beenull/raspap-webgui-mirror
1
0
Fork 0
mirror of https://github.com/RaspAP/raspap-webgui.git synced 2024-09-19 11:21:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add defaults for wg server PostUp/Down

Browse source
This commit is contained in:
billz 2021-03-05 08:32:00 +00:00
parent 18729edd1e
commit 333d447c6b
2 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
config/defaults.json
View file

@ -38,10 +38,12 @@
"server": {
"Address": [ "10.253.3.1/24" ],
"ListenPort": [ "51820" ],
"DNS": [ "10.3.141.1" ]
"DNS": [ "10.3.141.1" ],
"PostUp": [ "iptables -A FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -A FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE" ],
"PostDown": [ "iptables -D FORWARD -i wlan0 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE" ]
},
"peer": {
"Endpoint": [ "10.253.3.1:51820" ],
"Endpoint": [ "10.253.3.1" ],
"AllowedIPs": ["0.0.0.0/0"],
"PersistentKeepalive": [ "15" ]
}

10
includes/wireguard.php
View file

@ -87,12 +87,12 @@ function SaveWireGuardConfig($status)
}
}
if (isset($_POST['wg_pendpoint']) && strlen(trim($_POST['wg_pendpoint']) >0 )) {
if (!validateCidr($_POST['wg_pendpoint'])) {
if (!filter_var($_POST['wg_pendpoint'],FILTER_VALIDATE_IP)) {
$status->addMessage('Invalid value for endpoint address', 'danger');
$good_input = false;
}
}
if (isset($_POST['wg_pallowedips'])) {
if (isset($_POST['wg_pallowedips']) && strlen(trim($_POST['wg_pallowedips']) >0)) {
if (!validateCidr($_POST['wg_pallowedips'])) {
$status->addMessage('Invalid value for allowed IPs', 'danger');
$good_input = false;
@ -115,13 +115,13 @@ function SaveWireGuardConfig($status)
$config[] = 'Address = '.$_POST['wg_srvipaddress'];
$config[] = 'ListenPort = '.$_POST['wg_srvport'];
$config[] = 'PrivateKey = '.$wg_srvprivkey;
$config[] = 'PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE';
$config[] = 'PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o wlan0 -j MASQUERADE';
$config[] = 'PostUp = '.getDefaultNetValue('wireguard','server','PostUp');
$config[] = 'PostDown = '.getDefaultNetValue('wireguard','server','PostDown');
$config[] = '';
$config[] = '[Peer]';
$config[] = 'PublicKey = '.$_POST['wg-peer'];
if ($_POST['wg_pendpoint'] !== '') {
$config[] = 'Endpoint = '.trim($_POST['wg_pendpoint']);
$config[] = 'Endpoint = '.trim($_POST['wg_pendpoint']).':'.$_POST['wg_srvport'];
}
$config[] = 'AllowedIPs = '.$_POST['wg_pallowedips'];
if ($_POST['wg_pkeepalive'] !== '') {