improve shutdown characteristics

init.sh

@@ -8,9 +8,9 @@ PHY_IF=${WG_HOST_INTERFACE:-$(ip route | awk '/default/ { print $5 }')}
 ADDRESS=${WG_ADDRESS:-10.200.200.1/24}
 
 function shutdown() {
+ wg showconf $WG_IF > /etc/wireguard/$WG_IF.conf
  ip link del dev $WG_IF
  setup_iptables "D"
- wg showconf $WG_IF > /etc/wireguard/$WG_IF.conf
  killall sleep
 }
 
@@ -19,7 +19,10 @@ function setup_iptables() {
   iptables -t nat -$1 OUTPUT -p udp --dport 53 -j DNAT --to $WG_REDIRECT_DNS
   iptables -t nat -$1 OUTPUT -p tcp --dport 53 -j DNAT --to $WG_REDIRECT_DNS
  fi 
- iptables -$1 FORWARD -i $WG_IF -j ACCEPT; iptables -D FORWARD -i $WG_IF -o $PHY_IF -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -D FORWARD -i $PHY_IF -o $WG_IF -m state --state RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -D POSTROUTING -s $ADDRESS -o $PHY_IF -j MASQUERADE;
+ iptables -$1 FORWARD -i $WG_IF -j ACCEPT
+ iptables -$1 FORWARD -i $WG_IF -o $PHY_IF -m state --state RELATED,ESTABLISHED -j ACCEPT
+ iptables -$1 FORWARD -i $PHY_IF -o $WG_IF -m state --state RELATED,ESTABLISHED -j ACCEPT
+ iptables -t nat -$1 POSTROUTING -s $ADDRESS -o $PHY_IF -j MASQUERADE;
 }
 
 /usr/bin/wireguard-go $WG_IF
@@ -33,10 +36,14 @@ else
  wg setconf $WG_IF /etc/wireguard/$WG_IF.conf
 fi
 
-trap shutdown EXIT
+trap shutdown EXIT SIGTERM SIGTERM
 
 ip link set up dev $WG_IF
 ip address add $ADDRESS dev $WG_IF
 setup_iptables "A"
 
-sleep 100000000
+while [ -e "/sys/class/net/$WG_IF/operstate" ]; do
+ sleep 10
+done
+
+shutdown