Compare commits
2 Commits
e23dee31ca
...
24ce5bedd8
| Author | SHA1 | Date | |
|---|---|---|---|
|
24ce5bedd8 | ||
|
|
9458735d2c |
@ -105,22 +105,18 @@ check_creds() {
|
||||
[ -n "$YOUR_IPSEC_PSK" ] && VPN_IPSEC_PSK="$YOUR_IPSEC_PSK"
|
||||
[ -n "$YOUR_USERNAME" ] && VPN_USER="$YOUR_USERNAME"
|
||||
[ -n "$YOUR_PASSWORD" ] && VPN_PASSWORD="$YOUR_PASSWORD"
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then
|
||||
bigecho "VPN credentials not set by user. Generating random PSK and password..."
|
||||
VPN_IPSEC_PSK=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 20)
|
||||
VPN_USER=vpnuser
|
||||
VPN_PASSWORD=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 16)
|
||||
fi
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] || [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
|
||||
exiterr "All VPN credentials must be specified. Edit the script and re-enter them."
|
||||
fi
|
||||
|
||||
if printf '%s' "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
exiterr "VPN credentials must not contain non-ASCII characters."
|
||||
fi
|
||||
|
||||
case "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" in
|
||||
*[\\\"\']*)
|
||||
exiterr "VPN credentials must not contain these special characters: \\ \" '"
|
||||
@ -219,29 +215,32 @@ get_swan_ver() {
|
||||
SWAN_VER=4.6
|
||||
base_url="https://github.com/hwdsl2/vpn-extras/releases/download/v1.0.0"
|
||||
swan_ver_url="$base_url/v1-$os_type-$os_ver-swanver"
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" | head -n 1)
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
[ -z "$swan_ver_latest" ] && swan_ver_latest=$(curl -fsL "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9]{1,2})(\.([0-9]|[1-9][0-9]{1,2})){1,2}$'; then
|
||||
SWAN_VER="$swan_ver_latest"
|
||||
fi
|
||||
}
|
||||
|
||||
check_libreswan() {
|
||||
check_result=0
|
||||
ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
|
||||
swan_ver_old=$(printf '%s' "$ipsec_ver" | sed -e 's/.*Libreswan U\?//' -e 's/\( (\|\/K\).*//')
|
||||
ipsec_bin="/usr/local/sbin/ipsec"
|
||||
if [ -n "$swan_ver_old" ] && printf '%s' "$ipsec_ver" | grep -qi 'libreswan' \
|
||||
&& [ "$(find "$ipsec_bin" -mmin -10080)" ]; then
|
||||
check_result=1
|
||||
return 0
|
||||
fi
|
||||
get_swan_ver
|
||||
if [ -s "$ipsec_bin" ] && [ "$swan_ver_old" = "$SWAN_VER" ]; then
|
||||
touch "$ipsec_bin"
|
||||
fi
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ]
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ] && check_result=1
|
||||
}
|
||||
|
||||
get_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Downloading Libreswan..."
|
||||
cd /opt/src || exit 1
|
||||
swan_file="libreswan-$SWAN_VER.tar.gz"
|
||||
@ -259,7 +258,7 @@ get_libreswan() {
|
||||
}
|
||||
|
||||
install_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Compiling and installing Libreswan, please wait..."
|
||||
cd "libreswan-$SWAN_VER" || exit 1
|
||||
sed -i '28s/stdlib\.h/sys\/types.h/' include/fd.h
|
||||
@ -276,7 +275,6 @@ EOF
|
||||
set -x
|
||||
make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
|
||||
)
|
||||
|
||||
cd /opt/src || exit 1
|
||||
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
|
||||
if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
|
||||
@ -574,6 +572,7 @@ vpnsetup() {
|
||||
check_dns
|
||||
check_server_dns
|
||||
check_client_name
|
||||
check_libreswan
|
||||
start_setup
|
||||
install_setup_pkgs
|
||||
detect_ip
|
||||
|
||||
@ -87,22 +87,18 @@ check_creds() {
|
||||
[ -n "$YOUR_IPSEC_PSK" ] && VPN_IPSEC_PSK="$YOUR_IPSEC_PSK"
|
||||
[ -n "$YOUR_USERNAME" ] && VPN_USER="$YOUR_USERNAME"
|
||||
[ -n "$YOUR_PASSWORD" ] && VPN_PASSWORD="$YOUR_PASSWORD"
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then
|
||||
bigecho "VPN credentials not set by user. Generating random PSK and password..."
