mirror/setup-ipsec-vpn
1
0
Fork 0
mirror of synced 2025-02-21 06:23:15 +03:00
Code Issues Projects Releases Wiki Activity

Minor fix

Browse Source 
- Improve sed command in VPN upgrade scripts
This commit is contained in:
hwdsl2 2017-01-20 11:25:12 -06:00
parent 63697214b4
commit 721f7bfaa0
2 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
extras/vpnupgrade.sh
View File

@ -158,11 +158,14 @@ if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qs -F "$swan_ver"; then
fi fi
# Update ipsec.conf options # Update ipsec.conf options
sed -i.old -e "s/auth=esp/phase2=esp/" -e "s/forceencaps=yes/encapsulation=yes/" \ IKE_NEW=" ike=3des-sha1,3des-sha1;modp1024,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024"
-e "s/ike=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256/ike=3des-sha1,3des-sha1;modp1024,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024/" \ PHASE2_NEW=" phase2alg=3des-sha1,aes-sha1,aes-sha2"
-e "s/ike=3des-sha1,aes-sha1,aes256-sha2_256/ike=3des-sha1,3des-sha1;modp1024,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024/" \ sed -i.old -e "s/^[[:space:]]\+auth=esp\$/ phase2=esp/" \
-e "s/phase2alg=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256/phase2alg=3des-sha1,aes-sha1,aes-sha2/" \ -e "s/^[[:space:]]\+forceencaps=yes\$/ encapsulation=yes/" \
-e "s/phase2alg=3des-sha1,aes-sha1,aes256-sha2_256/phase2alg=3des-sha1,aes-sha1,aes-sha2/" /etc/ipsec.conf -e "s/^[[:space:]]\+ike=3des-sha1,aes-sha1\$/$IKE_NEW/" \
-e "s/^[[:space:]]\+ike=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256\$/$IKE_NEW/" \
-e "s/^[[:space:]]\+phase2alg=3des-sha1,aes-sha1\$/$PHASE2_NEW/" \
-e "s/^[[:space:]]\+phase2alg=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256\$/$PHASE2_NEW/" /etc/ipsec.conf
# Restart IPsec service # Restart IPsec service
service ipsec restart service ipsec restart

13
extras/vpnupgrade_centos.sh
View File

@ -155,11 +155,14 @@ restorecon /usr/local/sbin -Rv 2>/dev/null
restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null restorecon /usr/local/libexec/ipsec -Rv 2>/dev/null
# Update ipsec.conf options # Update ipsec.conf options
sed -i.old -e "s/auth=esp/phase2=esp/" -e "s/forceencaps=yes/encapsulation=yes/" \ IKE_NEW=" ike=3des-sha1,3des-sha1;modp1024,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024"
-e "s/ike=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256/ike=3des-sha1,3des-sha1;modp1024,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024/" \ PHASE2_NEW=" phase2alg=3des-sha1,aes-sha1,aes-sha2"
-e "s/ike=3des-sha1,aes-sha1,aes256-sha2_256/ike=3des-sha1,3des-sha1;modp1024,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024/" \ sed -i.old -e "s/^[[:space:]]\+auth=esp\$/ phase2=esp/" \
-e "s/phase2alg=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256/phase2alg=3des-sha1,aes-sha1,aes-sha2/" \ -e "s/^[[:space:]]\+forceencaps=yes\$/ encapsulation=yes/" \
-e "s/phase2alg=3des-sha1,aes-sha1,aes256-sha2_256/phase2alg=3des-sha1,aes-sha1,aes-sha2/" /etc/ipsec.conf -e "s/^[[:space:]]\+ike=3des-sha1,aes-sha1\$/$IKE_NEW/" \
-e "s/^[[:space:]]\+ike=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256\$/$IKE_NEW/" \
-e "s/^[[:space:]]\+phase2alg=3des-sha1,aes-sha1\$/$PHASE2_NEW/" \
-e "s/^[[:space:]]\+phase2alg=3des-sha1,aes-sha1,aes256-sha2_512,aes256-sha2_256\$/$PHASE2_NEW/" /etc/ipsec.conf
# Restart IPsec service # Restart IPsec service
service ipsec restart service ipsec restart