norn/parahub-mesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(vpn): Wait for WiFi interface before adding guest route to table 100

Browse Source 
Guest WiFi interface (phy0-ap0) may not be up when init script runs at
boot. Move guest route addition to a background retry loop (up to 60s).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Parahub AI
2026-02-09 17:21:38 +00:00
parent 3771521d59
commit 29070e95ef
1 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
files/etc/init.d/parahub-vpn-tunnel
View File

@@ -42,20 +42,28 @@ start() {
# Default route through GRE (table 100 — used by guest policy routing)
ip route add default via "$GRE_GATEWAY" table 100
# Guest subnet direct route in table 100
# Guest subnet direct route in table 100 (background — WiFi may not be up yet)
# Without this, router's own replies (source IP in guest subnet) go through
# GRE instead of back to the guest client (ip rule matches source-based)
local guest_subnet
guest_subnet=$(awk -F= '/GUEST_SUBNET/{print $2}' /etc/parahub/keys 2>/dev/null)
if [ -n "$guest_subnet" ]; then
local guest_dev
guest_dev=$(ip route | grep "^${guest_subnet} " | awk '{print $3}')
if [ -n "$guest_dev" ]; then
ip route add "$guest_subnet" dev "$guest_dev" table 100
logger -t parahub-vpn "Guest route: $guest_subnet via $guest_dev in table 100"
else
logger -t parahub-vpn "Warning: guest device not found for $guest_subnet"
fi
# WiFi interfaces take time to come up at boot — retry in background
(
local guest_dev="" ga=0
while [ $ga -lt 30 ]; do
guest_dev=$(ip route | grep "^${guest_subnet} " | awk '{print $3}')
[ -n "$guest_dev" ] && break
ga=$((ga + 1))
sleep 2
done
if [ -n "$guest_dev" ]; then
ip route add "$guest_subnet" dev "$guest_dev" table 100 2>/dev/null
logger -t parahub-vpn "Guest route: $guest_subnet via $guest_dev in table 100"
else
logger -t parahub-vpn "Warning: guest device not found for $guest_subnet after 60s"
fi
) &
fi
# Reload firewall so vpn_tunnel zone picks up gre6-vpn device