Improve VPN setup
- Refactor VPN scripts to move IKEv2 setup inside vpnsetup_*.sh
This commit is contained in:
parent
454c89d2b5
commit
6f4080bab4
@ -266,23 +266,14 @@ run_setup() {
|
|||||||
if tmpdir=$(mktemp --tmpdir -d vpn.XXXXX 2>/dev/null); then
|
if tmpdir=$(mktemp --tmpdir -d vpn.XXXXX 2>/dev/null); then
|
||||||
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url" \
|
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url" \
|
||||||
|| curl -fsL "$setup_url" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
|| curl -fsL "$setup_url" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
||||||
if VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
|
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
|
||||||
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
||||||
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
||||||
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
||||||
/bin/bash "$tmpdir/vpn.sh"; then
|
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_CLIENT_NAME="$VPN_CLIENT_NAME" \
|
||||||
if [ -s /opt/src/ikev2.sh ] && [ ! -f /etc/ipsec.d/ikev2.conf ]; then
|
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
||||||
sleep 1
|
/bin/bash "$tmpdir/vpn.sh" || status=1
|
||||||
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_PUBLIC_IP="$VPN_PUBLIC_IP" \
|
|
||||||
VPN_CLIENT_NAME="$VPN_CLIENT_NAME" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
|
||||||
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
|
||||||
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
|
||||||
/bin/bash /opt/src/ikev2.sh --auto || status=1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
status=1
|
|
||||||
fi
|
|
||||||
else
|
else
|
||||||
status=1
|
status=1
|
||||||
echo "Error: Could not download VPN setup script." >&2
|
echo "Error: Could not download VPN setup script." >&2
|
||||||
|
25
vpnsetup.sh
25
vpnsetup.sh
@ -266,23 +266,14 @@ run_setup() {
|
|||||||
if tmpdir=$(mktemp --tmpdir -d vpn.XXXXX 2>/dev/null); then
|
if tmpdir=$(mktemp --tmpdir -d vpn.XXXXX 2>/dev/null); then
|
||||||
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url" \
|
if ( set -x; wget -t 3 -T 30 -q -O "$tmpdir/vpn.sh" "$setup_url" \
|
||||||
|| curl -fsL "$setup_url" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
|| curl -fsL "$setup_url" -o "$tmpdir/vpn.sh" 2>/dev/null ); then
|
||||||
if VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
|
VPN_IPSEC_PSK="$VPN_IPSEC_PSK" VPN_USER="$VPN_USER" VPN_PASSWORD="$VPN_PASSWORD" \
|
||||||
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
VPN_PUBLIC_IP="$VPN_PUBLIC_IP" VPN_L2TP_NET="$VPN_L2TP_NET" \
|
||||||
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
VPN_L2TP_LOCAL="$VPN_L2TP_LOCAL" VPN_L2TP_POOL="$VPN_L2TP_POOL" \
|
||||||
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
VPN_XAUTH_NET="$VPN_XAUTH_NET" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
||||||
/bin/bash "$tmpdir/vpn.sh"; then
|
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_CLIENT_NAME="$VPN_CLIENT_NAME" \
|
||||||
if [ -s /opt/src/ikev2.sh ] && [ ! -f /etc/ipsec.d/ikev2.conf ]; then
|
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
||||||
sleep 1
|
/bin/bash "$tmpdir/vpn.sh" || status=1
|
||||||
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_PUBLIC_IP="$VPN_PUBLIC_IP" \
|
|
||||||
VPN_CLIENT_NAME="$VPN_CLIENT_NAME" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
|
||||||
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
|
||||||
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
|
||||||
/bin/bash /opt/src/ikev2.sh --auto || status=1
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
status=1
|
|
||||||
fi
|
|
||||||
else
|
else
|
||||||
status=1
|
status=1
|
||||||
echo "Error: Could not download VPN setup script." >&2
|
echo "Error: Could not download VPN setup script." >&2
|
||||||
|
@ -46,6 +46,11 @@ check_ip() {
|
|||||||
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_dns_name() {
|
||||||
|
FQDN_REGEX='^([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$'
|
||||||
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$FQDN_REGEX"
|
||||||
|
}
|
||||||
|
|
||||||
check_root() {
|
check_root() {
|
||||||
if [ "$(id -u)" != 0 ]; then
|
if [ "$(id -u)" != 0 ]; then
|
||||||
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
||||||
@ -130,6 +135,22 @@ check_dns() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_server_dns() {
|
||||||
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
check_client_name() {
|
||||||
|
if [ -n "$VPN_CLIENT_NAME" ]; then
|
||||||
|
name_len="$(printf '%s' "$VPN_CLIENT_NAME" | wc -m)"
|
||||||
|
if [ "$name_len" -gt "64" ] || printf '%s' "$VPN_CLIENT_NAME" | LC_ALL=C grep -q '[^A-Za-z0-9_-]\+' \
|
||||||
|
|| case $VPN_CLIENT_NAME in -*) true;; *) false;; esac; then
|
||||||
|
exiterr "Invalid client name. Use one word only, no special characters except '-' and '_'."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
start_setup() {
|
start_setup() {
|
||||||
bigecho "VPN setup in progress... Please be patient."
