#!/bin/bash

set -eux 


apt-get -y --force-yes install openvpn kal-scripts

mkdir -p /etc/openvpn/clients.d /var/lib/openvpn /var/log/openvpn

## XXXvlab: why is that ? and if we use tap ?
#mkdir /dev/net
#mknod -m a+rw /dev/net/tun c 10 200


#
# snat.sh
#
# iptables -t nat -A POSTROUTING -s 10.64.0.0/24 -o eth0 -j SNAT --to-source "$(dig +short A "$(hostname -s)")"
#


cat <<EOF > /etc/openvpn/snat.sh
#!/bin/bash

## example call:
##  <exname> tap0 1500 1574 10.64.0.1 255.255.255.0 init

server_ip="$4"
device="$1"

iptables -t nat -A POSTROUTING -s "$(ifnet "$device")"  \
         -o eth0 -j SNAT --to-source "$(ifip eth0)" 2>&1 | logger -t iptables

EOF

chmod +x /etc/openvpn/snat.sh