From 7787b19f7890ba91a8ac36a8201c4534b252bb86 Mon Sep 17 00:00:00 2001
From: Dominic Bird <dominic@dominicbird.com>
Date: Thu, 9 May 2024 21:19:42 +0100
Subject: [PATCH] - Enable Meshnet routing - Enable Meshnet local network
 access

---
 README.md                  |  2 ++
 rootfs/usr/bin/nord_config | 19 +++++++++++++++++++
 2 files changed, 21 insertions(+)

diff --git a/README.md b/README.md
index b722ad7c6cb..b7a6031a674 100644
--- a/README.md
+++ b/README.md
@@ -201,6 +201,8 @@ services:
 * `CHECK_CONNECTION_INTERVAL`  - Time in seconds to check connection and reconnect if need it. (300 by default) For example '- CHECK_CONNECTION_INTERVAL=600'
 * `CHECK_CONNECTION_URL`  - URL for checking Internet connection. (www.google.com by default) For example '- CHECK_CONNECTION_URL=www.custom.domain'
 * `MESHNET` - Enable or Disable.
+* `ALLOWLOCAL` - Comma delimited list of Meshnet devices you will allow to access this devices local network. For example 'ALLOWLOCAL=vpn-friction5976.nord,vpn-world2962.nord'
+* `ALLOWROUTE` - Comma delimited list of Meshnet devices you will allow to route though this device. For example 'ALLOWROUTE=vpn-friction5976.nord,vpn-world2962.nord'
 
 
 # Issues
diff --git a/rootfs/usr/bin/nord_config b/rootfs/usr/bin/nord_config
index 4e7c9363f28..ef23b889a88 100644
--- a/rootfs/usr/bin/nord_config
+++ b/rootfs/usr/bin/nord_config
@@ -9,6 +9,25 @@ nordvpn set technology ${TECHNOLOGY:-NordLynx}
 [[ -n ${FIREWALL} ]] && nordvpn set firewall ${FIREWALL}
 [[ -n ${MESHNET} ]] && nordvpn set meshnet ${MESHNET}
 
+# Configue local network and routing allow list
+if [[ -n ${MESHNET} ]]; then
+  allowedLocalHosts=${ALLOWROUTE}
+  if [[ -n ${allowedLocalHosts} ]]; then
+    IFS=',' read -ra allowed <<< "$allowedLocalHosts"
+    for host in "${allowed[@]}"; do
+      nordvpn meshnet peer local allow "${host}"
+    done
+  fi
+
+  allowedRoutingHosts=${ALLOWROUTE}
+  if [[ -n ${allowedRoutingHosts} ]]; then
+    IFS=',' read -ra allowed <<< "$allowedRoutingHosts"
+    for host in "${allowed[@]}"; do
+      nordvpn meshnet peer routing allow "${host}"
+    done
+  fi
+fi
+
 #[[ -n ${KILLSWITCH} ]] && nordvpn set killswitch ${KILLSWITCH} Killswitch is enabled by default using iptables
 
 [[ -n ${PROTOCOL} ]] && nordvpn set protocol ${PROTOCOL}