|
||||
VPN_IPSEC_PSK=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 20)
|
||||
VPN_USER=vpnuser
|
||||
VPN_PASSWORD=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 16)
|
||||
fi
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] || [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
|
||||
exiterr "All VPN credentials must be specified. Edit the script and re-enter them."
|
||||
fi
|
||||
|
||||
if printf '%s' "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
exiterr "VPN credentials must not contain non-ASCII characters."
|
||||
fi
|
||||
|
||||
case "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" in
|
||||
*[\\\"\']*)
|
||||
exiterr "VPN credentials must not contain these special characters: \\ \" '"
|
||||
@ -219,29 +215,32 @@ get_swan_ver() {
|
||||
SWAN_VER=4.6
|
||||
base_url="https://github.com/hwdsl2/vpn-extras/releases/download/v1.0.0"
|
||||
swan_ver_url="$base_url/v1-amzn-2-swanver"
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" | head -n 1)
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
[ -z "$swan_ver_latest" ] && swan_ver_latest=$(curl -fsL "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9]{1,2})(\.([0-9]|[1-9][0-9]{1,2})){1,2}$'; then
|
||||
SWAN_VER="$swan_ver_latest"
|
||||
fi
|
||||
}
|
||||
|
||||
check_libreswan() {
|
||||
check_result=0
|
||||
ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
|
||||
swan_ver_old=$(printf '%s' "$ipsec_ver" | sed -e 's/.*Libreswan U\?//' -e 's/\( (\|\/K\).*//')
|
||||
ipsec_bin="/usr/local/sbin/ipsec"
|
||||
if [ -n "$swan_ver_old" ] && printf '%s' "$ipsec_ver" | grep -qi 'libreswan' \
|
||||
&& [ "$(find "$ipsec_bin" -mmin -10080)" ]; then
|
||||
check_result=1
|
||||
return 0
|
||||
fi
|
||||
get_swan_ver
|
||||
if [ -s "$ipsec_bin" ] && [ "$swan_ver_old" = "$SWAN_VER" ]; then
|
||||
touch "$ipsec_bin"
|
||||
fi
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ]
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ] && check_result=1
|
||||
}
|
||||
|
||||
get_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Downloading Libreswan..."
|
||||
cd /opt/src || exit 1
|
||||
swan_file="libreswan-$SWAN_VER.tar.gz"
|
||||
@ -259,7 +258,7 @@ get_libreswan() {
|
||||
}
|
||||
|
||||
install_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Compiling and installing Libreswan, please wait..."
|
||||
cd "libreswan-$SWAN_VER" || exit 1
|
||||
cat > Makefile.inc.local <<'EOF'
|
||||
@ -278,7 +277,6 @@ EOF
|
||||
set -x
|
||||
make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
|
||||
)
|
||||
|
||||
cd /opt/src || exit 1
|
||||
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
|
||||
if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
|
||||
@ -590,6 +588,7 @@ vpnsetup() {
|
||||
check_dns
|
||||
check_server_dns
|
||||
check_client_name
|
||||
check_libreswan
|
||||
start_setup
|
||||
install_setup_pkgs
|
||||
detect_ip
|
||||
|
||||
@ -115,22 +115,18 @@ check_creds() {
|
||||
[ -n "$YOUR_IPSEC_PSK" ] && VPN_IPSEC_PSK="$YOUR_IPSEC_PSK"
|
||||
[ -n "$YOUR_USERNAME" ] && VPN_USER="$YOUR_USERNAME"
|
||||
[ -n "$YOUR_PASSWORD" ] && VPN_PASSWORD="$YOUR_PASSWORD"
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then
|
||||
bigecho "VPN credentials not set by user. Generating random PSK and password..."