|
bigecho "VPN setup in progress... Please be patient."
|
||||||
mkdir -p /opt/src
|
mkdir -p /opt/src
|
||||||
@ -504,6 +525,18 @@ IKEv2 guide: https://git.io/ikev2
|
|||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
set_up_ikev2() {
|
||||||
|
status=0
|
||||||
|
if [ -s /opt/src/ikev2.sh ] && [ ! -f /etc/ipsec.d/ikev2.conf ]; then
|
||||||
|
sleep 1
|
||||||
|
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_PUBLIC_IP="$public_ip" \
|
||||||
|
VPN_CLIENT_NAME="$VPN_CLIENT_NAME" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
|
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
||||||
|
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
||||||
|
/bin/bash /opt/src/ikev2.sh --auto || status=1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
vpnsetup() {
|
vpnsetup() {
|
||||||
check_root
|
check_root
|
||||||
check_vz
|
check_vz
|
||||||
@ -511,6 +544,8 @@ vpnsetup() {
|
|||||||
check_iface
|
check_iface
|
||||||
check_creds
|
check_creds
|
||||||
check_dns
|
check_dns
|
||||||
|
check_server_dns
|
||||||
|
check_client_name
|
||||||
start_setup
|
start_setup
|
||||||
install_setup_pkgs
|
install_setup_pkgs
|
||||||
detect_ip
|
detect_ip
|
||||||
@ -526,9 +561,10 @@ vpnsetup() {
|
|||||||
enable_on_boot
|
enable_on_boot
|
||||||
start_services
|
start_services
|
||||||
show_vpn_info
|
show_vpn_info
|
||||||
|
set_up_ikev2
|
||||||
}
|
}
|
||||||
|
|
||||||
## Defer setup until we have the complete script
|
## Defer setup until we have the complete script
|
||||||
vpnsetup "$@"
|
vpnsetup "$@"
|
||||||
|
|
||||||
exit 0
|
exit "$status"
|
||||||
|
@ -46,6 +46,11 @@ check_ip() {
|
|||||||
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_dns_name() {
|
||||||
|
FQDN_REGEX='^([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$'
|
||||||
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$FQDN_REGEX"
|
||||||
|
}
|
||||||
|
|
||||||
check_root() {
|
check_root() {
|
||||||
if [ "$(id -u)" != 0 ]; then
|
if [ "$(id -u)" != 0 ]; then
|
||||||
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
||||||
@ -112,6 +117,22 @@ check_dns() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_server_dns() {
|
||||||
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
check_client_name() {
|
||||||
|
if [ -n "$VPN_CLIENT_NAME" ]; then
|
||||||
|
name_len="$(printf '%s' "$VPN_CLIENT_NAME" | wc -m)"
|
||||||
|
if [ "$name_len" -gt "64" ] || printf '%s' "$VPN_CLIENT_NAME" | LC_ALL=C grep -q '[^A-Za-z0-9_-]\+' \
|
||||||
|
|| case $VPN_CLIENT_NAME in -*) true;; *) false;; esac; then
|
||||||
|
exiterr "Invalid client name. Use one word only, no special characters except '-' and '_'."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
start_setup() {
|
start_setup() {
|
||||||
bigecho "VPN setup in progress... Please be patient."
|
bigecho "VPN setup in progress... Please be patient."
