function BuildClientRoute($id){
sleep(5);
$unix=new unix();
$main_path="/etc/artica-postfix/openvpn/clients";
$ip_tool=$unix->find_program("ip");
$bridge=OpenVPNCLientIsOnTap($id);
if(!$bridge){
$dev=OpenVPNCLientStartGetDev($id);
}else{
$dev=OpenVPNCLientStartGetTAPDev($id);
}
echo "Starting......: OpenVPN client $id, DEV:$dev\n";
exec("$ip_tool route",$results);
if($bridge){
echo "Starting......: OpenVPN Tap $dev, cleaning bad route\n";
while (list ($num, $ligne) = each ($results) ){
if(preg_match("#^([0-9\.]+)\/([0-9]+)\s+via\s+[0-9\.]+\s+dev\s+$dev#",$ligne,$re)){
echo "Starting......: OpenVPN Tap {$re[0]} must be cleaned\n";
system("$ip_tool route del {$re[0]}");
}
}
}
echo "Starting......: OpenVPN dev:$dev, finding correct route\n";
reset($results);
while (list ($num, $ligne) = each ($results) ){
if(preg_match("#^([0-9\.]+)\/([0-9]+)\s+dev\s+$dev\s+proto\s+kernel\s+scope\s+link\s+src\s+([0-9\.]+)#",$ligne,$re)){
$IP_TO_ROUTE=$re[3];
echo "Starting......: OpenVPN others routes match $dev $IP_TO_ROUTE\n";
break;
}
}
$routes=OpenVpnClientGetRoutes("$main_path/$id");
$localnets=getLocalNets();
//print_r($routes);
//print_r($localnets);
if(count($routes)==0){echo "Starting......: OpenVPN no routes to add\n";return;}
while (list ($ip_start, $netmask) = each ($routes) ){
if($localnets[$ip_start]<>null){
echo "Starting......: OpenVPN skipping route $ip_start\n";
continue;
}
if(!preg_match("#[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+#",$ip_start)){
echo "Starting......: OpenVPN skipping route $ip_start/$netmask\n";
continue;
}
if(!preg_match("#[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+#",$netmask)){
echo "Starting......: OpenVPN skipping route $ip_start/$netmask\n";
continue;
}
echo "Starting......: OpenVPN adding route $ip_start/$netmask\n";
$cmd="$ip_tool route add $ip_start/$netmask dev $dev proto kernel scope link src $IP_TO_ROUTE >/dev/null 2>&1";
if($GLOBALS["VERBOSE"]){echo __FUNCTION__." $cmd\n";}
shell_exec2($cmd);
}
}
function BuildClientRoute($id)
{
sleep(5);
$unix = new unix();
$main_path = "/etc/artica-postfix/openvpn/clients";
$ip_tool = $unix->find_program("ip");
$bridge = OpenVPNCLientIsOnTap($id);
if (!$bridge) {
$dev = OpenVPNCLientStartGetDev($id);
} else {
$dev = OpenVPNCLientStartGetTAPDev($id);
}
echo "Starting......: " . date("H:i:s") . " OpenVPN client {$id}, DEV:{$dev}\n";
exec("{$ip_tool} route", $results);
if ($bridge) {
echo "Starting......: " . date("H:i:s") . " OpenVPN Tap {$dev}, cleaning bad route\n";
while (list($num, $ligne) = each($results)) {
if (preg_match("#^([0-9\\.]+)\\/([0-9]+)\\s+via\\s+[0-9\\.]+\\s+dev\\s+{$dev}#", $ligne, $re)) {
echo "Starting......: " . date("H:i:s") . " OpenVPN Tap {$re[0]} must be cleaned\n";
system("{$ip_tool} route del {$re[0]}");
}
}
}
echo "Starting......: " . date("H:i:s") . " OpenVPN dev:{$dev}, finding correct route\n";
reset($results);
while (list($num, $ligne) = each($results)) {
if (preg_match("#^([0-9\\.]+)\\/([0-9]+)\\s+dev\\s+{$dev}\\s+proto\\s+kernel\\s+scope\\s+link\\s+src\\s+([0-9\\.]+)#", $ligne, $re)) {
$IP_TO_ROUTE = $re[3];
echo "Starting......: " . date("H:i:s") . " OpenVPN others routes match {$dev} {$IP_TO_ROUTE}\n";
break;
}
}
$routes = OpenVpnClientGetRoutes("{$main_path}/{$id}");
$localnets = getLocalNets();
//print_r($routes);
//print_r($localnets);
if (count($routes) == 0) {
echo "Starting......: " . date("H:i:s") . " OpenVPN no routes to add\n";
return;
}
while (list($ip_start, $netmask) = each($routes)) {
if ($localnets[$ip_start] != null) {
echo "Starting......: " . date("H:i:s") . " OpenVPN skipping route {$ip_start}\n";
continue;
}
if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $ip_start)) {
echo "Starting......: " . date("H:i:s") . " OpenVPN skipping route {$ip_start}/{$netmask}\n";
continue;
}
if (!preg_match("#[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+#", $netmask)) {
echo "Starting......: " . date("H:i:s") . " OpenVPN skipping route {$ip_start}/{$netmask}\n";
continue;
}
echo "Starting......: " . date("H:i:s") . " OpenVPN adding route {$ip_start}/{$netmask}\n";
$cmd = "{$ip_tool} route add {$ip_start}/{$netmask} dev {$dev} proto kernel scope link src {$IP_TO_ROUTE} >/dev/null 2>&1";
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . " {$cmd}\n";
}
shell_exec2($cmd);
}
}