|
||||
VPN_IPSEC_PSK=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 20)
|
||||
VPN_USER=vpnuser
|
||||
VPN_PASSWORD=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 16)
|
||||
fi
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] || [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
|
||||
exiterr "All VPN credentials must be specified. Edit the script and re-enter them."
|
||||
fi
|
||||
|
||||
if printf '%s' "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
exiterr "VPN credentials must not contain non-ASCII characters."
|
||||
fi
|
||||
|
||||
case "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" in
|
||||
*[\\\"\']*)
|
||||
exiterr "VPN credentials must not contain these special characters: \\ \" '"
|
||||
@ -290,29 +286,32 @@ get_swan_ver() {
|
||||
SWAN_VER=4.6
|
||||
base_url="https://github.com/hwdsl2/vpn-extras/releases/download/v1.0.0"
|
||||
swan_ver_url="$base_url/v1-$os_type-$os_ver-swanver"
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" | head -n 1)
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
[ -z "$swan_ver_latest" ] && swan_ver_latest=$(curl -fsL "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9]{1,2})(\.([0-9]|[1-9][0-9]{1,2})){1,2}$'; then
|
||||
SWAN_VER="$swan_ver_latest"
|
||||
fi
|
||||
}
|
||||
|
||||
check_libreswan() {
|
||||
check_result=0
|
||||
ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
|
||||
swan_ver_old=$(printf '%s' "$ipsec_ver" | sed -e 's/.*Libreswan U\?//' -e 's/\( (\|\/K\).*//')
|
||||
ipsec_bin="/usr/local/sbin/ipsec"
|
||||
if [ -n "$swan_ver_old" ] && printf '%s' "$ipsec_ver" | grep -qi 'libreswan' \
|
||||
&& [ "$(find "$ipsec_bin" -mmin -10080)" ]; then
|
||||
check_result=1
|
||||
return 0
|
||||
fi
|
||||
get_swan_ver
|
||||
if [ -s "$ipsec_bin" ] && [ "$swan_ver_old" = "$SWAN_VER" ]; then
|
||||
touch "$ipsec_bin"
|
||||
fi
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ]
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ] && check_result=1
|
||||
}
|
||||
|
||||
get_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Downloading Libreswan..."
|
||||
cd /opt/src || exit 1
|
||||
swan_file="libreswan-$SWAN_VER.tar.gz"
|
||||
@ -330,7 +329,7 @@ get_libreswan() {
|
||||
}
|
||||
|
||||
install_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Compiling and installing Libreswan, please wait..."
|
||||
cd "libreswan-$SWAN_VER" || exit 1
|
||||
cat > Makefile.inc.local <<'EOF'
|
||||
@ -349,7 +348,6 @@ EOF
|
||||
set -x
|
||||
make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
|
||||
)
|
||||
|
||||
cd /opt/src || exit 1
|
||||
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
|
||||
if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
|
||||
@ -718,6 +716,7 @@ vpnsetup() {
|
||||
check_dns
|
||||
check_server_dns
|
||||
check_client_name
|
||||
check_libreswan
|
||||
start_setup
|
||||
install_setup_pkgs
|
||||
detect_ip
|
||||
|
||||
@ -113,22 +113,18 @@ check_creds() {
|
||||
[ -n "$YOUR_IPSEC_PSK" ] && VPN_IPSEC_PSK="$YOUR_IPSEC_PSK"
|
||||
[ -n "$YOUR_USERNAME" ] && VPN_USER="$YOUR_USERNAME"
|
||||
[ -n "$YOUR_PASSWORD" ] && VPN_PASSWORD="$YOUR_PASSWORD"
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] && [ -z "$VPN_USER" ] && [ -z "$VPN_PASSWORD" ]; then
|
||||
bigecho "VPN credentials not set by user. Generating random PSK and password..."
