1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone know the Variable name for tunnel Gateway IP, "P-t-P"?

Discussion in 'Tomato Firmware' started by ladra, Apr 19, 2014.

  1. ladra

    ladra Network Newbie Member

    tun11 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
    inet addr: P-t-P: Mask:
    RX packets:5272 errors:0 dropped:0 overruns:0 frame:0
    TX packets:6073 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:100
    RX bytes:3019596 (2.8 MiB) TX bytes:988752 (965.5 KiB)


    In the above example "tun11" was created by the OPENvpn client on N66u. It received the "inet addr" IP of and Gateway "P-t-P" address of from the OPENvpn server running on another N66u.

    I would like to know the variable name for the "P-t-P" gateway address, in the above example

    I would like to use this variable to add and delete some routes AFTER the VPN connection is established. Where would be the best place to put the script?

    Thank you in advance for your time and help.
  2. koitsu

    koitsu Network Guru Member

    There is very likely no such variable name (assuming you're talking about NVRAM variables). Your script will need to do the necessary work to pull this information out from ifconfig using something like this:

    ptpaddr="$(/sbin/ifconfig tun11 | /usr/bin/awk '/P-t-P:/ { print $3 }' | /usr/bin/cut -d':' -f2)"
    If the interface name/number changes (ex. tun11, tun9, tun23), then your script will need to deal with that as well, which I imagine will be a pain if you have more than one tun interface. Otherwise if all you have is one, and ONLY one, then you should be able to use /sbin/ifconfig | grep -A 1 '^tun' | /usr/bin/awk ... {rest is identical to the above}
    ladra likes this.
  3. ladra

    ladra Network Newbie Member

    Koitsu, thank you for the information, I think that's exactly what I needed. I'm sure you're right in that there is no nvram variable for that address, I didn't think about getting that info from ifconfig. I'll try it out and report back.

    BTW, where should I put this script? I guess in "WAN Up"?

    Thanks again.
  4. maddie

    maddie Reformed Router Member


    Put the commands into a shell script (i.e. custom.sh), and add these to your OpenVPN custom configuration:

    script-security 3 system
    route-up "/path/to/script/custom.sh"
    OpenVPN will execute the script after establishing the connection.

    Also instead of using the P-t-P address to manipulate routes, you can also use device name:

    route add -net dev tun11
    ladra likes this.
  5. koitsu

    koitsu Network Guru Member

    The method @maddie describes is definitely best, particularly since it allows OpenVPN to run things upon tunnel establishment.

    You might be wondering where to put the script in question, especially if your router doesn't have a USB stick for external storage, etc.. You can use RAM, i.e. /tmp, and simply create the script used by OpenVPN every time the router boots by placing something like this in Administration / Scripts / Init (it's important this go into Init and not somewhere else):

    cat > /tmp/openvpn-up.sh << 'EOF'
    echo "OpenVPN device: $dev"
    echo "OpenVPN link MTU: $link_mtu"
    chmod 755 /tmp/openvpn-up.sh
    It's important you use the heredoc method I describe, most importantly the 'EOF' (the use of apostrophes here are very important, not just the word EOF): this ensures things like `ls` or variables don't get expanded by the shell that's running cat/etc., i.e. `ls` goes directly into the script verbatim and not "the output of the ls command run at the time the script is being written". The chmod is equally as important.

    You might be wondering where the magical $dev and $link_mtu variables come from: OpenVPN exports/sets a series of environment variables for use by route-up and route-down scripts. They're documented in the man page, search for the phrase "Environment Variables". This should make your life a lot easier.
  6. ladra

    ladra Network Newbie Member


    Thank you , thank you, thank you for the shell script idea, it worked like a charm. Albeit, I couldn't get it to work at first because I was missing the shebang (#!/bin/sh) in my script! Yeah, I'm not the best in Linux or scripts... ha ha

    FYI, there was a problem with the route command using the device name only. If I use the device name only to add the route, the route will not have the gateway ip and won't be flagged as a gateway.

    route add -net dev tun11
    will result in
    Code:   U         0 0          0 tun11
    I used the following command:

    route add -net gw $gwtun11 dev tun11
    which got me exactly what I wanted:

    Code:   UG        0 0          0 tun11

    Of course to get the gateway ip(gwtun11) I used koitsu's command,

    gwtun11="$(/sbin/ifconfig tun11 | /usr/bin/awk '/P-t-P:/ { print $3 }' | /usr/bin/cut -d':' -f2)"
    Thank you so much again maddie!
  7. ladra

    ladra Network Newbie Member


    Thank you for all your help, your command to grab the gateway IP was exactly what I needed, and without it I couldn't have done this. I used the internal microSDcard slot on my N66u so I was able to save the script on the sdcard. However, your idea of creating a script from scratch every time you boot up might come in handy in the future!

    Thanks again koitsu, really appreciate your help!
  8. maddie

    maddie Reformed Router Member

    You're welcome :)
  9. maddie

    maddie Reformed Router Member

    EDIT: Double post due to crappy network
  10. ladra

    ladra Network Newbie Member

    Hello Maddie and Koitsu,

    Sorry to bother you guys again but I need your assistance once again. I replaced my old N66u with a new N66u because it was having some issues, I think heat related. However, with my new N66u the script that has been working perfectly for months will not work, the script from above posts. I have checked and double checked all settings, permissions, syntax but I'm not able to get the script running when the tunnel is established like before...

    The VPN connection is made without any issues, it's just the script that doesn't run once the tunnel is up and running. The only difference is that the old N66u was running shibby 116 and the new N66u is running version 120. I think openVPN was upgraded from 2.3.2 to 2.3.4, and I'm not sure if that has anything to do with it. Maybe the "route-up" command was changed? I tried to find out if there were some new commands but I couldn't find anything on openVPN forum and site.

    Does anyone have an ideas as to why a working script will not run on the new N66u? Thank you in advance for your help.
  11. ladra

    ladra Network Newbie Member


    I'm an idiot. There were some empty lines in the script, I just had to remove the empty lines and it worked like a charm...

Share This Page