Bernhard.Linz/openvpn-install
1
0
Fork 0
mirror of https://github.com/angristan/openvpn-install.git synced 2025-03-13 22:23:14 +01:00
Code Issues Projects Releases Wiki Activity

increase sysctl conf file to 99- prefix

Browse Source 
Prevents GCP cloud platform's default security policy for instances, which uses prefix 60-, from overriding ip_forward. Also future-proofs against any other such default policy.
This commit is contained in:
Dave Eargle 2020-10-20 13:31:15 -06:00 committed by GitHub
parent 197b7b9fb5
commit 0824ca2b14
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openvpn-install.sh
View File

@ -891,9 +891,9 @@ verb 3" >>/etc/openvpn/server.conf
mkdir -p /var/log/openvpn mkdir -p /var/log/openvpn
# Enable routing # Enable routing
echo 'net.ipv4.ip_forward=1' >/etc/sysctl.d/20-openvpn.conf echo 'net.ipv4.ip_forward=1' >/etc/sysctl.d/99-openvpn.conf
if [[ $IPV6_SUPPORT == 'y' ]]; then if [[ $IPV6_SUPPORT == 'y' ]]; then
echo 'net.ipv6.conf.all.forwarding=1' >>/etc/sysctl.d/20-openvpn.conf echo 'net.ipv6.conf.all.forwarding=1' >>/etc/sysctl.d/99-openvpn.conf
fi fi
# Apply sysctl rules # Apply sysctl rules
sysctl --system sysctl --system
@ -1266,7 +1266,7 @@ function removeOpenVPN() {
find /root/ -maxdepth 1 -name "*.ovpn" -delete find /root/ -maxdepth 1 -name "*.ovpn" -delete
rm -rf /etc/openvpn rm -rf /etc/openvpn
rm -rf /usr/share/doc/openvpn* rm -rf /usr/share/doc/openvpn*
rm -f /etc/sysctl.d/20-openvpn.conf rm -f /etc/sysctl.d/99-openvpn.conf
rm -rf /var/log/openvpn rm -rf /var/log/openvpn
# Unbound # Unbound