|
||||
VPN_IPSEC_PSK=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 20)
|
||||
VPN_USER=vpnuser
|
||||
VPN_PASSWORD=$(LC_CTYPE=C tr -dc 'A-HJ-NPR-Za-km-z2-9' </dev/urandom 2>/dev/null | head -c 16)
|
||||
fi
|
||||
|
||||
if [ -z "$VPN_IPSEC_PSK" ] || [ -z "$VPN_USER" ] || [ -z "$VPN_PASSWORD" ]; then
|
||||
exiterr "All VPN credentials must be specified. Edit the script and re-enter them."
|
||||
fi
|
||||
|
||||
if printf '%s' "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" | LC_ALL=C grep -q '[^ -~]\+'; then
|
||||
exiterr "VPN credentials must not contain non-ASCII characters."
|
||||
fi
|
||||
|
||||
case "$VPN_IPSEC_PSK $VPN_USER $VPN_PASSWORD" in
|
||||
*[\\\"\']*)
|
||||
exiterr "VPN credentials must not contain these special characters: \\ \" '"
|
||||
@ -259,29 +255,32 @@ get_swan_ver() {
|
||||
SWAN_VER=4.6
|
||||
base_url="https://github.com/hwdsl2/vpn-extras/releases/download/v1.0.0"
|
||||
swan_ver_url="$base_url/v1-$os_type-$os_ver-swanver"
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" | head -n 1)
|
||||
swan_ver_latest=$(wget -t 3 -T 15 -qO- "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
[ -z "$swan_ver_latest" ] && swan_ver_latest=$(curl -fsL "$swan_ver_url" 2>/dev/null | head -n 1)
|
||||
if printf '%s' "$swan_ver_latest" | grep -Eq '^([3-9]|[1-9][0-9]{1,2})(\.([0-9]|[1-9][0-9]{1,2})){1,2}$'; then
|
||||
SWAN_VER="$swan_ver_latest"
|
||||
fi
|
||||
}
|
||||
|
||||
check_libreswan() {
|
||||
check_result=0
|
||||
ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
|
||||
swan_ver_old=$(printf '%s' "$ipsec_ver" | sed -e 's/.*Libreswan U\?//' -e 's/\( (\|\/K\).*//')
|
||||
ipsec_bin="/usr/local/sbin/ipsec"
|
||||
if [ -n "$swan_ver_old" ] && printf '%s' "$ipsec_ver" | grep -qi 'libreswan' \
|
||||
&& [ "$(find "$ipsec_bin" -mmin -10080)" ]; then
|
||||
check_result=1
|
||||
return 0
|
||||
fi
|
||||
get_swan_ver
|
||||
if [ -s "$ipsec_bin" ] && [ "$swan_ver_old" = "$SWAN_VER" ]; then
|
||||
touch "$ipsec_bin"
|
||||
fi
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ]
|
||||
[ "$swan_ver_old" = "$SWAN_VER" ] && check_result=1
|
||||
}
|
||||
|
||||
get_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Downloading Libreswan..."
|
||||
cd /opt/src || exit 1
|
||||
swan_file="libreswan-$SWAN_VER.tar.gz"
|
||||
@ -299,7 +298,7 @@ get_libreswan() {
|
||||
}
|
||||
|
||||
install_libreswan() {
|
||||
if ! check_libreswan; then
|
||||
if [ "$check_result" = "0" ]; then
|
||||
bigecho "Compiling and installing Libreswan, please wait..."
|
||||
cd "libreswan-$SWAN_VER" || exit 1
|
||||
cat > Makefile.inc.local <<'EOF'
|
||||
@ -326,7 +325,6 @@ EOF
|
||||
set -x
|
||||
make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
|
||||
)
|
||||
|
||||
cd /opt/src || exit 1
|
||||
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
|
||||
if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
|
||||
@ -693,6 +691,7 @@ vpnsetup() {
|
||||
check_server_dns
|
||||
check_client_name
|
||||
check_iptables
|
||||
check_libreswan
|
||||
start_setup
|
||||
wait_for_apt
|
||||
update_apt_cache
|
||||
|
||||
Loading…
Reference in New Issue
Block a user