Skip to content

Instantly share code, notes, and snippets.

@callemo
Last active May 23, 2024 10:12
Show Gist options
  • Save callemo/aea83a8d0e1e09bb0d94ab85dc809675 to your computer and use it in GitHub Desktop.
Save callemo/aea83a8d0e1e09bb0d94ab85dc809675 to your computer and use it in GitHub Desktop.
WireGuard for OpenBSD
#!/bin/sh
gw="$(route -n show | awk '$1 == "default" { print $2 }')"
awk -v gw="$gw" '
$1 == "PrivateKey" { key = $3 }
$1 == "Address" {
addr = $3
sub(/,.*/, "", addr)
}
$1 == "DNS" { dns = $3 }
$1 == "PublicKey" { peer = $3 }
$1 == "AllowedIPs" {
aip = $3
sub(/,.*/, "", aip)
}
$1 == "Endpoint" {
endpoint = $3
sub(/:/, " ", endpoint)
}
END {
epip = substr(endpoint, 1, index(endpoint, " ")-1)
ifip = substr(addr, 1, index(addr, "/")-1)
printf("ifconfig wg0 create wgkey %s wgpeer %s wgendpoint %s wgaip %s\n", key, peer, endpoint, aip)
printf("ifconfig wg0 %s\n", addr)
printf("route nameserver wg0 %s\n", dns)
printf("route add %s %s\n", epip, gw)
printf("route change default %s\n", ifip)
printf("curl https://am.i.mullvad.net/connected\n")
printf("trap '\''ifconfig wg0 destroy; route delete %s; route add default %s'\'' EXIT\n", epip, gw)
printf("while read -r ch; do [ \"$ch\" = q ] && break; done </dev/tty\n")
}' "$@" | doas /bin/sh -ex
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment