diff --git a/extras/vpnupgrade_alpine.sh b/extras/vpnupgrade_alpine.sh index 288bc9f..752f9bf 100755 --- a/extras/vpnupgrade_alpine.sh +++ b/extras/vpnupgrade_alpine.sh @@ -111,7 +111,8 @@ Version to install: Libreswan $SWAN_VER Note: This script will make the following changes to your VPN configuration: - Fix obsolete ipsec.conf and/or ikev2.conf options - Optimize VPN ciphers - Your other VPN config files will not be modified. + IKEv2 helper script will be updated to the latest version. Your other + VPN config files will not be modified. EOF @@ -194,6 +195,22 @@ EOF fi } +update_ikev2_script() { + bigecho "Updating IKEv2 script..." + cd /opt/src || exit 1 + ikev2_url="https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/ikev2setup.sh" + ( + set -x + wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" + ) || /bin/rm -f ikev2.sh.new + if [ -s ikev2.sh.new ]; then + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ + && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null + /bin/rm -f ikev2.sh.new + fi +} + update_config() { bigecho "Updating VPN configuration..." IKE_NEW=" ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024" @@ -301,6 +318,7 @@ vpnupgrade() { install_pkgs get_libreswan install_libreswan + update_ikev2_script update_config restart_ipsec show_setup_complete diff --git a/extras/vpnupgrade_amzn.sh b/extras/vpnupgrade_amzn.sh index 98f990e..8872b32 100755 --- a/extras/vpnupgrade_amzn.sh +++ b/extras/vpnupgrade_amzn.sh @@ -94,7 +94,8 @@ Version to install: Libreswan $SWAN_VER Note: This script will make the following changes to your VPN configuration: - Fix obsolete ipsec.conf and/or ikev2.conf options - Optimize VPN ciphers - Your other VPN config files will not be modified. + IKEv2 helper script will be updated to the latest version. Your other + VPN config files will not be modified. EOF @@ -188,6 +189,22 @@ restore_selinux() { restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null } +update_ikev2_script() { + bigecho "Updating IKEv2 script..." + cd /opt/src || exit 1 + ikev2_url="https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/ikev2setup.sh" + ( + set -x + wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" + ) || /bin/rm -f ikev2.sh.new + if [ -s ikev2.sh.new ]; then + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ + && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null + /bin/rm -f ikev2.sh.new + fi +} + update_config() { bigecho "Updating VPN configuration..." IKE_NEW=" ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024" @@ -289,6 +306,7 @@ vpnupgrade() { get_libreswan install_libreswan restore_selinux + update_ikev2_script update_config restart_ipsec show_setup_complete diff --git a/extras/vpnupgrade_centos.sh b/extras/vpnupgrade_centos.sh index 3c733e3..e0974c3 100755 --- a/extras/vpnupgrade_centos.sh +++ b/extras/vpnupgrade_centos.sh @@ -112,7 +112,8 @@ Version to install: Libreswan $SWAN_VER Note: This script will make the following changes to your VPN configuration: - Fix obsolete ipsec.conf and/or ikev2.conf options - Optimize VPN ciphers - Your other VPN config files will not be modified. + IKEv2 helper script will be updated to the latest version. Your other + VPN config files will not be modified. EOF @@ -224,6 +225,22 @@ restore_selinux() { restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null } +update_ikev2_script() { + bigecho "Updating IKEv2 script..." + cd /opt/src || exit 1 + ikev2_url="https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/ikev2setup.sh" + ( + set -x + wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" + ) || /bin/rm -f ikev2.sh.new + if [ -s ikev2.sh.new ]; then + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ + && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null + /bin/rm -f ikev2.sh.new + fi +} + update_config() { bigecho "Updating VPN configuration..." IKE_NEW=" ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024" @@ -327,6 +344,7 @@ vpnupgrade() { get_libreswan install_libreswan restore_selinux + update_ikev2_script update_config restart_ipsec show_setup_complete diff --git a/extras/vpnupgrade_ubuntu.sh b/extras/vpnupgrade_ubuntu.sh index 918e8c3..23bccd9 100755 --- a/extras/vpnupgrade_ubuntu.sh +++ b/extras/vpnupgrade_ubuntu.sh @@ -121,7 +121,8 @@ Version to install: Libreswan $SWAN_VER Note: This script will make the following changes to your VPN configuration: - Fix obsolete ipsec.conf and/or ikev2.conf options - Optimize VPN ciphers - Your other VPN config files will not be modified. + IKEv2 helper script will be updated to the latest version. Your other + VPN config files will not be modified. EOF @@ -225,6 +226,22 @@ EOF fi } +update_ikev2_script() { + bigecho "Updating IKEv2 script..." + cd /opt/src || exit 1 + ikev2_url="https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/extras/ikev2setup.sh" + ( + set -x + wget -t 3 -T 30 -q -O ikev2.sh.new "$ikev2_url" + ) || /bin/rm -f ikev2.sh.new + if [ -s ikev2.sh.new ]; then + [ -s ikev2.sh ] && /bin/cp -f ikev2.sh ikev2.sh.old + /bin/cp -f ikev2.sh.new ikev2.sh && chmod +x ikev2.sh \ + && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null + /bin/rm -f ikev2.sh.new + fi +} + update_config() { bigecho "Updating VPN configuration..." IKE_NEW=" ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024" @@ -333,6 +350,7 @@ vpnupgrade() { install_pkgs get_libreswan install_libreswan + update_ikev2_script update_config restart_ipsec show_setup_complete