:46:58 -0800
committer: elijah <elijah@riseup.net> 2013-02-27 23:46:58 -0800
commit: ffb88e54c5e4e30fa61ea1009f3eee62f98ab17c (patch)
tree: 0d28846e9de15d7580b3b232aac16e2f4e8cb6e4 /puppet/modules/site_openvpn/templates
parent: 5f8b63892ec9d08471a43ac642ed8f291d27c4f5 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/puppet/modules/site_openvpn/templates/leap_add_second_ip.sh.erb b/puppet/modules/site_openvpn/templates/leap_add_second_ip.sh.erb
new file mode 100644
index 00000000..40866116
--- /dev/null
+++ b/puppet/modules/site_openvpn/templates/leap_add_second_ip.sh.erb
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+ip addr show dev <%= @interface %> | grep -q <%= @openvpn_gateway_address %>/24 ||
+  ip addr add <%= @openvpn_gateway_address %>/24 dev <%= @interface %>
+
+<% if @openvpn_allow_free %>
+ip addr show dev <%= @interface %> | grep -q <%= @openvpn_free_gateway_address %>/24 ||
+  ip addr add <%= @openvpn_free_gateway_address %>/24 dev <%= @interface %>
+<% end %>
+
+/bin/echo 1 > /proc/sys/net/ipv4/ip_forward
author	elijah <elijah@riseup.net>	2013-02-27 23:46:58 -0800
committer	elijah <elijah@riseup.net>	2013-02-27 23:46:58 -0800
commit	ffb88e54c5e4e30fa61ea1009f3eee62f98ab17c (patch)
tree	0d28846e9de15d7580b3b232aac16e2f4e8cb6e4 /puppet/modules/site_openvpn/templates
parent	5f8b63892ec9d08471a43ac642ed8f291d27c4f5 (diff)