More logic and love...

README.md

@@ -1,2 +1,2 @@
 # xiringuito
-Bash SSH VPN wrapper
+Obscene SSH VPN wrapper

scripts/client-route.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+#
+# Add client route [after setting up client]
+#
+set -e
+
+if [[ ${#} -ne 2 ]]; then
+  echo "Usage: ${0} TUNNEL_ID NETWORK"
+  exit 1
+fi
+
+sudo ip route add ${2} dev tun${1}

scripts/client-setup.sh

@@ -4,28 +4,21 @@
 #
 set -e
 
-if [[ ${#} -lt 2 ]]; then
+if [[ ${#} -ne 2 ]]; then
-  echo "Usage: ${0} TUNNEL_ID IP_BASE [NETWORK1 NETWORK2 ... NETWORKx]"
+  echo "Usage: ${0} TUNNEL_ID IP_BASE"
   exit 1
 fi
 
 declare -r TUNNEL_ID=${1}
 declare -r IP_BASE=${2}
-shift 2
-declare -r NETWORKS=${@}
 
 declare -r NETWORK_DEVICE=tun${TUNNEL_ID}
 let CLIENT_LAST_IP_ADDR_OCTET="4*(${TUNNEL_ID}-1)+1"
 declare -r CLIENT_IP_ADDR=${IP_BASE}.${CLIENT_LAST_IP_ADDR_OCTET}
 
-if [[ ! $(ip link | grep " ${NETWORK_DEVICE}: ") ]]; then
+if [[ ! $(sudo ip link | grep " ${NETWORK_DEVICE}: ") ]]; then
   sudo modprobe tun
   sudo ip tuntap add mode tun user ${USER} ${NETWORK_DEVICE}
   sudo ip link set ${NETWORK_DEVICE} up
   sudo ip addr add ${CLIENT_IP_ADDR}/30 dev ${NETWORK_DEVICE}
 fi
-
-for NETWORK in ${NETWORKS}; do
-  echo "> ${NETWORK}"
-  sudo ip route add ${NETWORK} dev ${NETWORK_DEVICE}
-done

scripts/server-execute.sh

@@ -24,6 +24,7 @@ function teardown() {
   sudo ip tuntap del mode tun ${NETWORK_DEVICE}
 }
 
+echo "CONNECTED"
 while true; do
   sleep 60000 # do nothing until interrupted ;)
 done

scripts/server-setup.sh

@@ -19,15 +19,15 @@ declare -r CLIENT_IP_ADDR=${IP_BASE}.${CLIENT_LAST_IP_ADDR_OCTET}
 declare -r SERVER_IP_ADDR=${IP_BASE}.${SERVER_LAST_IP_ADDR_OCTET}
 
 declare -r SSHD_CONFIG_FILE=/etc/ssh/sshd_config
-declare -r SSHD_RESTART_CMD="reload ssh"
+declare -r SSHD_RESTART_CMD="/etc/init.d/sshd reload"
 
 # Ensure previous tunnels with the same ID are not running
 set +e
-pkill -f xiringuito-server-execute.${TUNNEL_ID}.sh
+pkill -f ${TUNNEL_ID}/server-execute.sh
 set -e
 
 # Set up network device
-if [[ ! $(ip link | grep " ${NETWORK_DEVICE}: ") ]]; then
+if [[ ! $(sudo ip link | grep " ${NETWORK_DEVICE}: ") ]]; then
   sudo modprobe tun
   sudo ip tuntap add mode tun user ${USER} ${NETWORK_DEVICE}
   sudo ip link set ${NETWORK_DEVICE} up

xiringuito

@@ -23,6 +23,9 @@ if [[ ! -f ${TUNNEL_ID_FILE} ]]; then
 fi
 
 declare -r TUNNEL_ID=$(cat ${TUNNEL_ID_FILE})
+declare -r REMOTE_PATH="/tmp/xiringuito.${TUNNEL_ID}"
+
+declare -r SSH_OPTS="-oLogLevel=QUIET -oConnectTimeout=10"
 
 cd $(dirname ${0})
 
@@ -31,15 +34,20 @@ trap teardown EXIT
 function teardown() {
   echo "Tearing down tunnel..."
   ./scripts/client-teardown.sh ${TUNNEL_ID}
-  echo "Ensuring remote process is stopped."
+  ssh ${SSH_OPTS} ${SSH_SERVER} pkill -f ${REMOTE_PATH}/server-execute.sh
-  ssh -oLogLevel=QUIET ${SSH_SERVER} pkill -f xiringuito-server-execute.${TUNNEL_ID}.sh
 }
 
-./scripts/client-setup.sh ${TUNNEL_ID} ${IP_BASE} ${NETWORKS}
+echo "TUNNEL ID: ${TUNNEL_ID}"
+./scripts/client-setup.sh ${TUNNEL_ID} ${IP_BASE}
 
-scp -oLogLevel=QUIET ./scripts/server-setup.sh ${SSH_SERVER}:/tmp/xiringuito-server-setup.${TUNNEL_ID}.sh >/dev/null
+for NETWORK in ${NETWORKS}; do
-scp -oLogLevel=QUIET ./scripts/server-execute.sh ${SSH_SERVER}:/tmp/xiringuito-server-execute.${TUNNEL_ID}.sh >/dev/null
+   echo "> ROUTE: ${NETWORK}"
+  ./scripts/client-route.sh ${TUNNEL_ID} ${NETWORK}
+done
 
-ssh -oLogLevel=QUIET ${SSH_SERVER} /tmp/xiringuito-server-setup.${TUNNEL_ID}.sh ${TUNNEL_ID} ${IP_BASE}
+ssh ${SSH_OPTS} ${SSH_SERVER} mkdir -p ${REMOTE_PATH}
-sleep 1
+scp -oLogLevel=QUIET ./scripts/server-*.sh ${SSH_SERVER}:${REMOTE_PATH} >/dev/null
-ssh -oLogLevel=QUIET -w ${TUNNEL_ID}:${TUNNEL_ID} ${SSH_SERVER} /tmp/xiringuito-server-execute.${TUNNEL_ID}.sh ${TUNNEL_ID} ${IP_BASE}
+
+ssh ${SSH_OPTS} ${SSH_SERVER} ${REMOTE_PATH}/server-setup.sh ${TUNNEL_ID} ${IP_BASE}
+sleep 1; echo -n "SERVER: ${SSH_SERVER} ... "
+ssh ${SSH_OPTS} -w ${TUNNEL_ID}:${TUNNEL_ID} ${SSH_SERVER} ${REMOTE_PATH}/server-execute.sh ${TUNNEL_ID} ${IP_BASE}