From 83234ddae4e7aa5e3c40cf83734b56721e308745 Mon Sep 17 00:00:00 2001 From: Nyr Date: Sat, 21 Apr 2018 21:06:41 +0200 Subject: [PATCH] Improve NAT detection Cleaner and better: - Not relying in an external service - Avoids a false positive when the server has multiple public IPv4 addresses and the user selects one which is not the default gateway --- openvpn-install.sh | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index 2ca7e94..91ca3d5 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -175,13 +175,11 @@ else # Autodetect IP address and pre-fill for the user IP=$(ip addr | grep 'inet' | grep -v inet6 | grep -vE '127\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | grep -oE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -1) read -p "IP address: " -e -i $IP IP - # Try to detect a NATed connection and ask the user about it - EXTERNALIP=$(wget -4qO- "http://whatismyip.akamai.com/" 2>/dev/null || curl -4s "http://whatismyip.akamai.com/") - if [[ "$IP" != "$EXTERNALIP" ]]; then + # If $IP is a private IP address, the server must be behind NAT + if echo "$IP" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168)'; then echo - echo "If your server is behind NAT, please provide the public IP address or hostname." - echo "If that's not the case, just ignore this and leave the next field blank." - read -p "Public IP address / Hostname: " -e PUBLICIP + echo "This server is behind NAT. What is the public IPv4 address or hostname?" + read -p "Public IP address / hostname: " -e PUBLICIP fi echo echo "Which protocol do you want for OpenVPN connections?"