From 95d9fc4e0360037bfc2ff8862c65b009dae7a51f Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Tue, 10 May 2022 08:47:59 -0500 Subject: [PATCH] Add subnet check - Add a check for custom VPN subnets. Those can only be specified during initial VPN install. Ref: 1834b79 --- vpnsetup_alpine.sh | 12 ++++++++++++ vpnsetup_amzn.sh | 12 ++++++++++++ vpnsetup_centos.sh | 12 ++++++++++++ vpnsetup_ubuntu.sh | 12 ++++++++++++ 4 files changed, 48 insertions(+) diff --git a/vpnsetup_alpine.sh b/vpnsetup_alpine.sh index eb9dd42..b9f2599 100755 --- a/vpnsetup_alpine.sh +++ b/vpnsetup_alpine.sh @@ -146,6 +146,17 @@ check_client_name() { fi } +check_subnets() { + if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ + || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then + if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + echo "Error: You may only specify custom subnets during initial VPN install." >&2 + echo " See Advanced usage -> Customize VPN subnets for more information." >&2 + exit 1 + fi + fi +} + start_setup() { bigecho "VPN setup in progress... Please be patient." mkdir -p /opt/src @@ -557,6 +568,7 @@ vpnsetup() { check_dns check_server_dns check_client_name + check_subnets check_libreswan start_setup install_setup_pkgs diff --git a/vpnsetup_amzn.sh b/vpnsetup_amzn.sh index 60a40af..dce1c94 100755 --- a/vpnsetup_amzn.sh +++ b/vpnsetup_amzn.sh @@ -128,6 +128,17 @@ check_client_name() { fi } +check_subnets() { + if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ + || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then + if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + echo "Error: You may only specify custom subnets during initial VPN install." >&2 + echo " See Advanced usage -> Customize VPN subnets for more information." >&2 + exit 1 + fi + fi +} + start_setup() { bigecho "VPN setup in progress... Please be patient." mkdir -p /opt/src @@ -572,6 +583,7 @@ vpnsetup() { check_dns check_server_dns check_client_name + check_subnets check_libreswan start_setup install_setup_pkgs diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh index 2b8973b..6684050 100755 --- a/vpnsetup_centos.sh +++ b/vpnsetup_centos.sh @@ -156,6 +156,17 @@ check_client_name() { fi } +check_subnets() { + if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ + || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then + if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + echo "Error: You may only specify custom subnets during initial VPN install." >&2 + echo " See Advanced usage -> Customize VPN subnets for more information." >&2 + exit 1 + fi + fi +} + start_setup() { bigecho "VPN setup in progress... Please be patient." mkdir -p /opt/src @@ -700,6 +711,7 @@ vpnsetup() { check_dns check_server_dns check_client_name + check_subnets check_libreswan start_setup install_setup_pkgs diff --git a/vpnsetup_ubuntu.sh b/vpnsetup_ubuntu.sh index 37a7259..e5d0768 100755 --- a/vpnsetup_ubuntu.sh +++ b/vpnsetup_ubuntu.sh @@ -154,6 +154,17 @@ check_client_name() { fi } +check_subnets() { + if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \ + || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then + if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then + echo "Error: You may only specify custom subnets during initial VPN install." >&2 + echo " See Advanced usage -> Customize VPN subnets for more information." >&2 + exit 1 + fi + fi +} + check_iptables() { if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then exiterr "IPTables check failed. Reboot and re-run this script." @@ -672,6 +683,7 @@ vpnsetup() { check_dns check_server_dns check_client_name + check_subnets check_iptables check_libreswan start_setup