/mandos/release

#!/bin/sh

#

# This is an example of a Mandos client network hook.  This hook

# brings up an OpenVPN interface as specified in a separate

# configuration file.  To be used, this file and any needed

# configuration file(s) should be copied into the

# /etc/mandos/network-hooks.d directory.

# 

# Copyright © 2012 Teddy Hogeborn

# Copyright © 2012 Björn Påhlsson

# 

# Copying and distribution of this file, with or without modification,

# are permitted in any medium without royalty provided the copyright

# notice and this notice are preserved.  This file is offered as-is,

# without any warranty.

set -e

CONFIG="openvpn.conf"

# Extract the "dev" setting from the config file

VPNDEVICE=`sed -n -e 's/[[:space:]]#.*//' \

    -e 's/^[[:space:]]*dev[[:space:]]\+//p' \

    "$MANDOSNETHOOKDIR/$CONFIG"`

PIDFILE=/run/openvpn-mandos.pid

# Exit if no device set in config

if [ -z "$VPNDEVICE" ]; then

    exit

fi

# Exit if DEVICE is set and it doesn't match the VPN interface

if [ -n "$DEVICE" ]; then

    case "$DEVICE" in

	*,"$VPNDEVICE"*|"$VPNDEVICE"*) :;;

	*) exit;;

    esac

fi

openvpn=/usr/sbin/openvpn

do_start(){

    "$openvpn" --cd "$MANDOSNETHOOKDIR" --daemon 'openvpn(Mandos)' \

	--writepid "$PIDFILE" --config "$CONFIG"

     sleep "$DELAY"

}

do_stop(){

    PID="`cat \"$PIDFILE\"`"

    if [ "$PID" -gt 0 ]; then

	kill "$PID"

    fi

}

case "${MODE:-$1}" in

    start|stop)

	do_"${MODE:-$1}"

	;;

    files)

	echo "$openvpn"

	;;

    modules)

	echo tun

	;;

esac