|
||||||
mkdir -p /opt/src
|
mkdir -p /opt/src
|
||||||
@ -517,12 +538,26 @@ IKEv2 guide: https://git.io/ikev2
|
|||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
set_up_ikev2() {
|
||||||
|
status=0
|
||||||
|
if [ -s /opt/src/ikev2.sh ] && [ ! -f /etc/ipsec.d/ikev2.conf ]; then
|
||||||
|
sleep 1
|
||||||
|
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_PUBLIC_IP="$public_ip" \
|
||||||
|
VPN_CLIENT_NAME="$VPN_CLIENT_NAME" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
|
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
||||||
|
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
||||||
|
/bin/bash /opt/src/ikev2.sh --auto || status=1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
vpnsetup() {
|
vpnsetup() {
|
||||||
check_root
|
check_root
|
||||||
check_os
|
check_os
|
||||||
check_iface
|
check_iface
|
||||||
check_creds
|
check_creds
|
||||||
check_dns
|
check_dns
|
||||||
|
check_server_dns
|
||||||
|
check_client_name
|
||||||
start_setup
|
start_setup
|
||||||
install_setup_pkgs
|
install_setup_pkgs
|
||||||
detect_ip
|
detect_ip
|
||||||
@ -541,9 +576,10 @@ vpnsetup() {
|
|||||||
enable_on_boot
|
enable_on_boot
|
||||||
start_services
|
start_services
|
||||||
show_vpn_info
|
show_vpn_info
|
||||||
|
set_up_ikev2
|
||||||
}
|
}
|
||||||
|
|
||||||
## Defer setup until we have the complete script
|
## Defer setup until we have the complete script
|
||||||
vpnsetup "$@"
|
vpnsetup "$@"
|
||||||
|
|
||||||
exit 0
|
exit "$status"
|
||||||
|
@ -48,6 +48,11 @@ check_ip() {
|
|||||||
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_dns_name() {
|
||||||
|
FQDN_REGEX='^([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$'
|
||||||
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$FQDN_REGEX"
|
||||||
|
}
|
||||||
|
|
||||||
check_root() {
|
check_root() {
|
||||||
if [ "$(id -u)" != 0 ]; then
|
if [ "$(id -u)" != 0 ]; then
|
||||||
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
||||||
@ -132,6 +137,22 @@ check_dns() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_server_dns() {
|
||||||
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
check_client_name() {
|
||||||
|
if [ -n "$VPN_CLIENT_NAME" ]; then
|
||||||
|
name_len="$(printf '%s' "$VPN_CLIENT_NAME" | wc -m)"
|
||||||
|
if [ "$name_len" -gt "64" ] || printf '%s' "$VPN_CLIENT_NAME" | LC_ALL=C grep -q '[^A-Za-z0-9_-]\+' \
|
||||||
|
|| case $VPN_CLIENT_NAME in -*) true;; *) false;; esac; then
|
||||||
|
exiterr "Invalid client name. Use one word only, no special characters except '-' and '_'."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
start_setup() {
|
start_setup() {
|
||||||
bigecho "VPN setup in progress... Please be patient."
|
bigecho "VPN setup in progress... Please be patient."
|
||||||
mkdir -p /opt/src
|
mkdir -p /opt/src
|
||||||
@ -630,6 +651,18 @@ IKEv2 guide: https://git.io/ikev2
|
|||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
set_up_ikev2() {
|
||||||
|
status=0
|
||||||
|
if [ -s /opt/src/ikev2.sh ] && [ ! -f /etc/ipsec.d/ikev2.conf ]; then
|
||||||
|
sleep 1
|
||||||
|
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_PUBLIC_IP="$public_ip" \
|
||||||
|
VPN_CLIENT_NAME="$VPN_CLIENT_NAME" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
|
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
||||||
|
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
||||||
|
/bin/bash /opt/src/ikev2.sh --auto || status=1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
vpnsetup() {
|
vpnsetup() {
|
||||||
check_root
|
check_root
|
||||||
check_vz
|
check_vz
|
||||||
@ -637,6 +670,8 @@ vpnsetup() {
|
|||||||
check_iface
|
check_iface
|
||||||
check_creds
|
check_creds
|
||||||
check_dns
|
check_dns
|
||||||
|
check_server_dns
