Cleanup

- Add a check for custom VPN subnets. Those can only be specified
  during initial VPN install.
  Ref: 1834b79

extras/quickstart.sh

@@ -197,14 +197,6 @@ check_client_name() {
   fi
 }
 
-check_iptables() {
-  if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
-    if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
-      exiterr "IPTables check failed. Reboot and re-run this script."
-    fi
-  fi
-}
-
 wait_for_apt() {
   count=0
   apt_lk=/var/lib/apt/lists/lock
@@ -298,7 +290,6 @@ vpnsetup() {
   check_dns
   check_server_dns
   check_client_name
-  check_iptables
   install_pkgs
   get_setup_url
   run_setup

vpnsetup.sh

@@ -197,14 +197,6 @@ check_client_name() {
   fi
 }
 
-check_iptables() {
-  if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
-    if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
-      exiterr "IPTables check failed. Reboot and re-run this script."
-    fi
-  fi
-}
-
 wait_for_apt() {
   count=0
   apt_lk=/var/lib/apt/lists/lock
@@ -298,7 +290,6 @@ vpnsetup() {
   check_dns
   check_server_dns
   check_client_name
-  check_iptables
   install_pkgs
   get_setup_url
   run_setup

vpnsetup_alpine.sh

@@ -146,6 +146,17 @@ check_client_name() {
   fi
 }
 
+check_subnets() {
+  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
+    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
+    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
+      exit 1
+    fi
+  fi
+}
+
 start_setup() {
   bigecho "VPN setup in progress... Please be patient."
   mkdir -p /opt/src
@@ -557,6 +568,7 @@ vpnsetup() {
   check_dns
   check_server_dns
   check_client_name
+  check_subnets
   check_libreswan
   start_setup
   install_setup_pkgs

vpnsetup_amzn.sh

@@ -128,6 +128,17 @@ check_client_name() {
   fi
 }
 
+check_subnets() {
+  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
+    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
+    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
+      exit 1
+    fi
+  fi
+}
+
 start_setup() {
   bigecho "VPN setup in progress... Please be patient."
   mkdir -p /opt/src
@@ -572,6 +583,7 @@ vpnsetup() {
   check_dns
   check_server_dns
   check_client_name
+  check_subnets
   check_libreswan
   start_setup
   install_setup_pkgs

vpnsetup_centos.sh

@@ -64,6 +64,17 @@ check_vz() {
   fi
 }
 
+check_lxc() {
+  # shellcheck disable=SC2154
+  if [ "$container" = "lxc" ] && [ ! -e /dev/ppp ]; then
+cat 1>&2 <<'EOF'
+Error: /dev/ppp is missing. LXC containers require configuration.
+       See: https://github.com/hwdsl2/setup-ipsec-vpn/issues/1014
+EOF
+  exit 1
+  fi
+}
+
 check_os() {
   os_type=centos
   rh_file="/etc/redhat-release"
@@ -156,6 +167,17 @@ check_client_name() {
   fi
 }
 
+check_subnets() {
+  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
+    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
+    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
+      exit 1
+    fi
+  fi
+}
+
 start_setup() {
   bigecho "VPN setup in progress... Please be patient."
   mkdir -p /opt/src
@@ -694,12 +716,14 @@ EOF
 vpnsetup() {
   check_root
   check_vz
+  check_lxc
   check_os
   check_iface
   check_creds
   check_dns
   check_server_dns
   check_client_name
+  check_subnets
   check_libreswan
   start_setup
   install_setup_pkgs

vpnsetup_ubuntu.sh

@@ -63,6 +63,17 @@ check_vz() {
   fi
 }
 
+check_lxc() {
+  # shellcheck disable=SC2154
+  if [ "$container" = "lxc" ] && [ ! -e /dev/ppp ]; then
+cat 1>&2 <<'EOF'
+Error: /dev/ppp is missing. LXC containers require configuration.
+       See: https://github.com/hwdsl2/setup-ipsec-vpn/issues/1014
+EOF
+  exit 1
+  fi
+}
+
 check_os() {
   os_type=$(lsb_release -si 2>/dev/null)
   [ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
@@ -154,6 +165,17 @@ check_client_name() {
   fi
 }
 
+check_subnets() {
+  if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
+    || [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
+    if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
+      echo "Error: You may only specify custom subnets during initial VPN install." >&2
+      echo "       See Advanced usage -> Customize VPN subnets for more information." >&2
+      exit 1
+    fi
+  fi
+}
+
 check_iptables() {
   if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
     exiterr "IPTables check failed. Reboot and re-run this script."
@@ -666,12 +688,14 @@ EOF
 vpnsetup() {
   check_root
   check_vz
+  check_lxc
   check_os
   check_iface
   check_creds
   check_dns
   check_server_dns
   check_client_name
+  check_subnets
   check_iptables
   check_libreswan
   start_setup