1
0
mirror of synced 2024-11-23 21:36:09 +03:00

Compare commits

...

3 Commits

Author SHA1 Message Date
hwdsl2
9ab949d61d Cleanup 2022-05-10 09:03:00 -05:00
hwdsl2
857c6b9bea Add LXC check 2022-05-10 09:02:46 -05:00
hwdsl2
95d9fc4e03 Add subnet check
- Add a check for custom VPN subnets. Those can only be specified
  during initial VPN install.
  Ref: 1834b79
2022-05-10 08:47:59 -05:00
6 changed files with 72 additions and 18 deletions

View File

@ -197,14 +197,6 @@ check_client_name() {
fi fi
} }
check_iptables() {
if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
exiterr "IPTables check failed. Reboot and re-run this script."
fi
fi
}
wait_for_apt() { wait_for_apt() {
count=0 count=0
apt_lk=/var/lib/apt/lists/lock apt_lk=/var/lib/apt/lists/lock
@ -298,7 +290,6 @@ vpnsetup() {
check_dns check_dns
check_server_dns check_server_dns
check_client_name check_client_name
check_iptables
install_pkgs install_pkgs
get_setup_url get_setup_url
run_setup run_setup

View File

@ -197,14 +197,6 @@ check_client_name() {
fi fi
} }
check_iptables() {
if [ "$os_type" = "ubuntu" ] || [ "$os_type" = "debian" ] || [ "$os_type" = "raspbian" ]; then
if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
exiterr "IPTables check failed. Reboot and re-run this script."
fi
fi
}
wait_for_apt() { wait_for_apt() {
count=0 count=0
apt_lk=/var/lib/apt/lists/lock apt_lk=/var/lib/apt/lists/lock
@ -298,7 +290,6 @@ vpnsetup() {
check_dns check_dns
check_server_dns check_server_dns
check_client_name check_client_name
check_iptables
install_pkgs install_pkgs
get_setup_url get_setup_url
run_setup run_setup

View File

@ -146,6 +146,17 @@ check_client_name() {
fi fi
} }
check_subnets() {
if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
|| [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
echo "Error: You may only specify custom subnets during initial VPN install." >&2
echo " See Advanced usage -> Customize VPN subnets for more information." >&2
exit 1
fi
fi
}
start_setup() { start_setup() {
bigecho "VPN setup in progress... Please be patient." bigecho "VPN setup in progress... Please be patient."
mkdir -p /opt/src mkdir -p /opt/src
@ -557,6 +568,7 @@ vpnsetup() {
check_dns check_dns
check_server_dns check_server_dns
check_client_name check_client_name
check_subnets
check_libreswan check_libreswan
start_setup start_setup
install_setup_pkgs install_setup_pkgs

View File

@ -128,6 +128,17 @@ check_client_name() {
fi fi
} }
check_subnets() {
if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
|| [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
echo "Error: You may only specify custom subnets during initial VPN install." >&2
echo " See Advanced usage -> Customize VPN subnets for more information." >&2
exit 1
fi
fi
}
start_setup() { start_setup() {
bigecho "VPN setup in progress... Please be patient." bigecho "VPN setup in progress... Please be patient."
mkdir -p /opt/src mkdir -p /opt/src
@ -572,6 +583,7 @@ vpnsetup() {
check_dns check_dns
check_server_dns check_server_dns
check_client_name check_client_name
check_subnets
check_libreswan check_libreswan
start_setup start_setup
install_setup_pkgs install_setup_pkgs

View File

@ -64,6 +64,17 @@ check_vz() {
fi fi
} }
check_lxc() {
# shellcheck disable=SC2154
if [ "$container" = "lxc" ] && [ ! -e /dev/ppp ]; then
cat 1>&2 <<'EOF'
Error: /dev/ppp is missing. LXC containers require configuration.
See: https://github.com/hwdsl2/setup-ipsec-vpn/issues/1014
EOF
exit 1
fi
}
check_os() { check_os() {
os_type=centos os_type=centos
rh_file="/etc/redhat-release" rh_file="/etc/redhat-release"
@ -156,6 +167,17 @@ check_client_name() {
fi fi
} }
check_subnets() {
if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
|| [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
echo "Error: You may only specify custom subnets during initial VPN install." >&2
echo " See Advanced usage -> Customize VPN subnets for more information." >&2
exit 1
fi
fi
}
start_setup() { start_setup() {
bigecho "VPN setup in progress... Please be patient." bigecho "VPN setup in progress... Please be patient."
mkdir -p /opt/src mkdir -p /opt/src
@ -694,12 +716,14 @@ EOF
vpnsetup() { vpnsetup() {
check_root check_root
check_vz check_vz
check_lxc
check_os check_os
check_iface check_iface
check_creds check_creds
check_dns check_dns
check_server_dns check_server_dns
check_client_name check_client_name
check_subnets
check_libreswan check_libreswan
start_setup start_setup
install_setup_pkgs install_setup_pkgs

View File

@ -63,6 +63,17 @@ check_vz() {
fi fi
} }
check_lxc() {
# shellcheck disable=SC2154
if [ "$container" = "lxc" ] && [ ! -e /dev/ppp ]; then
cat 1>&2 <<'EOF'
Error: /dev/ppp is missing. LXC containers require configuration.
See: https://github.com/hwdsl2/setup-ipsec-vpn/issues/1014
EOF
exit 1
fi
}
check_os() { check_os() {
os_type=$(lsb_release -si 2>/dev/null) os_type=$(lsb_release -si 2>/dev/null)
[ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID") [ -z "$os_type" ] && [ -f /etc/os-release ] && os_type=$(. /etc/os-release && printf '%s' "$ID")
@ -154,6 +165,17 @@ check_client_name() {
fi fi
} }
check_subnets() {
if [ -n "$VPN_L2TP_NET" ] || [ -n "$VPN_L2TP_LOCAL" ] || [ -n "$VPN_L2TP_POOL" ] \
|| [ -n "$VPN_XAUTH_NET" ] || [ -n "$VPN_XAUTH_POOL" ]; then
if grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
echo "Error: You may only specify custom subnets during initial VPN install." >&2
echo " See Advanced usage -> Customize VPN subnets for more information." >&2
exit 1
fi
fi
}
check_iptables() { check_iptables() {
if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then if [ -x /sbin/iptables ] && ! iptables -nL INPUT >/dev/null 2>&1; then
exiterr "IPTables check failed. Reboot and re-run this script." exiterr "IPTables check failed. Reboot and re-run this script."
@ -666,12 +688,14 @@ EOF
vpnsetup() { vpnsetup() {
check_root check_root
check_vz check_vz
check_lxc
check_os check_os
check_iface check_iface
check_creds check_creds
check_dns check_dns
check_server_dns check_server_dns
check_client_name check_client_name
check_subnets
check_iptables check_iptables
check_libreswan check_libreswan
start_setup start_setup