|
||||||
|
check_client_name
|
||||||
start_setup
|
start_setup
|
||||||
install_setup_pkgs
|
install_setup_pkgs
|
||||||
detect_ip
|
detect_ip
|
||||||
@ -657,9 +692,10 @@ vpnsetup() {
|
|||||||
enable_on_boot
|
enable_on_boot
|
||||||
start_services
|
start_services
|
||||||
show_vpn_info
|
show_vpn_info
|
||||||
|
set_up_ikev2
|
||||||
}
|
}
|
||||||
|
|
||||||
## Defer setup until we have the complete script
|
## Defer setup until we have the complete script
|
||||||
vpnsetup "$@"
|
vpnsetup "$@"
|
||||||
|
|
||||||
exit 0
|
exit "$status"
|
||||||
|
@ -47,6 +47,11 @@ check_ip() {
|
|||||||
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$IP_REGEX"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_dns_name() {
|
||||||
|
FQDN_REGEX='^([a-zA-Z0-9]([a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$'
|
||||||
|
printf '%s' "$1" | tr -d '\n' | grep -Eq "$FQDN_REGEX"
|
||||||
|
}
|
||||||
|
|
||||||
check_root() {
|
check_root() {
|
||||||
if [ "$(id -u)" != 0 ]; then
|
if [ "$(id -u)" != 0 ]; then
|
||||||
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
exiterr "Script must be run as root. Try 'sudo bash $0'"
|
||||||
@ -138,6 +143,22 @@ check_dns() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_server_dns() {
|
||||||
|
if [ -n "$VPN_DNS_NAME" ] && ! check_dns_name "$VPN_DNS_NAME"; then
|
||||||
|
exiterr "Invalid DNS name. 'VPN_DNS_NAME' must be a fully qualified domain name (FQDN)."
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
check_client_name() {
|
||||||
|
if [ -n "$VPN_CLIENT_NAME" ]; then
|
||||||
|
name_len="$(printf '%s' "$VPN_CLIENT_NAME" | wc -m)"
|
||||||
|
if [ "$name_len" -gt "64" ] || printf '%s' "$VPN_CLIENT_NAME" | LC_ALL=C grep -q '[^A-Za-z0-9_-]\+' \
|
||||||
|
|| case $VPN_CLIENT_NAME in -*) true;; *) false;; esac; then
|
||||||
|
exiterr "Invalid client name. Use one word only, no special characters except '-' and '_'."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
check_iptables() {
|
check_iptables() {
|
||||||
if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
|
if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
|
||||||
exiterr "IPTables check failed. Reboot and re-run this script."
|
exiterr "IPTables check failed. Reboot and re-run this script."
|
||||||
@ -618,6 +639,18 @@ EOF
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
set_up_ikev2() {
|
||||||
|
status=0
|
||||||
|
if [ -s /opt/src/ikev2.sh ] && [ ! -f /etc/ipsec.d/ikev2.conf ]; then
|
||||||
|
sleep 1
|
||||||
|
VPN_DNS_NAME="$VPN_DNS_NAME" VPN_PUBLIC_IP="$public_ip" \
|
||||||
|
VPN_CLIENT_NAME="$VPN_CLIENT_NAME" VPN_XAUTH_POOL="$VPN_XAUTH_POOL" \
|
||||||
|
VPN_DNS_SRV1="$VPN_DNS_SRV1" VPN_DNS_SRV2="$VPN_DNS_SRV2" \
|
||||||
|
VPN_PROTECT_CONFIG="$VPN_PROTECT_CONFIG" \
|
||||||
|
/bin/bash /opt/src/ikev2.sh --auto || status=1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
vpnsetup() {
|
vpnsetup() {
|
||||||
check_root
|
check_root
|
||||||
check_vz
|
check_vz
|
||||||
@ -625,6 +658,8 @@ vpnsetup() {
|
|||||||
check_iface
|
check_iface
|
||||||
check_creds
|
check_creds
|
||||||
check_dns
|
check_dns
|
||||||
|
check_server_dns
|
||||||
|
check_client_name
|
||||||
check_iptables
|
check_iptables
|
||||||
start_setup
|
start_setup
|
||||||
wait_for_apt
|
wait_for_apt
|
||||||
@ -644,9 +679,10 @@ vpnsetup() {
|
|||||||
enable_on_boot
|
enable_on_boot
|
||||||
start_services
|
start_services
|
||||||
show_vpn_info
|
show_vpn_info
|
||||||
|
set_up_ikev2
|
||||||
}
|
}
|
||||||
|
|
||||||
## Defer setup until we have the complete script
|
## Defer setup until we have the complete script
|
||||||
vpnsetup "$@"
|
vpnsetup "$@"
|
||||||
|
|
||||||
exit 0
|
exit "$status"
|
||||||
|
Loading…
Reference in New Issue
Block a user