From 42c8d288e2774c66a578f25e4141e71c5c76ebf6 Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Fri, 18 Feb 2022 21:42:37 -0600 Subject: [PATCH] Cleanup - Improve backup of VPN config files --- extras/ikev2changeaddr.sh | 4 +++- extras/ikev2onlymode.sh | 5 +++-- extras/vpnupgrade_alpine.sh | 7 ++++--- extras/vpnupgrade_amzn.sh | 7 ++++--- extras/vpnupgrade_centos.sh | 7 ++++--- extras/vpnupgrade_ubuntu.sh | 7 ++++--- 6 files changed, 22 insertions(+), 15 deletions(-) diff --git a/extras/ikev2changeaddr.sh b/extras/ikev2changeaddr.sh index 225b1e3..a9dae9e 100755 --- a/extras/ikev2changeaddr.sh +++ b/extras/ikev2changeaddr.sh @@ -14,6 +14,7 @@ # know how you have improved it! export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +SYS_DT=$(date +%F-%T | tr ':' '_') exiterr() { echo "Error: $1" >&2; exit 1; } bigecho() { echo "## $1"; } @@ -266,7 +267,8 @@ update_ikev2_conf() { echo >> /etc/ipsec.conf echo 'include /etc/ipsec.d/*.conf' >> /etc/ipsec.conf fi - sed -i -e "/^[[:space:]]\+leftcert=/d" \ + sed -i".old-$SYS_DT" \ + -e "/^[[:space:]]\+leftcert=/d" \ -e "/^[[:space:]]\+leftid=/d" /etc/ipsec.d/ikev2.conf if [ "$use_dns_name" = "1" ]; then sed -i "/conn ikev2-cp/a \ leftid=@$server_addr" /etc/ipsec.d/ikev2.conf diff --git a/extras/ikev2onlymode.sh b/extras/ikev2onlymode.sh index 22dcd11..532938c 100755 --- a/extras/ikev2onlymode.sh +++ b/extras/ikev2onlymode.sh @@ -11,6 +11,7 @@ # know how you have improved it! export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +SYS_DT=$(date +%F-%T | tr ':' '_') exiterr() { echo "Error: $1" >&2; exit 1; } bigecho() { echo "## $1"; } @@ -114,11 +115,11 @@ toggle_ikev2_only() { if [ "$ikev2_only_status" = "ENABLED" ]; then confirm_disable_ikev2_only bigecho "Disabling IKEv2-only mode..." - sed -i "/ikev1-policy=/d" /etc/ipsec.conf + sed -i".old-$SYS_DT" "/ikev1-policy=/d" /etc/ipsec.conf elif [ "$ikev2_only_status" = "DISABLED" ]; then confirm_enable_ikev2_only bigecho "Enabling IKEv2-only mode..." - sed -i "/ikev1-policy=/d" /etc/ipsec.conf + sed -i".old-$SYS_DT" "/ikev1-policy=/d" /etc/ipsec.conf sed -i "/config setup/a \ ikev1-policy=drop" /etc/ipsec.conf fi } diff --git a/extras/vpnupgrade_alpine.sh b/extras/vpnupgrade_alpine.sh index 17d4f83..136e1b1 100755 --- a/extras/vpnupgrade_alpine.sh +++ b/extras/vpnupgrade_alpine.sh @@ -20,6 +20,7 @@ SWAN_VER= ### DO NOT edit below this line ### export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +SYS_DT=$(date +%F-%T | tr ':' '_') [ -n "$VPN_UPDATE_SWAN_VER" ] && SWAN_VER="$VPN_UPDATE_SWAN_VER" exiterr() { echo "Error: $1" >&2; exit 1; } @@ -202,7 +203,7 @@ update_ikev2_script() { wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" ) || /bin/rm -f ikev2.sh.new if [ -s ikev2.sh.new ]; then - [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh "ikev2.sh.old-$SYS_DT" /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null /bin/rm -f ikev2.sh.new @@ -227,7 +228,7 @@ update_config() { [ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1 [ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3 - sed -i".old-$(date +%F-%T)" \ + sed -i".old-$SYS_DT" \ -e "s/^[[:space:]]\+auth=/ phase2=/" \ -e "s/^[[:space:]]\+forceencaps=/ encapsulation=/" \ -e "s/^[[:space:]]\+ike-frag=/ fragmentation=/" \ @@ -247,7 +248,7 @@ update_config() { sed -i "/conn shared/a \ ikev2=never" /etc/ipsec.conf if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then - sed -i 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf + sed -i".old-$SYS_DT" 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf fi } diff --git a/extras/vpnupgrade_amzn.sh b/extras/vpnupgrade_amzn.sh index de599ac..4c69995 100755 --- a/extras/vpnupgrade_amzn.sh +++ b/extras/vpnupgrade_amzn.sh @@ -20,6 +20,7 @@ SWAN_VER= ### DO NOT edit below this line ### export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +SYS_DT=$(date +%F-%T | tr ':' '_') [ -n "$VPN_UPDATE_SWAN_VER" ] && SWAN_VER="$VPN_UPDATE_SWAN_VER" exiterr() { echo "Error: $1" >&2; exit 1; } @@ -197,7 +198,7 @@ update_ikev2_script() { wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" ) || /bin/rm -f ikev2.sh.new if [ -s ikev2.sh.new ]; then - [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh "ikev2.sh.old-$SYS_DT" /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null /bin/rm -f ikev2.sh.new @@ -216,7 +217,7 @@ update_config() { [ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1 [ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3 - sed -i".old-$(date +%F-%T)" \ + sed -i".old-$SYS_DT" \ -e "s/^[[:space:]]\+auth=/ phase2=/" \ -e "s/^[[:space:]]\+forceencaps=/ encapsulation=/" \ -e "s/^[[:space:]]\+ike-frag=/ fragmentation=/" \ @@ -236,7 +237,7 @@ update_config() { sed -i "/conn shared/a \ ikev2=never" /etc/ipsec.conf if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then - sed -i 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf + sed -i".old-$SYS_DT" 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf fi } diff --git a/extras/vpnupgrade_centos.sh b/extras/vpnupgrade_centos.sh index bf7f007..851a48b 100755 --- a/extras/vpnupgrade_centos.sh +++ b/extras/vpnupgrade_centos.sh @@ -20,6 +20,7 @@ SWAN_VER= ### DO NOT edit below this line ### export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +SYS_DT=$(date +%F-%T | tr ':' '_') [ -n "$VPN_UPDATE_SWAN_VER" ] && SWAN_VER="$VPN_UPDATE_SWAN_VER" exiterr() { echo "Error: $1" >&2; exit 1; } @@ -233,7 +234,7 @@ update_ikev2_script() { wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" ) || /bin/rm -f ikev2.sh.new if [ -s ikev2.sh.new ]; then - [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh "ikev2.sh.old-$SYS_DT" /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null /bin/rm -f ikev2.sh.new @@ -252,7 +253,7 @@ update_config() { [ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1 [ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3 - sed -i".old-$(date +%F-%T)" \ + sed -i".old-$SYS_DT" \ -e "s/^[[:space:]]\+auth=/ phase2=/" \ -e "s/^[[:space:]]\+forceencaps=/ encapsulation=/" \ -e "s/^[[:space:]]\+ike-frag=/ fragmentation=/" \ @@ -272,7 +273,7 @@ update_config() { sed -i "/conn shared/a \ ikev2=never" /etc/ipsec.conf if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then - sed -i 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf + sed -i".old-$SYS_DT" 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf fi } diff --git a/extras/vpnupgrade_ubuntu.sh b/extras/vpnupgrade_ubuntu.sh index 4472da4..78d2efb 100755 --- a/extras/vpnupgrade_ubuntu.sh +++ b/extras/vpnupgrade_ubuntu.sh @@ -20,6 +20,7 @@ SWAN_VER= ### DO NOT edit below this line ### export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +SYS_DT=$(date +%F-%T | tr ':' '_') [ -n "$VPN_UPDATE_SWAN_VER" ] && SWAN_VER="$VPN_UPDATE_SWAN_VER" exiterr() { echo "Error: $1" >&2; exit 1; } @@ -234,7 +235,7 @@ update_ikev2_script() { wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" ) || /bin/rm -f ikev2.sh.new if [ -s ikev2.sh.new ]; then - [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh "ikev2.sh.old-$SYS_DT" /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null /bin/rm -f ikev2.sh.new @@ -259,7 +260,7 @@ update_config() { [ -n "$DNS_SRV1" ] && [ -n "$DNS_SRV2" ] && dns_state=1 [ "$(grep -c "modecfgdns1=" /etc/ipsec.conf)" -gt "1" ] && dns_state=3 - sed -i".old-$(date +%F-%T)" \ + sed -i".old-$SYS_DT" \ -e "s/^[[:space:]]\+auth=/ phase2=/" \ -e "s/^[[:space:]]\+forceencaps=/ encapsulation=/" \ -e "s/^[[:space:]]\+ike-frag=/ fragmentation=/" \ @@ -279,7 +280,7 @@ update_config() { sed -i "/conn shared/a \ ikev2=never" /etc/ipsec.conf if grep -qs ike-frag /etc/ipsec.d/ikev2.conf; then - sed -i 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf + sed -i".old-$SYS_DT" 's/^[[:space:]]\+ike-frag=/ fragmentation=/' /etc/ipsec.d/ikev2.conf fi }